|
############################################################################### |
|
# DNS Server |
|
############################################################################### |
|
#interface=ens3,ens4,lo |
|
#interface=* |
|
#log-facility=- |
|
|
|
# Log all queries (use for troubleshooting only) |
|
#log-queries |
|
|
|
# Set local src address or interface to talk to a server |
|
#server=10.1.2.3@192.168.1.1#55 |
|
#server=10.1.2.3@ens4 |
|
|
|
server=8.8.8.8 |
|
server=8.8.4.4 |
|
server=/home.shift.zone/192.168.1.1 |
|
|
|
# Never forward plain names (without a dot or domain part) |
|
domain-needed |
|
|
|
# Never forward addresses in the non-routed address spaces. |
|
bogus-priv |
|
|
|
# do not use /etc/resolv.conf or any other file |
|
no-resolv |
|
|
|
# Don't store in cache the invalid resolutions |
|
no-negcache |
|
|
|
# point to other server for local or priv domains |
|
#server=/localnet/192.168.0.1 |
|
# domains to force to a local IP |
|
#address=/double-click.net/127.0.0.1 |
|
|
|
# Set this (and domain: see below) if you want to have a domain |
|
# automatically added to simple names in a hosts-file. |
|
expand-hosts |
|
|
|
# don't read /etc/hosts |
|
no-hosts |
|
# read OCP hosts from file |
|
addn-hosts=/opt/dnsmasq/ocp.hosts |
|
|
|
# Set the default domain for dnsmasq |
|
domain=lab.shift.zone |
|
# Set a different domain for a particular subnet |
|
domain=ocp4poc.lab.shift.zone,198.18.100.0/24 |
|
# include external LB IP |
|
domain=ocp4poc.lab.shift.zone,96.234.167.84 |
|
# include IPv6 range |
|
domain=ocp4poc.lab.shift.zone,2001:470:8:d83::/64 |
|
# Same idea, but range rather then subnet |
|
#domain=reserved.thekelleys.org.uk,192.68.3.100,192.168.3.200 |
|
|
|
# Authoritative DNSA |
|
# auth-zone=lab.shift.zone |
|
# auth-zone=ocp4poc.lab.shift.zone |
|
# # Set SOA record |
|
# auth-soa=12345678,admin.example.com |
|
# # Set A record |
|
# address=/www.example.com/10.2.3.4 |
|
# # Set MX record |
|
# mx-host=example.com,www.example.com,10 |
|
# # Set TXT record |
|
# txt-record=_acme-challenge.www.example.com,f0o...bar |
|
|
|
############################################################################### |
|
# DHCP Server |
|
############################################################################### |
|
no-dhcp-interface=ens3 |
|
dhcp-authoritative |
|
dhcp-fqdn |
|
log-dhcp |
|
|
|
dhcp-lease-max=100 |
|
#dhcp-duid=<enterprise-id>,<uid> |
|
|
|
# read dhcp-host formatted entry per line |
|
dhcp-hostsfile=/opt/dnsmasq/ocp-dhcp.hostfiles |
|
|
|
#Changed or new files within the directory are read automatically |
|
#hostdir=</path/to/dir> |
|
#dhcp-hostsdir=</path/to/dir> |
|
|
|
##################### |
|
# IPv4 Configuration |
|
##################### |
|
dhcp-range=198.18.100.10,198.18.100.200,1h |
|
dhcp-option=option:router,198.18.100.1 |
|
dhcp-option=option:dns-server,0.0.0.0,8.8.8.8,8.8.4.4 |
|
dhcp-option=option:domain-search,ocp4poc.lab.shift.zone |
|
dhcp-option=option:ntp-server,204.11.201.10 |
|
|
|
# Injecting static subnetwork with DHCP |
|
#dhcp-option=option:classless-static-route,5.5.5.0/24,198.18.100. |
|
|
|
##################### |
|
# IPv6 Configuration |
|
##################### |
|
# Enable router advertisement (SLAAC) |
|
enable-ra |
|
# 'ra-names,slaac' means Dnsmasq tries to guess the auto-configured IPv6 address and send a new address + DNS configurationa |
|
dhcp-range=::10,::100,constructor:ens3,ra-names,slaac,12h |
|
#dhcp-range=::200,::400,constructor:ens4,ra-names,slaac,12h |
|
# no SLAAC - DHCPv6 only (but RA for route) |
|
#dhcp-range=::,::fff,constructor:ens4,64,1h |
|
|
|
dhcp-range=::,::fff,constructor:ens4,ra-only,1h |
|
|
|
# ra-stateless - tells dnsmasq to advertise that subnet via router-advertisements, |
|
# and set the bits which tell the clients to use DHCPv6 for configuration, but not address allocation. |
|
# ra-names - SLAAC & DHCPv6 |
|
# ra-only - |
|
# M-bit O-bit A-bit stateLess-DHCP DHCP-address |
|
# range x x x x |
|
# range+ra_only x x x x x |
|
# range+ra_stateless x x x x |
|
# ra-only x |
|
# ra-names x |
|
# ra-stateless x x |
|
|
|
|
|
# Send DHCPv6 option for DNS as the dnsmasq and dns.google |
|
#dhcp-option=option6:dns-server,[::],2001:4860:4860::8844,2001:4860:4860::8888 |
|
#dhcp-option=option6:ntp-server,[::] |
|
# Ask client to poll for option changes every six hours |
|
dhcp-option=option6:information-refresh-time,1h |
|
|
|
############################################################################### |
|
# OCP lab |
|
############################################################################### |
|
# wildcard domain *.apps.<clusterName>.<baseDomain> (External VIP) |
|
# define external fqdn to work around dnsmasq cname limitations |
|
# NOTE: dnsmasq CNAMES must point to dnsmasq records |
|
# wildcard *.apps.ocp4poc.lab.shift.zone |
|
address=/apps.ocp4poc.lab.shift.zone/96.234.167.84 |
|
address=/apps.ocp4poc.lab.shift.zone/2001:470:8:d83::2 |
|
#cname=*.apps.ocp4poc.lab.shift.zone,lb-ext.ocp4poc.lab.shift.zone |
|
|
|
# etcd SRV records |
|
# srv-host=_etcd-server-ssl._tcp,etcd-0.ocp4poc.lab.shift.zone,2380 |
|
# srv-host=_etcd-server-ssl._tcp,etcd-1.ocp4poc.lab.shift.zone,2380 |
|
# srv-host=_etcd-server-ssl._tcp,etcd-2.ocp4poc.lab.shift.zone,2380 |
|
srv-host=_etcd-server-ssl._tcp.ocp4poc.lab.shift.zone,etcd-0.ocp4poc.lab.shift.zone,2380 |
|
srv-host=_etcd-server-ssl._tcp.ocp4poc.lab.shift.zone,etcd-1.ocp4poc.lab.shift.zone,2380 |
|
srv-host=_etcd-server-ssl._tcp.ocp4poc.lab.shift.zone,etcd-2.ocp4poc.lab.shift.zone,2380 |
|
|
|
############################################################################### |
|
## PXE |
|
############################################################################### |
|
##################### |
|
# Legacy PXE |
|
##################### |
|
# enable-tftp |
|
# tftp-root=/var/lib/tftpboot,ens4 |
|
# dhcp-boot=pxelinux.0 |
|
##################### |
|
# iPXE |
|
##################### |
|
# iPXE - chainload to bastion8.matchbox.ocp4poc.example.com ipxe boot script |
|
# dhcp-userclass=set:ipxe,iPXE |
|
# dhcp-boot=http://bastion8.ocp4poc.lab.shift.zone:8080/boot.ipxe |
|
############################################################################### |
|
# END OF FILE |
|
############################################################################### |