![]() ![]() Like most Linux programs dnsmasq is configured using text files with easily templatable values. The project describes itself providing "network infrastructure for small networks: DNS, DHCP, router advertisement and network boot."ĭigging under the hood of Pihole a little, there's actually a surprisingly small amount of customisation to make it function as an ad-blocker compared with a vanilla installation of dnsmasq. There are images for multiple architectures and the software runs extremely well on x86 hardware. The name implies it's only suitable for use on a Raspberry Pi but this isn't true. You've almost certainly heard of Pihole by now, the network level ad-blocker. There is an API in the works for Opnsense but it lacks many of the endpoints to customise what I need. The configuration mechanisms for these softwares revolve around XML files which do not lend themselves well to API driven updates or automation based approaches for simple tasks like updating an IP address / MAC address mapping. However, the biggest ding against Opnsense (and pfsense) is that it's underpinnings are very old. In large part due to a more modern BSD base and Wireguard support (not to mention Netgate being a company with business practices which are hard to like). More recently (5 years ago!), I switched to the fork - Opnsense. My first foray with the software was in High School combining multiple cable modems together back in the good old days of Docsis 2.0 mac cloning. Often these types of firewall softwares act as a catch all for critical network services like a DHCP server or local DNS resolver and so on. In most typical homelabber / self-hosting environments we aren't afraid to roll our own firewall using software such as Opnsense. This post will detail how I solved a few interesting problems as I fully automated DNS overrides and DHCP reservations using Pihole, and the program it's built on top of Dnsmasq. ![]() ![]() It's been one of those minor friction points of network administration that I've put up with because automating the process seemed daunting. You do like declarative configurations don't you? Good!įor the longest time I've made do with clicking through the Opnsense UI to add static IP reservations via MAC address mapping. ![]()
0 Comments
Leave a Reply. |