Hi Hubert, it may work, if you would run two dnsmasq instances. One for children with OpenDNS as upstream servers, another for everyone else.
default instance: bind-interfaces listen-address=10.1.0.1 server=8.8.8.8 domain=home.arpa dhcp-option=option:dns-server,10.1.0.1,8.8.8.8 dhcp-option=tag:child,option:dns-server:10.1.0.2,208.67.222.123 ... children instance: bind-interfaces listen-address=10.1.0.2 server=208.67.222.123 server=/home.arpa/10.1.0.1 Because the second instance would forward local domain to main instance, which also registers dhcp, they should be able to resolve any local names. But other names would be served by different server. Children might have reserved different address range, but it might be handy to be on shared broadcast link. Good for link-local address resolution and easy local games setup. Not sure it is relevant anymore. Not sure if 10.1.0.2 can be on the same interface as 10.1.0.1. It would work fine with just DNS, but I think dhcp requires interface=eth0 or similar. Which would block the second instance from working correctly. I think alternative address would have to be on different interface. Cheers, Petr On 9/21/21 08:32, Hubert FONGARNAND via Dnsmasq-discuss wrote: > Hi, > > Here's my use case : > > Some hosts in my home are for my children (smartphone, tablet...). I want 1) > they access internet > filtered by OpenDNS, 2) they could resolves internal hosts name (example home > printer, nas). > > My idea was to add the possibility to use the "server" directive like that > > |server = tag:child,208.67. 222.123 // OpenDNS family shield for children. > |server = 8.8.8.8 // default upstream for everyone else| > > I know that i can use DHCP for doing > > |dhcp-option=tag:child,option:dns-server,208.67. 222.123| > > But with this solution my childs devices would not be able to resolv internal > hosts (private > domain) which are handled by dnsmasq itself. > > Thanks for your ideas. We can try patches on github ? > > Sincerely, > > Hubert > > _______________________________________________ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss > -- Petr Menšík Software Engineer Red Hat, http://www.redhat.com/ email: pemen...@redhat.com PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
