Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 1 Feb 2004 15:58:41 -0500
From:      "Edward Carmody" <ecarmody@shoregroup.com>
To:        "'Luke Johannsen'" <luke@themango.org>
Cc:        freebsd-questions@freebsd.org
Subject:   RE: FBSD router/firewall  with dhclient & dhcpd (Solved)
Message-ID:  <007c01c3e906$2f884080$3268a8c0@edsdell8200>
In-Reply-To: <ED32131F-54F7-11D8-9D3E-000A95F07EF4@themango.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
From
"http://www.thekelleys.org.uk/dnsmasq/doc.html":

"Dnsmasq can be configured to automatically pick
up the addresses of it's upstream nameservers from
ppp or dhcp configuration. It will automatically
reload this information if it changes. This
facility will be of particular interest to
maintainers of Linux firewall distributions since
it allows dns configuration to be made automatic."

Bingo, 100%.  Thanks, Luke.  I owe you a beer...

-----Original Message-----
From: Luke Johannsen [mailto:luke@themango.org]=20
Sent: Sunday, February 01, 2004 3:48 PM
To: Edward Carmody
Cc: freebsd-questions@freebsd.org
Subject: Re: FBSD router/firewall with dhclient &
dhcpd



On Feb 1, 2004, at 2:24 PM, Edward Carmody wrote:

> Hi, I'm trying to replace my Linksys
> router/firewall/nat box with a FreeBSD box...I'm
> in the configuring/testing phase before I put it
> into production...
>
> My *potential* problem is that my ISP
> (Cablevision) re-addresses their DNS servers
> often.  My question is: is there a way to
> dynamically update the "option
> domain-name-servers" values in dhcpd.conf from
the "nameserver" values=20
> my ISP-facing, dhclient-using interface is
writing into "resolv.conf"?
>
> Or, more simply, how can my DHCP server hand out
> *known-fresh-and-good* ISP dns server addresses
> gathered from the wan-facing dhcp client??  The
> linksys box I have now does this
auto-magically...
> ;-)
>

I don't know if this is a solution that you want
but it works for me.=20
Setup DNSMasq on your firewall machine.=20
http://www.thekelleys.org.uk/dnsmasq/doc.html or
from the ports=20
/usr/ports/dns/dnsmasq. Then just point to your
internal IP on your=20
firewall as your nameserver. It's quick and
painless to setup and get=20
running and seems to work well for small networks.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?007c01c3e906$2f884080$3268a8c0>