Wildcard subdomains pointing to localhost

[OnlyTwentyCharacters]

I'm trying to get subdomains to resolve to localhost in CentOS 8. In CentOS 7 I had a dnsmasq config file which would say

Code: Select all

address=/example.com/127.0.0.1

Then in dhclient.conf I had

Code: Select all

timeout 300;
retry 60;
prepend domain-name-servers 127.0.0.1;

This allowed all the example.com subdomains to resolve to the localhost. In CentOS 8 everything is run by NetworkManager and I have not found a way to achieve the same behaviour. If I add the a NetworkManager configuration file with the following content

Code: Select all

[main]
dns=none

and manually run "dhclient" then NetworkManager no longer overwrites /etc/resolve.conf on every boot. Does anything update resolve.conf anymore if DNS servers happen to change or do I need to keep running dhclient manually?

What is the right way to do this in CentOS 8?

[jlehtone]

I'm trying to get subdomains to resolve to localhost in CentOS 8. In CentOS 7 I had a dnsmasq config file which would say

Code: Select all

address=/example.com/127.0.0.1

Then in dhclient.conf I had

Code: Select all

timeout 300;
retry 60;
prepend domain-name-servers 127.0.0.1;

This allowed all the example.com subdomains to resolve to the localhost. In CentOS 8 everything is run by NetworkManager and I have not found a way to achieve the same behaviour.

You have two things there:
1. DNS server
2. DNS client

Lets look at the DNS client side first. Clients read the resolv.conf, and we want them to use our DNS server.
Hence the address of our server before others. Can NetworkManager do that? Perhaps.
There are settings for each connection:

Code: Select all

# nmcli -f ipv4 c s $conn_name
ipv4.method:                            auto
ipv4.dns:                               --
ipv4.dns-search:                        --
ipv4.dns-options:                       --
ipv4.dns-priority:                      0
...
ipv4.ignore-auto-dns:                   no
...

See man nm-settings.
We can set ipv4.dns 127.0.0.1 although, if other values come from DHCP, then order might be wrong.
With ipv4.ignore-auto-dns yes DNS options offered by DHCP are ignored.

There is thus a possibility to tell NetworkManager what it writes to resolv.conf.
I have systems with two connections. One gets everything from DHCP. The other has higher ipv4.dns-priority and sets thus the first DNS.

Note that NetworkManager config has option dhcp. The default is to use internal dhcp client, but you can request the good old dhclient.
Therefore, you could have the familiar prepend domain-name-servers 127.0.0.1;.


Then we have the DNS server. We could have the dnsmasq.service (or named) configured and running. (That is what I've done.)
Or tell NetworkManager ...

If I add the a NetworkManager configuration file with the following content

Code: Select all

[main]
dns=none

and manually run "dhclient" then NetworkManager no longer overwrites /etc/resolve.conf on every boot. Does anything update resolve.conf anymore if DNS servers happen to change or do I need to keep running dhclient manually?

That option dns has many possible values, including dnsmasq (systemd-resolved and unboud). See man NetworkManager.conf
I have fancied testing that, but never got to it.

It is possible to pass custom options to the dnsmasq instance by adding them to files in the "/etc/NetworkManager/dnsmasq.d/" directory.

PS. The libvirtd.service, if installed and running, and with routed virtual networks (like the "default"), does start a separate dnsmasq process for each virtual network (to server DHCP and DNS for VMs).

[OnlyTwentyCharacters]

I found an article which discusses a similar approach for Fedora which should be closely related to CentOS.

https://fedoramagazine.org/using-the-ne ... sq-plugin/

I tested the dnsmasq plugin approch of the NetworkManager and it seems to work. I stopped and disabled the standalone dnsmasq service, added a configuration file /etc/NetworkManager/dnsmasq.d/test.conf with the following contents

Code: Select all

address=/example.com/127.0.0.1
addn-hosts=/etc/hosts

changed /etc/NetworkManager/conf.d/test.conf to

Code: Select all

[main]
dns=dnsmasq

and restarted NetworkManager (systemctl restart NetworkManager). Even after a reboot everything seems to work as expected.

If I didn't add "addn-hosts=/etc/hosts" to the configuration, for example "dig" would fail to resolve addresses from the hosts file.

[jlehtone]

If I didn't add "addn-hosts=/etc/hosts" to the configuration, for example "dig" would fail to resolve addresses from the hosts file.

The 'ps' output in that Hale's blog (and comments in file) shows that NetworkManager gives option '--no-hosts' to the dnsmasq.

-h, --no-hosts
Don't read the hostnames in /etc/hosts.

I do guess the rationale behind that.

You can have multiple "addn-hosts" statements, so you can organize your "hosts".

I like how Hale splits his config into multiple files. Each can be managed separately.


Hmm, one more thing worth deploying in "standard config" ...