Apologies if this turns out to be trivial, but getting dnsmasq to work
has completely frustrated and defeated me, after days of faffing around.
I have a bunch of apache named vhosts on a server, and need to access
them from other devices. To date, I’ve done this via /etc/hosts on each
device. However, an iPad, iPhone and Samsung tablet now also need
access, hence looking at dnsmasq.
The Problem: I cannot access any of the vhosts from any of the other
devices on the LAN. Works perfectly on the server, but then it also
worked just fine via /etc/hosts before installing dnsmasq.
Vast amounts of reading, postings to Serverfault, AskFedora, plus
various friends have resulted in endless tweaks and fiddles, confusing
things ever more.
I should stress that I know less than nothing about network admin.
The current objective is to run dnsmasq as a DNS server only, leaving
the router to assign DHCP leases as it sees fit. So all *.lan queries
from devices on the LAN should end up at the dnsmasq server. All non
*.lan queries should go to the router and on to the world.
The eventual objective is to set up a VPN, but baby steps!
I've disabled the NetworkManager dnsmasq plugin, and run the process
with $ systemctl start dnsmasq.service
systemd-resolved seems to be completely out of the picture:
$ netstat -tulpn | grep ":53 "
tcp/udp 0 0 192.168.178.9:53 0.0.0.0:* LISTEN [pid]/dnsmasq
tcp/udp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN [pid]/dnsmasq
... ...
I don't think it's a firewall issue:
$ firewall-cmd --zone=FedoraWorkstation --list-services
dhcpv6-client http https mdns mysql samba-client ssh ...
When dnsmasq starts up, journalctl msgs are generated:
reading /etc/resolv.conf
ignoring nameserver 192.168.178.9 - local interface
using nameserver 192.168.178.1#53 (router)
Turning log-queries on results in vast numbers of journalctl msgs:
server.lan dnsmasq[pid]: query[AAAA] docs.fedoraproject.org from 192.168.178.9
server.lan dnsmasq[pid]: forwarded docs.fedoraproject.org to 192.168.178.1
server.lan dnsmasq[pid]: reply docs.fedoraproject.org is <CNAME>
server.lan dnsmasq[pid]: reply wildcard.fedoraproject.org is
2605:bc80:3010:600:dead:beef:cafe:fed9 (ha ha!)
Dig output on the server:
; <<>> DiG 9.16.28-RH <<>> vhost1.lan
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12212
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;vhost1.lan. IN A
;; ANSWER SECTION:
vhost1.lan. 0 IN A 192.168.178.9
;; Query time: 0 msec
;; SERVER: 192.168.178.9#53(192.168.178.9)
;; WHEN: Sun May 22 21:22:47 CEST 2022
;; MSG SIZE rcvd: 55
journalctl msgs generated from dig vhost1.lan on the server:
server.lan dnsmasq[pid]: query[A] vhost1.lan from 192.168.178.9
server.lan dnsmasq[pid]: /etc/hosts vhost.lan is 192.168.178.9
I am beginning to wonder if the Fritzbox is getting in the way somehow,
with its naming schema. Irritatingly, it slaps ".fritz.box" onto the
end of some devices - and afaik it can't be changed. So
"server.mydomain.lan" becomes "server.fritz.box. Example run on on the
laptop:
laptop$ dig server.mydomain.lan
; <<>> DiG 9.16.24-RH <<>> server.mydomain.lan
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9628
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;server.mydomain.lan. IN A
;; AUTHORITY SECTION:
. 1894 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022052201
1800 900 604800 86400
;; SERVER: 127.0.0.53#53(127.0.0.53)
But:
laptop$ dig server.fritz.box
; <<>> DiG 9.16.24-RH <<>> server.fritz.box
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46068
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;server.fritz.box. IN A
;; ANSWER SECTION:
server.fritz.box. 9 IN A 192.168.178.9
;; AUTHORITY SECTION:
server.fritz.box. 9 IN NS fritz.box.
;; ADDITIONAL SECTION:
fritz.box. 9 IN A 192.168.178.1
;; SERVER: 127.0.0.53#53(127.0.0.53)
---- System --------------------------
Fedora 35, installed Nov.2021
Linux 5.15.5-200.fc35.x86_64
dnsmasq v 2.86
/etc/hosts:
127.0.0.1 localhost localhost.localdomain
::1 localhost localhost.localdomain
192.168.178.9 server.mydomain.lan
192.168.178.10 laptop.mydomain.lan
192.168.178.9 vhost1.lan
192.168.178.9 vhost2.lan
Router: Fritzbox 7490
Local DNS Server: 192.168.178.9
/etc/NetworkManager/NetworkManager.conf
[main]
dns=none
/etc/systemd/resolved.conf
DNS=192.168.178.9
DNSStubListener=no
/etc/resolv.conf -> /run/systemd/resolve/stub-resolv.conf
nameserver 192.168.178.9
nameserver 192.168.178.9
nameserver 192.168.178.1
search localhost
NM config for IPv4 wlp5s0 (wifi conn on server)
Method: Manual
Address: 192.168.178.9/24
Gateway: 192.168.178.1 (router)
DNS Servers: 192.168.178.9 (server)
Search domains: localhost
/etc/dnsmasq.conf:
domain-needed
bogus-priv
local=/lan/
address=/lan/192.168.178.9
address=/lan/127.0.0.1
interface=wlp5s0 (wifi)
listen-address=127.0.0.1
no-dhcp-interface=wlp5s0
bind-interfaces
_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss