On Fri, Apr 11, 2025 at 03:59:30PM +0200, Opty wrote: > Hello, > > using dnsmasq 2.90 on Slackware 15.0 (32-bit), about a week ago > reverse lookups suddenly stopped working with DNSSEC enabled: > > opty@vodopnik:~$ host 158.194.80.13 > ;; Truncated, retrying in TCP mode. > ;; communications error to 127.0.0.1#53: timed out > ;; communications error to 127.0.0.1#53: timed out > ;; no servers could be reached > > I upgraded to 2.91 which didn't help much, just the truncation message > went gone. So I tried to comment edns-packet-max=1232, then enable > dnssec-check-unsigned but that didn't help either. > > Finally, I upgraded to 2.92test2 but still no joy. > > Currently working /etc/dnsmasq.conf: > > domain-needed > bogus-priv > conf-file=/usr/share/dnsmasq/trust-anchors.conf > no-resolv > server=9.9.9.9 > server=149.112.112.112 > listen-address=127.0.0.1,192.168.1.254,10.0.5.1 > no-dhcp-interface=127.0.0.1,192.168.1.254 > bind-interfaces > dhcp-range=10.0.5.100,10.0.5.249,12h > dhcp-host=rr:ee:dd:aa:cc:tt,10.0.5.128 > dhcp-option=option:ntp-server,10.0.5.1 > dhcp-option=option:dns-server,10.0.5.1 > edns-packet-max=1232 > > I suspect my ISP of some change and in case of your interest I would > appreciate some guidance on debugging this, preferably > non-interruptive.
At dnsmasq side: enable query logging. At "client side" example given: `host 158.194.80.13 192.168.1.254`, that is to force `host` to use dnsmasq (address taken from above config) Forcing a DNSserver rules out that "/etc/resolv.conf magic" is being used. Groeten Geert Stappers -- Silence is hard to parse _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
