nixos-servers/legacy/projects/hermes/ansible/roles/dnsmasq/files/dnsmasq.conf

# Disable /etc/resolv.conf
no-resolv
# Upstream DNS server
server=192.168.30.1
# Always serve .dmz locally
local=/dmz/
# Put all clients in the dmz domain
dhcp-fqdn
# Don't read /etc/hosts
no-hosts
# Domain is automatically added to if missing
expand-hosts
# Domain that is used for DHCP on this network
domain=dmz
# IPv4 DHCP range
dhcp-authoritative
dhcp-range=192.168.30.50,192.168.30.127,15m
# Predefined DHCP hosts
dhcp-host=b8:27:eb:b9:ab:e2,esrom
dhcp-host=ca:fe:c0:ff:ee:03,max,192.168.30.3
dhcp-host=ca:fe:c0:ff:ee:08,maestro,192.168.30.8
dhcp-host=dc:a6:32:7b:e2:11,iris,192.168.30.9
dhcp-host=ca:fe:c0:ff:ee:0a,thecloud,192.168.30.10
dhcp-host=52:54:00:72:e0:9a,forum,192.168.30.11
# Advertise router
dhcp-option=3,192.168.30.1
# Always send the IPv6 DNS server address (this machine)
dhcp-option=option6:dns-server,[2a02:58:19a:f730::1]
# Advertise SLAAC for the given prefix
dhcp-range=2a02:58:19a:f730::, ra-stateless, ra-names
# Do not advertise default gateway via DHCPv6
ra-param=*,0,0
# Alias public IP address to local
alias=84.245.14.149,192.168.30.8
# Override DNS servers for our domains
server=/pizzapim.nl/192.168.30.7
server=/geokunis2.nl/192.168.30.7
server=/pim.kunis.nl/192.168.30.7
server=/kun.is/192.168.30.7
# Enable extended logging
log-dhcp
log-queries
# Resolve hermes.dmz to addresses on main NIC
interface-name=hermes.dmz,ens3
# Non-conventional port because we also run nsd on this machine
port=5353
# Override addresses of name servers
address=/ns.pizzapim.nl/ns.geokunis2.nl/ns.pim.kunis.nl/192.168.30.7
address=/ns.pizzapim.nl/ns.geokunis2.nl/ns.pim.kunis.nl/2a02:58:19a:f730:c8fe:c0ff:feff:ee07
# Advertise DNS server
dhcp-option=option:dns-server,192.168.30.1