Posted by virantha on Thu 01 April 2021

Client-specific DNS and DHCP settings with Dnsmasq and Edgeos / Edgerouter

I have my Edgerouter configured to hand out static leases for all my network clients using Dnsmasq, which also automatically puts an entry into the DNS with the client name. The Edgeos configuration for this is relatively straightforward:

dhcp-server {
...
    shared-network-name LAN1 {
        authoritative enable
        subnet 192.168.9.0/24 {
        ...
            static-mapping my-device {
                ip-address 192.168.9.33
                mac-address XX:XX:XX:XX:XX:XX
            }
        use-dnsmasq enable
        }
    }
}

Now, recently, I needed to get some of my devices (the children's tablets, for example) to use Pi-Hole for their DNS lookups, while leaving the rest of my clients untouched. In effect, I needed Dnsmasq to hand out a different DNS when the DHCP request comes in from a specific client. There's relatively scant information out there on how to get his to work with the static-mapping commands, so this may end up helping a few you in similar situations.

As far as I can tell, Edgeos doesn't currenlty support this directly with its own commands in the dhcp-server section. What you need to do is put some manual options in the dns section that will be passed on directly to the Dnsmasq conf file, while not conflicting with the Edgeos generated configuration options.

So, let's assume that I currently have the following static mapping, and I want to assign these clients below a separate DNS IP.

dhcp-server {
...
    shared-network-name LAN1 {
        authoritative enable
        subnet 192.168.9.0/24 {
        ...
            static-mapping child-device-1 {
                ip-address 192.168.9.10
                mac-address XX:XX:XX:XX:XX:XX
            }
            static-mapping child-device-2 {
                ip-address 192.168.9.11
                mac-address YY:YY:YY:YY:YY:YY
            }
        use-dnsmasq enable
        }
    }
}

What you need to do is remove the static-mapping for these devices from the services dhcp-server section, and instead put it in manually in services dns as follows:

dns {
    forwarding {
        ...
        options dhcp-host=XX:XX:XX:XX:XX:XX,set:LAN1,set:Child,192.168.9.10,child-device-1
        options dhcp-host=YY:YY:YY:YY:YY:YY,set:LAN1,set:Child,192.168.9.11,child-device-2
        options dhcp-option=tag:Child,option:dns-server,192.168.9.222
        ...
    }
}

The dhcp-host option assigns the static IP address mapping and host name to the device, and also adds it to two tags via the set directive. The first tag is LAN1, which Edgeos usually sets for you based on your shared-network-name, but in this case, because we removed the static-mapping entry for these clients, we need to add it back in manually. The second tag is the one you want to assign these specific devices to; in this example, I'm tagging these as my Child devices.

Then, the dhcp-option, for whatever devices match a Child tag, passes on the dns-server option via DHCP (in this case, child-device-1 and child-device-2 will get a DNS of 192.168.9.222 sent via DHCP when they get their IP address lease). Obviously for this to work on the client end, the client devices need to automatically set the DNS via DHCP (and not be set manually).

You can use this type of tagging to set any other option you want as well. For example, you could hand out PXE boot information to only certain clients, for example, or have different clients get different boot images.

© Virantha Ekanayake. Built using Pelican. Modified svbhack theme, based on theme by Carey Metcalfe