[Dnsmasq-discuss] Reverse IPv6 domain issue
Hi,
I think I've come across a bug with how the domain is determined for reverse
lookups for IPv6 addresses. Having set a domain config with my domain name and
IPv6 prefix I was correctly seeing the domain passed to the clients via DHCPv6,
but DNS lookups on the IPv6 returned my fallback domain.
Having checked the source code I think the problem is in the read_leases
function. For IPv6 is appears to be trying to find the domain based on the
hwaddr instead of the IPv6 address. I've recompiled with the below patch and
I'm now getting the expected domain.
Please review and apply the fix as necessary.
--- dnsmasq/src/lease.c 2018-06-08 22:32:29.486011028 +
+++ dnsmasq/src/lease.c 2018-06-08 22:33:31.118012520 +
@@ -87,7 +87,7 @@
if ((lease = lease6_allocate(, lease_type)))
{
lease_set_iaid(lease, strtoul(s, NULL, 10));
- domain = get_domain6((struct in6_addr *)lease->hwaddr);
+ domain = get_domain6(>addr6);
}
}
#endif
Regards,
Paul
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] Caching optimization
I monitoring the caching of dnsmasq and having set the max value of 3600 for all of the ttl options in the conf file I was wondering how come some CNAME entries are not cached in the same way A records are? Is there a way to enable caching for these cname records so the next time they are queried by clients they fall under cache rules like A records? Also I was hoping to overcome the max value of 3600 for min-cache-ttl settings can you point me where to remove that from the source? thanks in advance ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] [PATCH] dnsmasq.8: uniform formatting style for options
Hi, The following patch on top of current master commit 090856c7e6 causes consistent formatting for all options: * Always use the long option form, except when options are introduced. * Render options in bold, with '--' prefix. Cheers, Peter Pöschl -- diff --git a/man/dnsmasq.8 b/man/dnsmasq.8 index c7e6c88..bf83a74 100644 --- a/man/dnsmasq.8 +++ b/man/dnsmasq.8 @@ -53,13 +53,13 @@ will display DHCPv6 options. Don't read the hostnames in /etc/hosts. .TP .B \-H, --addn-hosts= -Additional hosts file. Read the specified file as well as /etc/hosts. If -h is given, read +Additional hosts file. Read the specified file as well as /etc/hosts. If \fB--no-hosts\fP is given, read only the specified file. This option may be repeated for more than one additional hosts file. If a directory is given, then read all the files contained in that directory. .TP .B --hostsdir= Read all the hosts files contained in the directory. New or changed files -are read automatically. See --dhcp-hostsdir for details. +are read automatically. See \fB--dhcp-hostsdir\fP for details. .TP .B \-E, --expand-hosts Add the domain to simple names (without a period) in /etc/hosts @@ -76,7 +76,7 @@ reduce the load on the server at the expense of clients using stale data under some circumstances. .TP .B --dhcp-ttl= -As for --local-ttl, but affects only replies with information from DHCP leases. If both are given, --dhcp-ttl applies for DHCP information, and --local-ttl for others. Setting this to zero eliminates the effect of --local-ttl for DHCP. +As for \fB--local-ttl\fP, but affects only replies with information from DHCP leases. If both are given, \fB--dhcp-ttl\fP applies for DHCP information, and \fB--local-ttl\fP for others. Setting this to zero eliminates the effect of \fB--local-ttl\fP for DHCP. .TP .B --neg-ttl= Negative replies from upstream servers normally contain time-to-live @@ -115,7 +115,7 @@ don't change user id, generate a complete cache dump on receipt on SIGUSR1, log to stderr as well as syslog, don't fork new processes to handle TCP queries. Note that this option is for use in debugging only, to stop dnsmasq daemonising in production, use -.B -k. +.B --keep-in-foreground. .TP .B \-q, --log-queries Log the results of DNS queries handled by dnsmasq. Enable a full cache dump on receipt of SIGUSR1. If the argument "extra" is supplied, ie @@ -191,7 +191,6 @@ Dnsmasq picks random ports as source for outbound queries: when this option is given, the ports used will always be lower than that specified. Useful for systems behind firewalls. .TP - .B \-i, --interface= Listen only on the specified interface(s). Dnsmasq automatically adds the loopback (local) interface to the list of interfaces to use when @@ -250,8 +249,8 @@ addresses associated with the interface. .B --local-service Accept DNS queries only from hosts whose address is on a local subnet, ie a subnet for which an interface exists on the server. This option -only has effect if there are no --interface --except-interface, ---listen-address or --auth-server options. It is intended to be set as +only has effect if there are no \fB--interface\fP, \fB--except-interface\fP, +\fB--listen-address\fP or \fB--auth-server\fP options. It is intended to be set as a default on installation, to allow unconfigured installations to be useful but also safe from being used for DNS amplification attacks. .TP @@ -294,10 +293,10 @@ addresses appear, it automatically listens on those (subject to any access-control configuration). This makes dynamically created interfaces work in the same way as the default. Implementing this option requires non-standard networking APIs and it is only available -under Linux. On other platforms it falls-back to --bind-interfaces mode. +under Linux. On other platforms it falls-back to \fB--bind-interfaces\fP mode. .TP .B \-y, --localise-queries -Return answers to DNS queries from /etc/hosts and --interface-name which depend on the interface over which the query was +Return answers to DNS queries from /etc/hosts and \fB--interface-name\fP which depend on the interface over which the query was received. If a name has more than one address associated with it, and at least one of those addresses is on the same subnet as the interface to which the query was sent, then return only the @@ -402,7 +401,7 @@ these services. .B --rebind-domain-ok=[]|[[//[/] Do not detect and block dns-rebind on queries to these domains. The argument may be either a single domain, or multiple domains surrounded -by '/', like the --server syntax, eg. +by '/', like the \fB--server\fP syntax, eg. .B --rebind-domain-ok=/domain1/domain2/domain3/ .TP .B \-n, --no-poll @@ -421,14 +420,13 @@ from /etc/hosts or DHCP then a "not found" answer is returned. .TP .B \-S, --local, --server=[/[]/[domain/]][[#][@|[#]] Specify IP address of upstream servers directly. Setting this flag does -not suppress reading of /etc/resolv.conf,
[Dnsmasq-discuss] Dnsmasq stops caching for a while on receive of failed or retried lookup?
Hello, Running dnsmasq with these options: /usr/sbin/dnsmasq -k --cache-size=50 --log-facility=- --user=nobody --group=nobody --no-hosts --neg-ttl=60 --max-ttl=240 --max-cache-ttl=300 No local dnsmasq config file so that's literally all the config other than defaults applied by dnsmasq dnsmasq -v Dnsmasq version 2.78 Copyright (c) 2000-2017 Simon Kelley Compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth no-DNSSEC loop-detect inotify This is something running running in Kubernetes, they run as sidekick containers to the main application container. I have 5x of the same deployment running in the cluster, so they're all at the same versions and receiving equal amounts of traffic via load balancing. They all talk to the same endpoints outbound and do the same work load etc. I've sent sigusr1 signal to all of the 5x pods individually with a 60 second interval between sending the signal and this was the output (all pods have been running for approx 48 hours bar pod4 which has been running less hours): pod1 I0608 15:10:30.222091 1 nanny.go:116] dnsmasq[19]: time 1528470630 I0608 15:10:30.222843 1 nanny.go:116] dnsmasq[19]: cache size 50, 0/2267390 cache insertions re-used unexpired cache entries. I0608 15:10:30.222862 1 nanny.go:116] dnsmasq[19]: queries forwarded 3218532, queries answered locally 3179484 I0608 15:10:30.222868 1 nanny.go:116] dnsmasq[19]: queries for authoritative zones 0 I0608 15:10:30.222874 1 nanny.go:116] dnsmasq[19]: server 10.227.240.10#53: queries sent 3218532, retried or failed 16 I0608 15:11:34.998127 1 nanny.go:116] dnsmasq[19]: time 1528470694 I0608 15:11:34.998169 1 nanny.go:116] dnsmasq[19]: cache size 50, 0/2267416 cache insertions re-used unexpired cache entries. I0608 15:11:34.998175 1 nanny.go:116] dnsmasq[19]: queries forwarded 3218560, queries answered locally 3182486 I0608 15:11:34.998180 1 nanny.go:116] dnsmasq[19]: queries for authoritative zones 0 I0608 15:11:34.998184 1 nanny.go:116] dnsmasq[19]: server 10.227.240.10#53: queries sent 3218560, retried or failed 16 pod2 I0608 15:10:30.888610 1 nanny.go:116] dnsmasq[18]: time 1528470630 I0608 15:10:30.888674 1 nanny.go:116] dnsmasq[18]: cache size 50, 0/197436 cache insertions re-used unexpired cache entries. I0608 15:10:30.888705 1 nanny.go:116] dnsmasq[18]: queries forwarded 240814, queries answered locally 6156846 I0608 15:10:30.888739 1 nanny.go:116] dnsmasq[18]: queries for authoritative zones 0 I0608 15:10:30.888768 1 nanny.go:116] dnsmasq[18]: server 10.227.240.10#53: queries sent 240814, retried or failed 4 I0608 15:11:35.909168 1 nanny.go:116] dnsmasq[18]: time 1528470695 I0608 15:11:35.909206 1 nanny.go:116] dnsmasq[18]: cache size 50, 0/197465 cache insertions re-used unexpired cache entries. I0608 15:11:35.909211 1 nanny.go:116] dnsmasq[18]: queries forwarded 240843, queries answered locally 6159789 I0608 15:11:35.909216 1 nanny.go:116] dnsmasq[18]: queries for authoritative zones 0 I0608 15:11:35.909219 1 nanny.go:116] dnsmasq[18]: server 10.227.240.10#53: queries sent 240843, retried or failed 4 pod3 I0608 15:10:31.492089 1 nanny.go:116] dnsmasq[20]: time 1528470631 I0608 15:10:31.492127 1 nanny.go:116] dnsmasq[20]: cache size 50, 0/63615 cache insertions re-used unexpired cache entries. I0608 15:10:31.492132 1 nanny.go:116] dnsmasq[20]: queries forwarded 45974, queries answered locally 6344157 I0608 15:10:31.492137 1 nanny.go:116] dnsmasq[20]: queries for authoritative zones 0 I0608 15:10:31.492143 1 nanny.go:116] dnsmasq[20]: server 10.227.240.10#53: queries sent 45974, retried or failed 1 I0608 15:11:36.948015 1 nanny.go:116] dnsmasq[20]: time 1528470696 I0608 15:11:36.948083 1 nanny.go:116] dnsmasq[20]: cache size 50, 0/63648 cache insertions re-used unexpired cache entries. I0608 15:11:36.948138 1 nanny.go:116] dnsmasq[20]: queries forwarded 46004, queries answered locally 6347223 I0608 15:11:36.948188 1 nanny.go:116] dnsmasq[20]: queries for authoritative zones 0 I0608 15:11:36.948219 1 nanny.go:116] dnsmasq[20]: server 10.227.240.10#53: queries sent 46004, retried or failed 1 pod4 I0608 15:10:32.290488 1 nanny.go:116] dnsmasq[24]: time 1528470632 I0608 15:10:32.290564 1 nanny.go:116] dnsmasq[24]: cache size 50, 0/1358169 cache insertions re-used unexpired cache entries. I0608 15:10:32.290597 1 nanny.go:116] dnsmasq[24]: queries forwarded 1937179, queries answered locally 741609 I0608 15:10:32.290629 1 nanny.go:116] dnsmasq[24]: queries for authoritative zones 0 I0608 15:10:32.290652 1 nanny.go:116] dnsmasq[24]: server 10.227.240.10#53: queries sent 1937179, retried or failed 7 I0608 15:11:38.032330 1 nanny.go:116] dnsmasq[24]: time 1528470698 I0608 15:11:38.032374 1
Re: [Dnsmasq-discuss] [PATCH] Warn about the impact of cache-size on performance
On Thu, May 31, 2018 at 02:18:39PM +0200, Geert Stappers wrote: > On Sun, May 20, 2018 at 10:14:34PM +0200, Geert Stappers wrote: > > On Fri, May 11, 2018 at 11:43:02PM +0100, Simon Kelley wrote: > > > On 09/05/18 12:13, Geert Stappers wrote: > > > > 3 files changed, 5 insertions(+), 3 deletions(-) > > > > > > > > Note that this patch contains non-ASCII characters, > > > > those might be mangled during transport ... > > > > > > They were, please could you resend an attachment? > > > > # git clone git://thekelleys.org.uk/dnsmasq.git > > cd dnsmasq/ > > git remote add stappers http://stappers.it/git/dnsmasq > > git fetch stappers > } git branch --remote > > git checkout -b stappers/warn_cache_size stappers/warn_cache_size > > git diff master > > git checkout master > > git merge stappers/warn_cache_size > } git branch -d stappers/warn_cache_size > } git remote remove stappers > > reminder by retransmit It became http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=7dcca6c62211e60905e2252a185bede909391877 Groeten Geert Stappers -- Leven en laten leven ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] Unable to log dns queries
Hi, I've configured dnsmasq v. 2.71 in order to provide dns services for two different interfaces (ethernet and wifi) but i'm not able to log dns queries performed through wifi interface (the eht0 one works well). I've enabled the following log rules in dnsmasq.conf log-dhcp log-queries log-facility=/var/log/dnsmasq.log If I'm using eth0 interface I see dhcp and dns logs in "real time". However I see only dhcp logs if wifi interface is used. I've also noticed a strange behavior: if tcpdump is in listening mode (tcpdump -i wlan0), all dns logs are written in dnsmaq.log. How can I configure dnsmasq in order to see dns logs for all interfaces? Thanks ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
