Use o dnsmasq para empurrar rotas para meus clientes em uma pequena rede local

Estou tentando usar dnsmasq para direcionar rotas para meus clientes em uma pequena rede local.

No entanto, meus clientes (servidor nº 1, nº 2 e nº 3) não podem usar essas rotas. O serviço dnsmasq está em execução e não sei o que pode estar errado.

Este é o conteúdo do meu arquivo "/etc/dnsmasq.conf":

domain-needed
bogus-priv
no-resolv
no-poll
server=/localnet/192.168.56.254
server=8.8.3.3
server=8.8.8.8
server=208.67.220.220
local=/brlightinternet.local/
interface=vboxnet0
listen-address=192.168.56.254
no-hosts
expand-hosts
domain=brlightinternet.local
dhcp-range=192.168.56.3,192.168.56.253,12h
dhcp-option=option:router,192.168.56.254

# pushing routes
dhcp-option=121,10.0.4.0/24,10.0.6.4,10.8.0.0/24,10.0.6.4,10.0.6.0/24,10.8.0.1
dhcp-option=249,10.0.4.0/24,10.0.6.4,10.8.0.0/24,10.0.6.4,10.0.6.0/24,10.8.0.1

dhcp-option=vendor:MSFT,2,1i
cache-size=150

IMPORTANTE: "192.168.56.254" não é o ip do servidor executando o dnsmasq. Seu ip é "192.168.56.1". Pelo que entendi, podemos atribuir um ip diferente ao dnsmasq.

Esta é a configuração de rede ("/ etc / sysconfig / network-scripts / ifcfg-enp0s17") em cada cliente (Servidor # 1, # 2 e # 3) ...

BOOTPROTO=static
DEVICE=enp0s17
DNS1=192.168.56.254
GATEWAY=192.168.56.254
IPADDR=192.168.56.120
IPV6INIT=NO
NETMASK=255.255.255.0
NM_CONTROLLED=yes
ONBOOT=yes
TYPE=Ethernet
USERCTL=NO
ZONE=public

... apenas os ips mudam ...

Server #1 -> IPADDR=192.168.56.122
Server #2 -> IPADDR=192.168.56.120
Server #3 -> IPADDR=192.168.56.121

Informações sobre as LANs de cada servidor ...

Servidor # 1

[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp0s17: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:12:26:e2:6c brd ff:ff:ff:ff:ff:ff
    inet 192.168.56.122/24 brd 192.168.56.255 scope global noprefixroute enp0s17
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:12ff:fe26:e26c/64 scope link 
       valid_lft forever preferred_lft forever

Servidor # 2

[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:2c:d1:58 brd ff:ff:ff:ff:ff:ff
    inet 10.0.2.10/24 brd 10.0.2.255 scope global noprefixroute dynamic enp0s8
       valid_lft 888sec preferred_lft 888sec
    inet6 fe80::2c5c:27aa:2636:8dc9/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: enp0s17: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:1c:a6:b9:59 brd ff:ff:ff:ff:ff:ff
    inet 192.168.56.120/24 brd 192.168.56.255 scope global noprefixroute enp0s17
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:1cff:fea6:b959/64 scope link 
       valid_lft forever preferred_lft forever
5: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100
    link/none 
    inet 10.8.0.1/24 brd 10.8.0.255 scope global tun0
       valid_lft forever preferred_lft forever
    inet6 fe80::6a67:7379:b64:967c/64 scope link flags 800 
       valid_lft forever preferred_lft forever

Servidor nº 3

[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:71:77:07 brd ff:ff:ff:ff:ff:ff
    inet 10.0.4.4/24 brd 10.0.4.255 scope global noprefixroute dynamic enp0s8
       valid_lft 1115sec preferred_lft 1115sec
    inet6 fe80::899f:8ca4:a7c6:25a7/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: enp0s17: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:ea:4e:40:ae brd ff:ff:ff:ff:ff:ff
    inet 192.168.56.121/24 brd 192.168.56.255 scope global noprefixroute enp0s17
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:eaff:fe4e:40ae/64 scope link 
       valid_lft forever preferred_lft forever
4: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100
    link/none 
    inet 10.8.0.6/24 brd 10.8.0.255 scope global tun0
       valid_lft forever preferred_lft forever
    inet6 fe80::48c2:b3cd:5845:5d35/64 scope link flags 800 
       valid_lft forever preferred_lft forever

NOTA I: "ip_forward" está habilitado no Servidor # 2 ...

echo -n "net.ipv4.ip_forward=1

" >> /etc/sysctl.d/ip_forward.conf
sysctl -w net.ipv4.ip_forward=1

NOTA II: Este tópico está totalmente relacionado ao problema ...

Use as LANs de um servidor para acessar a LAN de outro

Com esta solução, posso criar rotas sem problemas ...

link

... mas sem o benefício de ter a coisa centralizada como quando eu uso o dnsmasq.

Obrigado! = D