Skip to main content
26-04-2023

LANRecently, I acquired a Raspberry and configured a small server at home with Ubuntu server. I also purchased a domain name, contracted a fixed IP with my provider, opened a ssh port and started being able to access my home server from anywhere.

But I noticed I was not able to access my server using the domain name when I was connected to my local network. For instance from a tablet, a cell phone or another computer connected through Wifi in my local network. I think this is so because the local network router assigns an IP address to the server which is different from the fixed IP address associated with the domain name.

This could be easily solved by assigning domain names to local IPs in the router configuration, but it turned out that my Internet provider blocks this in the routers they install. The reason is to avoid people changing their DNS (Domain Name Server) and creating issues for them to solve. So I had to think of a way to create an alternative DNS within my local network.

A possible way of doing it is to define the DNS assignment in each device connected to the LAN. This is not practical, and for some type of devices it is not trivial (for instance for Android devices).

Looking at the alternatives, I read that what it has to be done is to have a DHCP server at a  another device different from the router, and do the domain name assignments there. In my case the obvious candidate was the server installed in the Raspberry. I saw there were two packages that provide a DHCP server, isc-dhcp-server and dnsmasq. There is also bind, which is more complete, but it is more complex to configure, so I tried to avoid using it.

I first tried using isc-dhcp-server, and I managed to make it distribute the IPs in the LAN, but I could not find a way to define domain names to the devices within the LAN. So i tried with dnsmasq. So here are the steps that have to be done.

My server is protected with a firewall provided by ufw, with only two open ports, one for ssh and the other one for html. So i had to open the ports for the DHCP and DNS servers:

sudo ufw allow bootps

sudo ufw allow 53/udp

sudo ufw allow 53/tcp

sudo ufw allow 67/udp

sudo ufw allow 67/tcp

The next step is to stop systemd managing name resolution, since it uses the same port (53) that the new DHCP/DNS server will use:

sudo systemctl disable systemd-resolved 

sudo systemctl stop systemd-resolved 

sudo unlink /etc/resolv.conf

The last step removes a symbolic link with the systemd-resolved generated resolv.conf file. So a new file has to be created:

echo nameserver 8.8.8.8 | sudo tee /etc/resolv.conf

Here the name server being used is the Google name server, but you can use any other name server that you want.

The last step consists in installing and configuring the dnsmasq package:

sudo apt install dnsmasq

To configure it, you have to edit its configuration file /etc/dnsmasq.conf. These first the lines that have to be uncommented and/or changed:

domain-name

bogus-priv

strict-order

strict-order

expand-hosts

You can define a general domain name in your LAN, so that you identify your devices with a subdomain:

local=/mylan.eu/

domain=mylan.eu

My Raspberry gets assigned 192.168.1.18 by the Internet router, so this line will tell where it has to listen for network traffic from the Internet:

listen-address=::1,127.0.0.1,192.168.1.18

The following line defines the range of IPs that the new DHCP server will asign, as well as the lease time for the assigned IP:

dhcp-range=192.168.1.150,192.168.1.250,255.255.255.0,12h

These IPs are different from the ones that the Internet router assigns (from 192.168.1.1 to 192.168.1.149). The Internet router DCHP server could be disabled once the new DHCP server is running, but in my case if I disable it and I restart the Raspberry, it does not get assigned an IP and looses connection to the Internet. I have to investigate this further because it may be possible to solve. So I'm keeping both DHCP servers running, and the following line tells the LAN that the Raspberry DHCP server should be given priority:

dhcp-authoritative

This is all for the configuration of dnsmasq. The last step consists of establishing the IP assignments. This is done in the /etc/hosts fie. I have a nextcloud instance in the Raspberry. So I added the following line in this file:

192.168.1.18 mydomain.eu nextcloud.mydomain.eu

And that's it. After starting the dnsmasq service in the Raspberry server, this DHCP server starts asssigning IPs for all the devices in my LAN, and the "mydomain.eu" domain works to identify devices within the local area network.

 

 

 

 

Powered by Drupal

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer