[kwlug-disc] Remote access to machine behind CG-NAT
Paul Nijjar
paul_nijjar at yahoo.ca
Sat Jun 28 13:10:32 EDT 2025
My understanding is that Khalid wants to turn off DHCP and only use
DNS (a mix of static entries and upstream).
On Sat, Jun 28, 2025 at 11:09:53AM +0300, Anton Avramov via kwlug-disc wrote:
> I use dnsmasq in more than a thousand systems along systemd-resolved for
> dns, dhcp and tftp without a problem for years.
>
> For the DHCP to get activated you need to define a dhcp-range=. The range
> should be accessible to the static ip of the interface you want to use.
>
> If using firewall you would have to open the appropriate ports also.
>
> hope this helps, I'm writhing from the beach and its tricky to be more
> specific, but if you still get problems let me know and I`ll try to give
> exact examples.
>
> Cheers
>
> On 2025-06-27 11:00 p.m., Chris Frey wrote:
> > On Fri, Jun 27, 2025 at 11:41:46AM -0400, Khalid Baheyeldin wrote:
> > > I disabled systemd-resolved, and removed /etc/resolv.conf
> > I've found systemd-resolved to be very sticky. Make sure you try to
> > 'dig' at your own address to make sure nothing is listening before
> > you start up dnsmasq.
> >
> >
> > > Using this in my /etc/dnsmasq.d/local.conf
> > >
> > > bind-interfaces
> > > bogus-priv
> > > domain-needed
> > > no-resolv
> > > no-poll
> > > domain=home.priv
> > > local=/home.priv/
> > > expand-hosts
> > > server=9.9.9.9
> > > server=1.1.1.1
> > I don't know what your /etc/hosts file looks like, but I haven't found
> > the need to use domain or local or expand-hosts. I use full names in
> > my /etc/hosts, such as circle.home.priv though.
> >
> > Example /etc/hosts:
> > 192.168.1.5 htmx1.foursquare.net
> > 192.168.1.5 htmx2.foursquare.net
> >
> > So no trailing dot, and no simple names.
> >
> > Note that you can run dnsmasq as a standalone command with the above
> > options on the command line, just in case the default startup circuitry
> > gets in the way.
> >
> > Also note that multiple dnsmasq's can be running at once if you have
> > virtual machines going (they are primarily for dhcp). Make sure they
> > are all stopped to avoid confusion.
> >
> > - Chris
> >
> >
> > _______________________________________________
> > kwlug-disc mailing list
> > To unsubscribe, send an email to kwlug-disc-leave at kwlug.org
> > with the subject "unsubscribe", or email
> > kwlug-disc-owner at kwlug.org to contact a human being.
>
> _______________________________________________
> kwlug-disc mailing list
> To unsubscribe, send an email to kwlug-disc-leave at kwlug.org
> with the subject "unsubscribe", or email
> kwlug-disc-owner at kwlug.org to contact a human being.
More information about the kwlug-disc
mailing list