Différences
Ci-dessous, les différences entre deux révisions de la page.
Les deux révisions précédentesRévision précédenteProchaine révision | Révision précédenteProchaine révisionLes deux révisions suivantes | ||
logiciel:internet:dnsmasq:dnsmasq.conf [2020/11/05 10:11] – [Options] admin | logiciel:internet:dnsmasq:dnsmasq.conf [2020/11/06 10:43] – [Options] admin | ||
---|---|---|---|
Ligne 164: | Ligne 164: | ||
: Send extra options which are tagged as " | : Send extra options which are tagged as " | ||
? dhcp-host=id: | ? dhcp-host=id: | ||
- | :Give a fixed IPv6 address and name to client with | + | : Give a fixed IPv6 address and name to client with DUID 00: |
- | # DUID 00: | + | : |
- | # Note the MAC addresses CANNOT be used to identify DHCPv6 clients. | + | : |
- | # Note also that the [] around the IPv6 address are obligatory. | + | ? dhcp-ignore=tag: |
- | + | : | |
- | # Ignore any clients which are not specified in dhcp-host lines | + | : |
- | # or / | + | ? |
- | # This relies on the special " | + | : |
- | # a host is matched. | + | ? |
- | #dhcp-ignore=tag:!known | + | : |
- | + | ? | |
- | # Send extra options which are tagged as " | + | : |
- | # DHCP vendorclass string includes the substring " | + | ? read-ethers |
- | #dhcp-vendorclass=set:red,Linux | + | |
- | + | ? dhcp-option | |
- | # Send extra options which are tagged as " | + | : |
- | # of whose DHCP userclass strings includes the substring " | + | : |
- | #dhcp-userclass=set:red,accounts | + | : |
- | + | : | |
- | # Send extra options which are tagged as " | + | : |
- | # MAC address matches the pattern. | + | ? dhcp-option=3, |
- | #dhcp-mac=set:red, | + | : |
- | + | ? | |
- | # If this line is uncommented, | + | : |
- | # on the ethernet-address/ | + | ? |
- | # been given as --dhcp-host options. Useful if you keep | + | : |
- | # MAC-address/ | + | ? |
- | #read-ethers | + | : |
- | + | ? | |
- | # Send options to hosts which ask for a DHCP lease. | + | : |
- | # See RFC 2132 for details of available options. | + | ? |
- | # Common options can be given to dnsmasq by name: | + | : |
- | # run " | + | ? |
- | # Note that all the common settings, such as netmask and | + | |
- | # broadcast address, DNS server and default route, are given | + | ? |
- | # sane defaults by dnsmasq. You very likely will not need | + | : |
- | # any dhcp-options. If you use Windows clients and Samba, there | + | ? |
- | # are some options which are recommended, | + | : |
- | # end of this section. | + | ? |
- | + | : | |
- | # Override the default route supplied by dnsmasq, which assumes the | + | ? |
- | # router is the same machine as the one running dnsmasq. | + | : |
- | #dhcp-option=3,1.2.3.4 | + | ? |
- | + | : | |
- | # Do the same thing, but using the option name | + | ? |
- | #dhcp-option=option: | + | : |
- | + | ? | |
- | # Override the default route supplied by dnsmasq and send no default | + | ? dhcp-option=129, |
- | # route at all. Note that this only works for the options sent by | + | : |
- | # default (1, 3, 6, 12, 28) the same line will send a zero-length option | + | ? |
- | # for all other option numbers. | + | : |
- | #dhcp-option=3 | + | : |
- | + | ? | |
- | # Set the NTP time server addresses to 192.168.0.4 and 10.10.0.5 | + | : set up dnsmasq in the same way as is specified for the ISC dhcpcd in http:// |
- | #dhcp-option=option:ntp-server,192.168.0.4,10.10.0.5 | + | ? |
- | + | : option ip-forwarding off | |
- | # Send DHCPv6 option. Note [] around IPv6 addresses. | + | ? |
- | #dhcp-option=option6: | + | : set netbios-over-TCP/ |
- | + | ? | |
- | # Send DHCPv6 option for namservers as the machine running | + | : netbios datagram distribution server |
- | # dnsmasq and another. | + | ? |
- | #dhcp-option=option6: | + | : netbios node type |
- | + | ? dhcp-option=252," | |
- | # Ask client to poll for option changes every six hours. (RFC4242) | + | : |
- | #dhcp-option=option6:information-refresh-time,6h | + | ? |
- | + | : | |
- | # Set option 58 client renewal time (T1). Defaults to half of the | + | ? |
- | # lease time if not specified. (RFC2132) | + | : Send RFC-3442 classless static routes (note the netmask encoding) |
- | #dhcp-option=option: | + | ? dhcp-option=vendor: |
- | + | : Send vendor-class specific options encapsulated in DHCP option 43. | |
- | # Set option 59 rebinding time (T2). Defaults to 7/8 of the | + | : |
- | # lease time if not specified. (RFC2132) | + | ? |
- | #dhcp-option=option:T2,2m | + | : |
- | + | ? | |
- | # Set the NTP time server address to be the same machine as | + | : |
- | # is running dnsmasq | + | ? |
- | #dhcp-option=42,0.0.0.0 | + | |
- | + | ? dhcp-option-force=208,f1:00:74:7e | |
- | # Set the NIS domain name to " | + | : |
- | #dhcp-option=40,welly | + | ? |
- | + | | |
- | # Set the default time-to-live to 50 | + | ? |
- | #dhcp-option=23,50 | + | : |
- | + | ? | |
- | # Set the "all subnets are local" flag | + | : |
- | #dhcp-option=27,1 | + | ? |
- | + | : | |
- | # Send the etherboot magic flag and then etherboot options (a string). | + | ? dhcp-boot=pxelinux.0 |
- | #dhcp-option=128,e4:45: | + | : |
- | #dhcp-option=129,NIC=eepro100 | + | ? |
- | + | : | |
- | # Specify an option which will only be sent to the " | + | ? |
- | # (see dhcp-range for the declaration of the " | + | : The idea is to send two different filenames, the first loads iPXE, and the second tells iPXE what to load. The dhcp-match sets the ipxe tag for requests from iPXE. |
- | # Note that the tag: part must precede the option: part. | + | ? |
- | # | + | : |
- | + | ? dhcp-match=set: | |
- | # The following DHCP options set up dnsmasq in the same way as is specified | + | : |
- | # for the ISC dhcpcd in | + | ? dhcp-boot=tag: |
- | # http:// | + | : |
- | # adapted for a typical dnsmasq installation where the host running | + | ? |
- | # dnsmasq is also the host running samba. | + | : All the options are encapsulated within option 175 |
- | # you may want to uncomment some or all of them if you use | + | ? |
- | # Windows clients and Samba. | + | : priority code |
- | #dhcp-option=19, | + | ? |
- | #dhcp-option=44, | + | : no-proxydhcp |
- | #dhcp-option=45, | + | ? |
- | #dhcp-option=46, | + | : bus-id |
- | + | ? | |
- | # Send an empty WPAD option. This may be REQUIRED to get windows 7 to behave. | + | : BIOS drive code |
- | #dhcp-option=252," | + | ? |
- | + | : iSCSI username | |
- | # Send RFC-3397 DNS domain search DHCP option. WARNING: Your DHCP client | + | ? |
- | # probably doesn' | + | : iSCSI password |
- | # | + | ? dhcp-match |
- | + | : | |
- | # Send RFC-3442 classless static routes (note the netmask encoding) | + | : PXE clients are supposed to send their architecture as option 93. (See RFC 4578) |
- | #dhcp-option=121, | + | ? |
- | + | ? | |
- | # Send vendor-class specific options encapsulated in DHCP option 43. | + | ? |
- | # The meaning of the options is defined by the vendor-class so | + | ? |
- | # options are sent only when the client supplied vendor class | + | ? pxe-prompt |
- | # matches the class given here. (A substring match is OK, so " | + | : |
- | # matches " | + | ? pxe-prompt=" |
- | # mtftp address to 0.0.0.0 for PXEClients. | + | : Do real PXE, rather than just booting a single file, this is an alternative to dhcp-boot. |
- | #dhcp-option=vendor: | + | ? |
- | + | : | |
- | # Send microsoft-specific option to tell windows to release the DHCP lease | + | ? |
- | # when it shuts down. Note the " | + | : |
- | # value as a four-byte integer - that's what microsoft wants. See | + | ? pxe-service=x86PC, |
- | # http:// | + | : |
- | #dhcp-option=vendor: | + | ? |
- | + | : | |
- | # Send the Encapsulated-vendor-class ID needed by some configurations of | + | ? |
- | # Etherboot to allow is to recognise the DHCP server. | + | : |
- | #dhcp-option=vendor:Etherboot, | + | : |
- | + | ? | |
- | # Send options to PXELinux. Note that we need to send the options even | + | : |
- | # though they don't appear in the parameter request list, so we need | + | ? |
- | # to use dhcp-option-force here. | + | : |
- | # See http:// | + | ? multicast-FTP |
- | # Magic number - needed before anything else is recognised | + | : |
- | #dhcp-option-force=208,f1:00:74:7e | + | ? enable-tftp |
- | # Configuration file name | + | : |
- | #dhcp-option-force=209,configs/common | + | ? |
- | # Path prefix | + | : |
- | #dhcp-option-force=210,/ | + | ? |
- | # Reboot time. (Note ' | + | : |
- | #dhcp-option-force=211,30i | + | ? |
- | + | : | |
- | # Set the boot filename for netboot/ | + | ? |
- | # this if you want to boot machines over the network and you will need | + | : |
- | # a TFTP server; either dnsmasq' | + | ? dhcp-boot |
- | # external one. (See below for how to enable the TFTP server.) | + | : |
- | #dhcp-boot=pxelinux.0 | + | ? dhcp-boot=tag: |
- | + | : Set the boot file name only when the " | |
- | # The same as above, but use custom tftp-server instead machine running dnsmasq | + | ? |
- | # | + | : |
- | + | : | |
- | # Boot for iPXE. The idea is to send two different | + | ? |
- | # filenames, the first loads iPXE, and the second tells iPXE what to | + | : |
- | # load. The dhcp-match sets the ipxe tag for requests from iPXE. | + | ? |
- | #dhcp-boot=undionly.kpxe | + | : |
- | #dhcp-match=set: | + | ? dhcp-lease-max=150 |
- | #dhcp-boot=tag: | + | : |
- | + | ? | |
- | # Encapsulated options for iPXE. All the options are | + | : |
- | # encapsulated within option 175 | + | : |
- | #dhcp-option=encap: | + | ? |
- | #dhcp-option=encap: | + | : |
- | #dhcp-option=encap: | + | ? |
- | #dhcp-option=encap: | + | : |
- | #dhcp-option=encap: | + | : |
- | #dhcp-option=encap: | + | ? |
- | + | : | |
- | # Test for the architecture of a netboot client. PXE clients are | + | : |
- | # supposed to send their architecture as option 93. (See RFC 4578) | + | ? cache-size=150 |
- | #dhcp-match=peecees, | + | : |
- | #dhcp-match=itanics, | + | ? no-negcache |
- | #dhcp-match=hammers, | + | : |
- | #dhcp-match=mactels, | + | ? local-ttl= |
- | + | | |
- | # Do real PXE, rather than just booting a single file, this is an | + | ? bogus-nxdomain=64.94.110.11 |
- | # alternative to dhcp-boot. | + | : |
- | #pxe-prompt=" | + | ? alias |
- | # or with timeout before first available action is taken: | + | : |
- | #pxe-prompt="Press F8 for menu.", 60 | + | ? alias=1.2.3.4, |
- | + | : This alias makes a result of 1.2.3.4 appear as 5.6.7.8 | |
- | # Available boot services. for PXE. | + | ? |
- | #pxe-service=x86PC, | + | : |
- | + | ? | |
- | # Loads < | + | : |
- | #pxe-service=x86PC, | + | ? MX records |
- | + | : | |
- | # Loads < | + | ? mx-host=maildomain.com, |
- | # Beware this fails on old PXE ROMS. | + | : |
- | #pxe-service=x86PC, | + | ? |
- | + | : | |
- | # Use bootserver on network, found my multicast or broadcast. | + | ? localmx |
- | #pxe-service=x86PC, | + | : |
- | + | ? selfmx | |
- | # Use bootserver at a known IP address. | + | : |
- | #pxe-service=x86PC, | + | ? srv-host |
- | + | : | |
- | # If you have multicast-FTP available, | + | : |
- | # information for that can be passed in a similar way using options 1 | + | : |
- | # to 5. See page 19 of | + | : |
- | # http:// | + | : |
- | + | ? srv-host=_ldap._tcp.example.com, | |
- | + | : | |
- | # Enable dnsmasq' | + | ? domain=example.com\\ |
- | #enable-tftp | + | : |
- | + | ? | |
- | # Set the root directory for files available via FTP. | + | : Two SRV records for LDAP, each with different priorities |
- | #tftp-root=/ | + | ? srv-host=_ldap._tcp.example.com |
- | + | : | |
- | # Do not abort if the tftp-root is unavailable | + | ? ptr-record=_http._tcp.dns-sd-services," |
- | #tftp-no-fail | + | : |
- | + | ? txt-record | |
- | # Make the TFTP server more secure: with this set, only files owned by | + | : |
- | # the user dnsmasq is running as will be send over the net. | + | : |
- | #tftp-secure | + | ? |
- | + | : | |
- | # This option stops dnsmasq from negotiating a larger blocksize for TFTP | + | ? |
- | # transfers. It will slow things down, but may rescue some broken TFTP | + | : Example zeroconf |
- | # clients. | + | ? cname=bertand, |
- | #tftp-no-blocksize | + | : Provide an alias for a " |
- | + | ? log-queries | |
- | # Set the boot file name only when the " | + | : |
- | #dhcp-boot=tag:red,pxelinux.red-net | + | ? |
- | + | : | |
- | # An example of dhcp-boot with an external TFTP server: the name and IP | + | ? |
- | # address of the server are given after the filename. | + | ? |
- | # Can fail with old PXE ROMS. Overridden by --pxe-service. | + | : Include another lot of configuration options. |
- | #dhcp-boot=/ | + | |
- | + | ||
- | # If there are multiple external tftp servers having a same name | + | |
- | # (using /etc/hosts) then that name can be specified as the | + | |
- | # tftp_servername (the third option to dhcp-boot) and in that | + | |
- | # case dnsmasq resolves this name and returns the resultant IP | + | |
- | # addresses in round robin fashion. This facility can be used to | + | |
- | # load balance the tftp load among a set of servers. | + | |
- | #dhcp-boot=/ | + | |
- | + | ||
- | # Set the limit on DHCP leases, the default is 150 | + | |
- | #dhcp-lease-max=150 | + | |
- | + | ||
- | # The DHCP server needs somewhere on disk to keep its lease database. | + | |
- | # This defaults to a sane location, but if you want to change it, use | + | |
- | # the line below. | + | |
- | #dhcp-leasefile=/ | + | |
- | + | ||
- | # Set the DHCP server to authoritative mode. In this mode it will barge in | + | |
- | # and take over the lease for any client which broadcasts on the network, | + | |
- | # whether it has a record of the lease or not. This avoids long timeouts | + | |
- | # when a machine wakes up on a new network. DO NOT enable this if there' | + | |
- | # the slightest chance that you might end up accidentally configuring a DHCP | + | |
- | # server for your campus/ | + | |
- | # the same option, and this URL provides more information: | + | |
- | # http:// | + | |
- | #dhcp-authoritative | + | |
- | + | ||
- | # Set the DHCP server to enable DHCPv4 Rapid Commit Option per RFC 4039. | + | |
- | # In this mode it will respond to a DHCPDISCOVER message including a Rapid Commit | + | |
- | # option with a DHCPACK including a Rapid Commit option and fully committed address | + | |
- | # and configuration information. This must only be enabled if either the server is | + | |
- | # the only server for the subnet, or multiple servers are present and they each | + | |
- | # commit a binding for all clients. | + | |
- | #dhcp-rapid-commit | + | |
- | + | ||
- | # Run an executable when a DHCP lease is created or destroyed. | + | |
- | # The arguments sent to the script are " | + | |
- | # then the MAC address, the IP address and finally the hostname | + | |
- | # if there is one. | + | |
- | #dhcp-script=/bin/echo | + | |
- | + | ||
- | # Set the cachesize here. | + | |
- | #cache-size=150 | + | |
- | + | ||
- | # If you want to disable negative caching, uncomment this. | + | |
- | #no-negcache | + | |
- | + | ||
- | # Normally responses which come from /etc/hosts and the DHCP lease | + | |
- | # file have Time-To-Live set as zero, which conventionally means | + | |
- | # do not cache further. If you are happy to trade lower load on the | + | |
- | # server for potentially stale date, you can set a time-to-live (in | + | |
- | # seconds) here. | + | |
- | #local-ttl= | + | |
- | + | ||
- | # If you want dnsmasq to detect attempts by Verisign to send queries | + | |
- | # to unregistered .com and .net hosts to its sitefinder service and | + | |
- | # have dnsmasq instead return the correct NXDOMAIN response, uncomment | + | |
- | # this line. You can add similar lines to do the same for other | + | |
- | # registries which have implemented wildcard A records. | + | |
- | # | + | |
- | + | ||
- | # If you want to fix up DNS results from upstream servers, use the | + | |
- | # alias option. This only works for IPv4. | + | |
- | # This alias makes a result of 1.2.3.4 appear as 5.6.7.8 | + | |
- | #alias=1.2.3.4,5.6.7.8 | + | |
- | # and this maps 1.2.3.x to 5.6.7.x | + | |
- | #alias=1.2.3.0,5.6.7.0, | + | |
- | # and this maps 192.168.0.10-> | + | |
- | # | + | |
- | + | ||
- | # Change these lines if you want dnsmasq to serve MX records. | + | |
- | + | ||
- | # Return an MX record named " | + | |
- | # servermachine.com and preference 50 | + | |
- | #mx-host=maildomain.com, | + | |
- | + | ||
- | # Set the default target for MX records created using the localmx option. | + | |
- | # | + | |
- | + | ||
- | # Return an MX record pointing to the mx-target for all local | + | |
- | # machines. | + | |
- | #localmx | + | |
- | + | ||
- | # Return an MX record pointing to itself for all local machines. | + | |
- | #selfmx | + | |
- | + | ||
- | # Change the following lines if you want dnsmasq to serve SRV | + | |
- | # records. | + | |
- | # Active Directory and other windows-originated DNS requests. | + | |
- | # See RFC 2782. | + | |
- | # You may add multiple srv-host lines. | + | |
- | # The fields are < | + | |
- | # If the domain part if missing from the name (so that is just has the | + | |
- | # service and protocol sections) then the domain given by the domain= | + | |
- | # config option is used. (Note that expand-hosts does not need to be | + | |
- | # set for this to work.) | + | |
- | + | ||
- | # A SRV record sending LDAP for the example.com domain to | + | |
- | # ldapserver.example.com port 389 | + | |
- | #srv-host=_ldap._tcp.example.com, | + | |
- | + | ||
- | # A SRV record sending LDAP for the example.com domain to | + | |
- | # ldapserver.example.com port 389 (using domain=) | + | |
- | # | + | |
- | #srv-host=_ldap._tcp, | + | |
- | + | ||
- | # Two SRV records for LDAP, each with different priorities | + | |
- | #srv-host=_ldap._tcp.example.com, | + | |
- | #srv-host=_ldap._tcp.example.com, | + | |
- | + | ||
- | # A SRV record indicating that there is no LDAP server for the domain | + | |
- | # example.com | + | |
- | #srv-host=_ldap._tcp.example.com | + | |
- | + | ||
- | # The following line shows how to make dnsmasq serve an arbitrary PTR | + | |
- | # record. This is useful for DNS-SD. (Note that the | + | |
- | # domain-name expansion done for SRV records _does_not | + | |
- | # occur for PTR records.) | + | |
- | #ptr-record=_http._tcp.dns-sd-services," | + | |
- | + | ||
- | # Change the following lines to enable dnsmasq to serve TXT records. | + | |
- | # These are used for things like SPF and zeroconf. (Note that the | + | |
- | # domain-name expansion done for SRV records _does_not | + | |
- | # occur for TXT records.) | + | |
- | + | ||
- | #Example SPF. | + | |
- | #txt-record=example.com," | + | |
- | + | ||
- | #Example | + | |
- | #txt-record=_http._tcp.example.com, | + | |
- | + | ||
- | # Provide an alias for a " | + | |
- | # for targets which are names from DHCP or /etc/hosts. Give host | + | |
- | # " | + | |
- | # | + | |
- | + | ||
- | # For debugging purposes, log each DNS query as it passes through | + | |
- | # dnsmasq. | + | |
- | #log-queries | + | |
- | + | ||
- | # Log lots of extra information about DHCP transactions. | + | |
- | #log-dhcp | + | |
- | + | ||
- | # Include another lot of configuration options. | + | |
- | #conf-file=/ | + | |
- | #conf-dir=/ | + | |
# Include all the files in a directory except those ending in .bak | # Include all the files in a directory except those ending in .bak |