cname configuration in dnsmasq

Question

cname configuration in dnsmasq

258 Views Asked by marin99 At 04 February 2023 at 01:14

I am trying to set up dnsmasq on my test VM to map calls to *.googleapis.com to *.private.googleapis.com as documented here. I cannot get storage.googleapis.com to resolve to storage.private.googleapis.com through a CNAME record

My dnsmasq.conf looks like this

listen-address=::1,127.0.0.1
auth-server=localhost
address=/private.googleapis.com/199.36.153.8
address=/private.googleapis.com/199.36.153.9
address=/private.googleapis.com/199.36.153.10
address=/private.googleapis.com/199.36.153.11
cname=*.googleapis.com,private.googleapis.com

my /etc/resolv.conf

nameserver 127.0.0.1
nameserver 8.8.4.4
nameserver 8.8.8.8

dig storage.private.googleapis.com

resolves as expected to 199.36.153.8/30 but

dig storage.googleapis.com

does not resolve to the same addresses and is resolved through the public 8.8 name servers.

What am I missing? Thanks a lot in advance.

Original Q&A

There are 1 best solutions below

**marin99** · Accepted Answer · 2023-02-07T02:05:21.280000

Answering my own question here. I think dnsmasq may not be the best tool to accomplish this. I created a private zone in bind with the config below and I was able to access Google Cloud Storage through the private APIs. On CentOS 7.7 (/var/named/googleapis.com.zone):

$TTL 1D

@   IN SOA  node-bind-server.mydomain.com.   root.node-bind-server.mydomain.com. (
                                       2017031301      ; serial
                                       1D              ; refresh
                                       1H              ; retry
                                       1W              ; expire
                                       3H )            ; minimum

googleapis.com. IN      NS      node-bind-server.mydomain.com.
private.googleapis.com.  IN      A       199.36.153.8
private.googleapis.com.  IN      A       199.36.153.9
private.googleapis.com.  IN      A       199.36.153.10
private.googleapis.com.  IN      A       199.36.153.11
*.googleapis.com.       IN      CNAME   private.googleapis.com.

and my /etc/named.conf references this file

zone "googleapis.com" IN {
        type master;
        file "googleapis.com.zone";
};

and my named version

[root@node-bind-server etc]# named -v
BIND 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.13 (Extended Support Version) <id:7107deb>

cname configuration in dnsmasq

There are 1 best solutions below

Related Questions in DNSMASQ

Trending Questions

Popular # Hahtags

Popular Questions