[kwlug-disc] Remote access to machine behind CG-NAT
Chris Frey
cdfrey at foursquare.net
Fri Jun 27 16:00:55 EDT 2025
On Fri, Jun 27, 2025 at 11:41:46AM -0400, Khalid Baheyeldin wrote:
> I disabled systemd-resolved, and removed /etc/resolv.conf
I've found systemd-resolved to be very sticky. Make sure you try to
'dig' at your own address to make sure nothing is listening before
you start up dnsmasq.
> Using this in my /etc/dnsmasq.d/local.conf
>
> bind-interfaces
> bogus-priv
> domain-needed
> no-resolv
> no-poll
> domain=home.priv
> local=/home.priv/
> expand-hosts
> server=9.9.9.9
> server=1.1.1.1
I don't know what your /etc/hosts file looks like, but I haven't found
the need to use domain or local or expand-hosts. I use full names in
my /etc/hosts, such as circle.home.priv though.
Example /etc/hosts:
192.168.1.5 htmx1.foursquare.net
192.168.1.5 htmx2.foursquare.net
So no trailing dot, and no simple names.
Note that you can run dnsmasq as a standalone command with the above
options on the command line, just in case the default startup circuitry
gets in the way.
Also note that multiple dnsmasq's can be running at once if you have
virtual machines going (they are primarily for dhcp). Make sure they
are all stopped to avoid confusion.
- Chris
More information about the kwlug-disc
mailing list