On 04/06/18 15:03, Stephen Howell wrote:
> I had some issues with the DHCP entries not being included when I made
> the server authoritative for the .local domain, as I was populating
> .local from DHCP leases in dnsmasq also.
> Is this configuration of authoritative + DHCP entries supposed to work?
Yes, but there are rules. Check the man page.
> On Sat, 2 Jun 2018 at 18:09 Simon Kelley <si...@thekelleys.org.uk
> <mailto:si...@thekelleys.org.uk>> wrote:
> On 29/05/18 23:11, Stephen Howell wrote:
> > Hi,
> > I'm an occasional sysadmin and I was looking to setup a round-robin
> > wildcard CNAME for a test project at home. I checked the dnsmasq docs
> > and saw:
> > *--cname* as long as the record name is in the authoritative
> domain. If
> > the target of the CNAME is unqualified, then it is qualified with the
> > authoritative zone name. CNAME used in this way (only) may be
> > as in
> > *cname=*.example.com <http://example.com>
> <http://example.com>,default.example.com <http://default.example.com>
> > <http://default.example.com>*
> > *
> > *
> > I figured out that the A records would need to be added as /etc/hosts
> > entries so I did so then added a couple of lines in my config to be
> > authoritative for this one zone and create the CNAME:
> > auth-zone=local,127.0.0.0/24,192.168.0.0/16,br-lan
> > <http://127.0.0.0/24,192.168.0.0/16,br-lan>
> > This *should* have created a DNS record that responds to queries for
> > "app2.k8s.local", "app3.k8s.local" etc. That does not happen, any
> > request for sub-domains below k8s.local returns empty data.
> > Instead what I have is a record that responds to the *literal form* of
> > "*.k8s.local"!!
> > $ dig *.k8s.local @192.168.0.2 <http://192.168.0.2>
> > ; <<>> DiG 9.11.3-1ubuntu1-Ubuntu <<>> *.k8s.local @192.168.1.1
> <http://192.168.1.1> <http://192.168.1.1>
> > ;; global options: +cmd
> > ;; Got answer:
> > ;; WARNING: .local is reserved for Multicast DNS
> > ;; You are currently testing what happens when an mDNS query is
> leaked to DNS
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41245
> > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0,
> ADDITIONAL: 1
> > ;; OPT PSEUDOSECTION:
> > ; EDNS: version: 0, flags:; udp: 4096
> > ;; QUESTION SECTION:
> > ;*.k8s.local. IN A
> > ;; ANSWER SECTION:
> > *.k8s.local. 0 IN CNAME app.k8s.local.
> > app.k8s.local. 0 IN A 192.168.1.11
> > app.k8s.local. 0 IN A 192.168.1.12
> > app.k8s.local. 0 IN A 192.168.1.13
> > ;; Query time: 2 msec
> > ;; SERVER: 192.168.0.2#53(192.168.0.2)
> > ;; WHEN: Tue May 29 22:49:01 BST 2018
> > ;; MSG SIZE rcvd: 115
> > That is not a wildcard entry! Any idea what happened? DNSmasq is
> > 2.80test2 (current version from the OpenWRT repo).
> The query was for *.k8s.local, and that's what you got an answer for.
> That's quite correct. Try
> dig app.k8s.local @192.168.0.2 <http://192.168.0.2>
> Note that running in authoritative mode is a little more complex than
> you've configured: you'll need and auth-server config line as well, for
> instance, and probably a glue record elsewhere in the DNS.
> > I realise that the address=/domain.com/184.108.40.206
> > <http://domain.com/220.127.116.11> form could be used, but that doesn't help
> > create a round-robin entry. How should a wildcard entry for multiple
> > backing hosts be created?
> > Thanks
> > Stephen
> > _______________________________________________
> > Dnsmasq-discuss mailing list
> > Dnsmasqfirstname.lastname@example.org
> > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> Dnsmasq-discuss mailing list
Dnsmasq-discuss mailing list