On 31/03/2020 13:51, Jake Howard wrote:
> Hello!
> 
> Had a breakthrough on what's going on, and it's down to a caveat I
> missed when reading the man page on localise-queries:
> 
>> Return answers to DNS queries from /etc/hosts and *--interface-name*
> which depend on the interface over which the query was received.
> 
> And of course, this issue has to do with docker. With Docker, even
> though the container is listening on 2 different interfaces, and 2
> different IPs, the inner container, and thus dnsmasq, only sees 1
> interface, with all addresses coming from it. Hence localisation isn't
> quite working.
> 
> If I run dnsmasq with the exact same config but on the host, where it
> can see the different interfaces, works perfectly!
> 
> Testing was done in 2.79 and 2.76, with a config file practically
> identical to your CLI arguments.
> 
> Technically, there's not a bug here per-say, but it'd be really handy if
> there was a way of looking at the source IP when determining which
> record to return rather than just the interface?

Dnsmasq uses the _destination_ address of the query. I'm not familiar
with Docker. Is it using NAT?


Simon.


> 
> Thanks!
> 
> On Mon, 30 Mar 2020, at 20:42, Simon Kelley wrote:
>> On 28/03/2020 20:38, Jake Howard wrote:
>> > Hi,
>> > 
>> > My intention is to have 1 dnsmasq instance, accessible over 2 interfaces
>> > (listening on all), and have the response to a query differ based on the
>> > interface, and therefore its incoming IP. From what i've read, that's
>> > exactly what localise-queries is meant to do, but it doesn't appear to
>> > be unless I put the entries into /etc/hosts directly.
>>
>>
>> OK, what you're expecting to happen and what I'm expecting to happen are
>> the same. That's good.
>>
>> I just did a quick test, and it seems to work fine for me. The
>> example.com addresses are in /tmp/hosts.
>>
>>
>> srk@holly:~/dnsmasq/dnsmasq$ src/dnsmasq -d --log-queries
>> --localise-queries -p 10000 --addn-hosts=/tmp/hosts
>> dnsmasq: started, version 2.81rc4-5-gd162bee cachesize 150
>> dnsmasq: compile time options: IPv6 GNU-getopt no-DBus no-UBus no-i18n
>> no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth no-DNSSEC
>> loop-detect inotify dumpfile
>> dnsmasq: reading /etc/resolv.conf
>> dnsmasq: using nameserver 127.0.1.1#53
>> dnsmasq: read /etc/hosts - 9 addresses
>> dnsmasq: read /tmp/hosts - 2 addresses
>> dnsmasq: query[A] example.com from 127.0.0.1
>> dnsmasq: /tmp/hosts example.com is 192.168.151.43
>> dnsmasq: /tmp/hosts example.com is 192.168.150.43
>> dnsmasq: query[A] example.com from 192.168.150.49
>> dnsmasq: /tmp/hosts example.com is 192.168.150.43
>>
>>
>> If it's not working for you, that's a bug, but we need to find what it
>> is about your setup that tickles the bug.
>>
>> Can you boil it down to the simplest configuration that displays the
>> problem, and also specify which version of dnsmasq you're using?
>>
>>
>> cheers,
>>
>> Simon.
>>
>>
>> > 
>> > Thanks,
>> > - Jake Howard
>> > 
>> > On Sat, 28 Mar 2020, at 17:59, Simon Kelley wrote:
>> >> On 19/03/2020 21:47, Jake Howard wrote:
>> >> > Hello!
>> >> > 
>> >> > Is `localise-queries` meant to work against entries added via 
>> >> > `addn-hosts`? Querying a record returns both IPs, but always in the
>> >> same 
>> >> > order. The order is correctly fixed when the records are put in 
>> >> > `/etc/hosts` directly.
>> >>
>> >>
>> >> Yes, localise-queries  works with entries added via addn-hosts, but it
>> >> doesn't have anything to do with the order that records appear, so that
>> >> doesn't address your problem. What are you trying to achieve?
>> >>
>> >>
>> >> Simon.
>> >>
>> >>
>> >> > 
>> >> > Config:
>> >> > 
>> >> > ```
>> >> > localise-queries
>> >> > no-resolv
>> >> > cache-size=10000
>> >> > log-queries
>> >> > log-facility=/var/log/pihole.log
>> >> > local-ttl=2
>> >> > log-async
>> >> > server=8.8.8.8
>> >> > server=8.8.4.4
>> >> > server=1.1.1.1
>> >> > server=1.0.0.1
>> >> > interface=eth0
>> >> > server=/use-application-dns.net/
>> >> > 
>> >> > addn-hosts=/etc/vpn-hosts.conf
>> >> > localise-queries
>> >> > 
>> >> > ```
>> >> > 
>> >> > This is from pihole, but AFAIK that shouldn't make a difference
>> if I'm 
>> >> > modifying the config directly.
>> >> > 
>> >> > Would appreciate some input, or being told i'm wrong!
>> >> > 
>> >> > Thanks,
>> >> > 
>> >> > - Jake Howard
>> >> > 
>> >> > 
>> >> > 
>> >> > 
>> >> > _______________________________________________
>> >> > Dnsmasq-discuss mailing list
>> >> > Dnsmasq-discuss@lists.thekelleys.org.uk
>> >> > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>> >> > 
>> >>
>> >>
>> >> _______________________________________________
>> >> Dnsmasq-discuss mailing list
>> >> Dnsmasq-discuss@lists.thekelleys.org.uk
>> >> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>> >>
>> > 
>> > 
>> > _______________________________________________
>> > Dnsmasq-discuss mailing list
>> > Dnsmasq-discuss@lists.thekelleys.org.uk
>> > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>> > 
>>
>>
>> _______________________________________________
>> Dnsmasq-discuss mailing list
>> Dnsmasq-discuss@lists.thekelleys.org.uk
>> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>>
> 
> 
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> 


_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Reply via email to