I have a local dnsmasq and another one connected via VPN. The local names and DHCP'ed IP addresses resolve at each place. Each is set up to refer to the other's forward and reverse zone. It seems to work fully going one way, but only for the forward zone from the other.
Cast of Characters: +-----------------+ 192.168.8.97 Chestnut.pirate.lan, slamd64 [1] 12.2 192.168.4.9 gazoo.lan, openwrt Kamikaze 8.09.1 (brcm-2.4) 192.168.4.173 sip.gazoo.lan, Sipura SPA-2000 192.168.3.1 Chestnut's OpenVPN IP (the server) 192.168.3.8 gazoo's VPN IP Routing works. Chestnut is the openvpn server, and hosts in gazoo.lan can get to pirate.lan hosts and to other openvpn clients elsewhere. I noticed the problem when setting up gazoo and sip to do remote syslog to chestnut; gazoo appears in logs as "gazoo", sip by IP. Testing from a host in pirate.lan: $ host 192.168.4.173 Host 173.4.168.192.in-addr.arpa. not found: 3(NXDOMAIN) $ host 192.168.4.173 192.168.4.9 Using domain server: Name: 192.168.4.9 Address: 192.168.4.9#53 Aliases: 173.4.168.192.in-addr.arpa domain name pointer sip.gazoo.lan. $ host sip.gazoo.lan. sip.lan has address 192.168.4.173 The dnsmasq.d directory on chestnut.pirate.lan has a file "gazoo", with this: server=/gazoo.lan/192.168.3.8 server=/4.168.192.in-addr.arpa/192.168.3.8 192.168.3.8 is the VPN IP address for the remote dnsmasq, which is a/k/a 192.168.4.9 . The gazoo.lan names resolve, but reverse doesn't work, and test results are the same with either of the VPN or LAN IP addresses. Continuing tests, we see that both forward and reverse work from the other side: $ host 192.168.8.172 172.8.168.192.in-addr.arpa domain name pointer Wii.pirate.lan. $ host 192.168.8.172 192.168.4.9 Using domain server: Name: 192.168.4.9 Address: 192.168.4.9#53 Aliases: 172.8.168.192.in-addr.arpa domain name pointer Wii.pirate.lan. $ host Wii.pirate.lan. Wii.pirate.lan has address 192.168.8.172 ws@whn:~$ host Wii.pirate.lan. 192.168.4.9 Using domain server: Name: 192.168.4.9 Address: 192.168.4.9#53 Aliases: Wii.pirate.lan has address 192.168.8.172 The dnsmasq which is not working properly, Slamd64 12.2: root@chestnut:~# dnsmasq --version Dnsmasq version 2.46 Copyright (C) 2000-2008 Simon Kelley Compile time options IPv6 GNU-getopt no-DBus I18N TFTP The one which is working, openwrt Kamikaze 8.09.1: root@gazoo:~# dnsmasq --version Dnsmasq version 2.47 Copyright (C) 2000-2009 Simon Kelley Compile time options IPv6 GNU-getopt no-DBus no-I18N TFTP I'll try upgrading and report back if that helps. Oh, here's another test: $ dig -x +trace 192.168.4.173 ; <<>> DiG 9.4.2-P2 <<>> -x +trace 192.168.4.173 ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28788 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;+trace.in-addr.arpa. IN PTR ;; AUTHORITY SECTION: in-addr.arpa. 10800 IN SOA A.ROOT-SERVERS.NET. dns-ops.ARIN.NET. 2009110804 1800 900 691200 10800 ;; Query time: 166 msec ;; SERVER: 192.168.8.97#53(192.168.8.97) ;; WHEN: Sun Nov 8 15:45:37 2009 ;; MSG SIZE rcvd: 104 ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31979 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;192.168.4.173. IN A ;; ANSWER SECTION: 192.168.4.173. 7200 IN A 192.168.4.173 ;; Query time: 2 msec ;; SERVER: 192.168.8.97#53(192.168.8.97) ;; WHEN: Sun Nov 8 15:45:37 2009 ;; MSG SIZE rcvd: 47 Note, all of these tests were done from clients on the pirate.lan side. ATM there's no dig(1) on the gazoo.lan side, and gazoo itself lacks storage capacity to install it. (The busybox implementation of nslookup(1) is even worse than BIND's.) I think the directed queries Curious that there would be an A query and answer. Using ptr for the in-addr.arpa. name rather than -x, it appears to be ignoring the server declaration for the reverse zone: $ dig +trace 173.4.168.192.in-addr.arpa. ptr ; <<>> DiG 9.4.2-P2 <<>> +trace 173.4.168.192.in-addr.arpa. ptr ;; global options: printcmd . 372212 IN NS G.ROOT-SERVERS.NET. . 372212 IN NS B.ROOT-SERVERS.NET. . 372212 IN NS A.ROOT-SERVERS.NET. . 372212 IN NS F.ROOT-SERVERS.NET. . 372212 IN NS I.ROOT-SERVERS.NET. . 372212 IN NS C.ROOT-SERVERS.NET. . 372212 IN NS H.ROOT-SERVERS.NET. . 372212 IN NS M.ROOT-SERVERS.NET. . 372212 IN NS J.ROOT-SERVERS.NET. . 372212 IN NS L.ROOT-SERVERS.NET. . 372212 IN NS D.ROOT-SERVERS.NET. . 372212 IN NS K.ROOT-SERVERS.NET. . 372212 IN NS E.ROOT-SERVERS.NET. ;; Received 512 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms$ dig +trace 173.4.168.192.in-addr.arpa. ptr ; <<>> DiG 9.4.2-P2 <<>> +trace 173.4.168.192.in-addr.arpa. ptr ;; global options: printcmd . 372212 IN NS G.ROOT-SERVERS.NET. . 372212 IN NS B.ROOT-SERVERS.NET. . 372212 IN NS A.ROOT-SERVERS.NET. . 372212 IN NS F.ROOT-SERVERS.NET. . 372212 IN NS I.ROOT-SERVERS.NET. . 372212 IN NS C.ROOT-SERVERS.NET. . 372212 IN NS H.ROOT-SERVERS.NET. . 372212 IN NS M.ROOT-SERVERS.NET. . 372212 IN NS J.ROOT-SERVERS.NET. . 372212 IN NS L.ROOT-SERVERS.NET. . 372212 IN NS D.ROOT-SERVERS.NET. . 372212 IN NS K.ROOT-SERVERS.NET. . 372212 IN NS E.ROOT-SERVERS.NET. ;; Received 512 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms arpa. 172800 IN NS D.ROOT-SERVERS.NET. arpa. 172800 IN NS F.ROOT-SERVERS.NET. arpa. 172800 IN NS G.ROOT-SERVERS.NET. arpa. 172800 IN NS B.ROOT-SERVERS.NET. arpa. 172800 IN NS E.ROOT-SERVERS.NET. arpa. 172800 IN NS M.ROOT-SERVERS.NET. arpa. 172800 IN NS A.ROOT-SERVERS.NET. arpa. 172800 IN NS I.ROOT-SERVERS.NET. arpa. 172800 IN NS H.ROOT-SERVERS.NET. arpa. 172800 IN NS C.ROOT-SERVERS.NET. arpa. 172800 IN NS L.ROOT-SERVERS.NET. arpa. 172800 IN NS K.ROOT-SERVERS.NET. ;; Received 496 bytes from 192.58.128.30#53(J.ROOT-SERVERS.NET) in 221 ms 192.in-addr.arpa. 86400 IN NS BASIL.ARIN.NET. 192.in-addr.arpa. 86400 IN NS HENNA.ARIN.NET. 192.in-addr.arpa. 86400 IN NS Z.ARIN.NET. 192.in-addr.arpa. 86400 IN NS X.ARIN.NET. 192.in-addr.arpa. 86400 IN NS Y.ARIN.NET. 192.in-addr.arpa. 86400 IN NS DILL.ARIN.NET. 192.in-addr.arpa. 86400 IN NS INDIGO.ARIN.NET. ;; Received 180 bytes from 128.8.10.90#53(D.ROOT-SERVERS.NET) in 96 ms 168.192.in-addr.arpa. 86400 IN NS blackhole-1.iana.org. 168.192.in-addr.arpa. 86400 IN NS blackhole-2.iana.org. ;; Received 104 bytes from 192.55.83.32#53(BASIL.ARIN.NET) in 208 ms 168.192.in-addr.arpa. 300 IN SOA prisoner.iana.org. hostmaster.root-servers.org. 2002040800 1800 900 604800 604800 ;; Received 121 bytes from 192.175.48.6#53(blackhole-1.iana.org) in 106 ms arpa. 172800 IN NS D.ROOT-SERVERS.NET.$ dig +trace 173.4.168.192.in-addr.arpa. ptr ; <<>> DiG 9.4.2-P2 <<>> +trace 173.4.168.192.in-addr.arpa. ptr ;; global options: printcmd . 372212 IN NS G.ROOT-SERVERS.NET. . 372212 IN NS B.ROOT-SERVERS.NET. . 372212 IN NS A.ROOT-SERVERS.NET. . 372212 IN NS F.ROOT-SERVERS.NET. . 372212 IN NS I.ROOT-SERVERS.NET. . 372212 IN NS C.ROOT-SERVERS.NET. . 372212 IN NS H.ROOT-SERVERS.NET. . 372212 IN NS M.ROOT-SERVERS.NET. . 372212 IN NS J.ROOT-SERVERS.NET. . 372212 IN NS L.ROOT-SERVERS.NET. . 372212 IN NS D.ROOT-SERVERS.NET. . 372212 IN NS K.ROOT-SERVERS.NET. . 372212 IN NS E.ROOT-SERVERS.NET. ;; Received 512 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms arpa. 172800 IN NS D.ROOT-SERVERS.NET. arpa. 172800 IN NS F.ROOT-SERVERS.NET. arpa. 172800 IN NS G.ROOT-SERVERS.NET. arpa. 172800 IN NS B.ROOT-SERVERS.NET. arpa. 172800 IN NS E.ROOT-SERVERS.NET. arpa. 172800 IN NS M.ROOT-SERVERS.NET. arpa. 172800 IN NS A.ROOT-SERVERS.NET. arpa. 172800 IN NS I.ROOT-SERVERS.NET. arpa. 172800 IN NS H.ROOT-SERVERS.NET. arpa. 172800 IN NS C.ROOT-SERVERS.NET. arpa. 172800 IN NS L.ROOT-SERVERS.NET. arpa. 172800 IN NS K.ROOT-SERVERS.NET. ;; Received 496 bytes from 192.58.128.30#53(J.ROOT-SERVERS.NET) in 221 ms 192.in-addr.arpa. 86400 IN NS BASIL.ARIN.NET. 192.in-addr.arpa. 86400 IN NS HENNA.ARIN.NET. 192.in-addr.arpa. 86400 IN NS Z.ARIN.NET. 192.in-addr.arpa. 86400 IN NS X.ARIN.NET. 192.in-addr.arpa. 86400 IN NS Y.ARIN.NET. 192.in-addr.arpa. 86400 IN NS DILL.ARIN.NET. 192.in-addr.arpa. 86400 IN NS INDIGO.ARIN.NET. ;; Received 180 bytes from 128.8.10.90#53(D.ROOT-SERVERS.NET) in 96 ms 168.192.in-addr.arpa. 86400 IN NS blackhole-1.iana.org. 168.192.in-addr.arpa. 86400 IN NS blackhole-2.iana.org. ;; Received 104 bytes from 192.55.83.32#53(BASIL.ARIN.NET) in 208 ms 168.192.in-addr.arpa. 300 IN SOA prisoner.iana.org. hostmaster.root-servers.org. 2002040800 1800 900 604800 604800 ;; Received 121 bytes from 192.175.48.6#53(blackhole-1.iana.org) in 106 ms arpa. 172800 IN NS F.ROOT-SERVERS.NET. arpa. 172800 IN NS G.ROOT-SERVERS.NET. arpa. 172800 IN NS B.ROOT-SERVERS.NET. arpa. 172800 IN NS E.ROOT-SERVERS.NET. arpa. 172800 IN NS M.ROOT-SERVERS.NET. arpa. 172800 IN NS A.ROOT-SERVERS.NET. arpa. 172800 IN NS I.ROOT-SERVERS.NET. arpa. 172800 IN NS H.ROOT-SERVERS.NET. arpa. 172800 IN NS C.ROOT-SERVERS.NET. arpa. 172800 IN NS L.ROOT-SERVERS.NET. arpa. 172800 IN NS K.ROOT-SERVERS.NET. ;; Received 496 bytes from 192.58.128.30#53(J.ROOT-SERVERS.NET) in 221 ms 192.in-addr.arpa. 86400 IN NS BASIL.ARIN.NET. 192.in-addr.arpa. 86400 IN NS HENNA.ARIN.NET. 192.in-addr.arpa. 86400 IN NS Z.ARIN.NET. 192.in-addr.arpa. 86400 IN NS X.ARIN.NET. 192.in-addr.arpa. 86400 IN NS Y.ARIN.NET. 192.in-addr.arpa. 86400 IN NS DILL.ARIN.NET. 192.in-addr.arpa. 86400 IN NS INDIGO.ARIN.NET. ;; Received 180 bytes from 128.8.10.90#53(D.ROOT-SERVERS.NET) in 96 ms 168.192.in-addr.arpa. 86400 IN NS blackhole-1.iana.org. 168.192.in-addr.arpa. 86400 IN NS blackhole-2.iana.org. ;; Received 104 bytes from 192.55.83.32#53(BASIL.ARIN.NET) in 208 ms 168.192.in-addr.arpa. 300 IN SOA prisoner.iana.org. hostmaster.root-servers.org. 2002040800 1800 900 604800 604800 ;; Received 121 bytes from 192.175.48.6#53(blackhole-1.iana.org) in 106 ms This is all nothing but a minor annoyance for me, but I thought it might be worth looking into. [1] Slamd64 is/was a port of 32-bit Slackware to x86_64, probably in the process of being phased out since Slackware 13 had a x86_64 version. -- Offlist mail to this address is discarded unless "/dev/rob0" or "not-spam" is in Subject: header