Re: [Dnsmasq-discuss] DNSMasq as secondary server

[Donald Muller]

Probably helpful if you provided your configuration.

From: Dnsmasq-discuss  on 
behalf of Michel DIEMER via Dnsmasq-discuss 

Sent: Wednesday, December 13, 2023 11:28:03 AM
To: dnsmasq-discuss@lists.thekelleys.org.uk 

Subject: [Dnsmasq-discuss] DNSMasq as secondary server

‌
‌
‌
‌Dear dnsmasq user,

I have a domain let's claim that it is somedomain.com

I own that domain and it is officially registred and the name servers for that 
domain are on the Internet.

There is a physical server with two network interfaces, one connected to the 
Internet and one connected to the local network.

dnsmasq is running on that server.

My ISP does not support IPv6. IPv6 is not disabled but not properly configured. 
IPv4 is configured.


The web ports (80 and 443) are redirected to the web server of the local 
network. Only the server with dnsmasq and the web server are accessible from 
the Internet. Other computers are not and should not.

So when I type "https://somedomain.com; from any web browser, from the local 
network or from the Internet, the website is loaded from the internet server on 
the local network.


Now I have several computers on the local network and dnsmasq is configured for 
the domain "somedomain.com".


The domain of the localnetwork is "somedomain.com".

Now when I ping a computer on the Interneet from the local network it is 
working fine, using some publc DNS.


The problem is when I want to "ping somecomputer.somedimain.com".

If "somecomputer" is on the lan I want dnsmasq to give the private, local IP 
address.

If "somecomputer" is not on the lan, dnsmasq may use the public name server as 
anyone who is on the Internet.


"ping computer1.somedomain.com" -> local IP address, fine

"ping computer2.somedomain.com" -> tries to find computer2 on the WAN using the 
public IPv4 address. Not working. dnsmasq should find computer2.

"ping somedomain.com" -> should return either the public Internet IP address of 
the domain or the local IP address of the local dns server. Works fine from 
Internet but not from the internal network.

"ping google.fr" -> works find, using public DNS


If it is not supposed to work I will replace dnsmasq setting from 
domain=somedomain.com to domain=lan.somedomain.com or domain=somedomain.lan. 
Except the web server, other computers on the local network are not supposed to 
be visible from the Internet.
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Caching of HTTPS and SVCB records

[Donald Muller]

While cache-rr is documented in the link you provided, cache-rr=any is not 
documented.

As per Dominik.

chaching of arbitrary types has been added this year in March and is
available in the latest master code (option --cache-rr). You can even
add --cache-rr=ANY to cache all records.



From: Eric Fahlgren 
Sent: Friday, December 8, 2023 11:18 AM
To: Donald Muller 
Cc: Dominik Derigs ; ebahapo+dnsm...@gcc.gnu.org; 
dnsmasq-discuss@lists.thekelleys.org.uk
Subject: Re: [Dnsmasq-discuss] Caching of HTTPS and SVCB records


On Fri, Dec 8, 2023 at 6:42 AM Donald Muller 
mailto:donmulle...@outlook.com>> wrote:
I do not see this in the man page.

https://thekellys.org.uk/dnsmasq/docs/dnsmasq-man.htm<https://thekellys.org.uk/dnsmasq/docs/dnsmasq-man.html>

Yes.  It's not released yet so you have to look on the 'all-rr-type' branch:

https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob;f=man/dnsmasq.8;h=acb78df891320e41c84e4f5aa4b92d295ef22b19;hb=refs/heads/all-rr-type#l382


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Caching of HTTPS and SVCB records

[Donald Muller]

Thanks. I think the on-line man page needs to be updated. The one listed is 
from Oct 2021 and I’m sure there have been updates since then that have been 
released.

Section: Maintenance Commands (8)
Updated: 2021-08-16

From: Eric Fahlgren 
Sent: Friday, December 8, 2023 11:18 AM
To: Donald Muller 
Cc: Dominik Derigs ; ebahapo+dnsm...@gcc.gnu.org; 
dnsmasq-discuss@lists.thekelleys.org.uk
Subject: Re: [Dnsmasq-discuss] Caching of HTTPS and SVCB records


On Fri, Dec 8, 2023 at 6:42 AM Donald Muller 
mailto:donmulle...@outlook.com>> wrote:
I do not see this in the man page.

https://thekellys.org.uk/dnsmasq/docs/dnsmasq-man.htm<https://thekellys.org.uk/dnsmasq/docs/dnsmasq-man.html>

Yes.  It's not released yet so you have to look on the 'all-rr-type' branch:

https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob;f=man/dnsmasq.8;h=acb78df891320e41c84e4f5aa4b92d295ef22b19;hb=refs/heads/all-rr-type#l382


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Caching of HTTPS and SVCB records

[Donald Muller]

I do not see this in the man page.

https://thekellys.org.uk/dnsmasq/docs/dnsmasq-man.html

From: Dnsmasq-discuss  on 
behalf of Dominik Derigs via Dnsmasq-discuss 

Sent: Thursday, December 7, 2023 10:35:25 PM
To: ebahapo+dnsm...@gcc.gnu.org ; 
dnsmasq-discuss@lists.thekelleys.org.uk 

Subject: Re: [Dnsmasq-discuss] Caching of HTTPS and SVCB records

Hey Evandro,

chaching of arbitrary types has been added this year in March and is
available in the latest master code (option --cache-rr). You can even
add --cache-rr=ANY to cache all records.

See
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=638c7c4d20004c0f320820098e29df62a27dd2a1
and
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=c244d92d8a3f96e3a16b53f733190faa17004ae3

and the corresponding man page entry:

--cache-rr=[,...]
By default, dnsmasq caches A, , CNAME and SRV DNS record types.
This option adds other record types to the cache. The RR-type can be
given as a name such as TXT or MX or a decimal number. A single --cache-
rr option can take a comma-separated list or RR-types and more than one
--cache-rr option is allowed. Use --cache-rr=ANY to enable caching for
all RR-types.

This feature is included in the current Pi-hole v6.0 beta testing to get
a wide testing audience (it is enabled to cache ANY in Pi-hole) but more
testing is always welcome!

Best,
Dominik

On Thu, 2023-12-07 at 14:05 -0600, Evandro Menezes via Dnsmasq-discuss
wrote:
> Current OSes are now using the HTTPS record to query the addresses and the 
> canonical name, as well other information important to browsers, rather than 
> using the A and  records as they used to.
>
> In my anecdotal experience, HTTPS queries amount to over a third of the 
> queries.  It might make sense to cache their replies, if not to decode them 
> and also populate the cache with any information for A,  and CNAME the 
> they may contain.
>
> Another record that is rising in usage in SVCB, primarily by browsers and IoT 
> devices, to discover the DNS resolvers for DNS over HTTPS, DNS over TLS and 
> DNS over QUIC.  Along with HTTPS, it would be interesting to add a 
> configuration option for these records.
>
> If these suggestions are considered worthwhile, I’d be glad to contribute 
> patches.
>
> Cheers,
>


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Syntax for multiple listen addresses

[Donald Muller]

There is a tag set with the name of the interface automatically for each 
request. You can use this tag to set the options for each interface. It is 
documented in the man page.

Sent from my iPhone. Please excuse typos and autocorrection errors.

“One of the saddest lessons of history is this: If we’ve been bamboozled long 
enough, we tend to reject any evidence of the bamboozle. We’re no longer 
interested in finding out the truth. The bamboozle has captured us. It’s simply 
too painful to acknowledge, even to ourselves, that we’ve been taken. Once you 
give a charlatan power over you, you almost never get it back.” - Carl Sagan

From: Dnsmasq-discuss  on 
behalf of Chris Green 
Sent: Monday, July 17, 2023 10:56:42 AM
To: dnsmasq-discuss@lists.thekelleys.org.uk 

Subject: [Dnsmasq-discuss] Syntax for multiple listen addresses

I'm sure this must be in the man page somewhere but I can't find it.
If dnsmasq is to listen on more than one address how do you put this
in the configuration file?

I.e. is it:-
listen-address=192.168.1.2,127.0.0.1

or is it:-
listen-address=192.168.1.2
listen-address=127.0.0.1

Or will either work?

--
Chris Green

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Need help on configuring dnsmasq

[Donald Muller]

Sent from my iPhone. Please excuse typos and autocorrection errors.


From: Dnsmasq-discuss  on 
behalf of Gary R. Schmidt 
Sent: Monday, May 8, 2023 11:47 AM
To: dnsmasq-discuss@lists.thekelleys.org.uk 

Subject: Re: [Dnsmasq-discuss] Need help on configuring dnsmasq

On 09/05/2023 00:10, Buck Horn wrote:
> On 08.05.2023 15:00:22, "public1020" wrote:
>
>> Thanks, dnsmasq does not support this feature.
>
> Why would you think so when you have been pointed to the correct answer
> from the docs?
>
> Matus UHLAR even quoted the decisive sentence for you:
>
>
>>> it does and the answer is listed in dnsmasq manual page, just where you
>>> would search for it:
>>> -A, --address=/[/...]/[]
>>> ... Note that /etc/hosts and DHCP leases override this for individual
>>> name
>
>
> 'address' would specify an IP address to return for any host in the
> given domains, i.e. including subdomains, so its not fit to satisfy your
> original request about an individual host name, e.g. for shadowing only
> example.com, but none of its subdomains.
>
> As the docs quoted by Matus UHLAR**state, you may use entries in
> /etc/hosts to that purpose:
> Just add some lines with the desired IP and hostname associations to
> that file.
>
> Of course, that may only work if you wouldn't prevent dnsmasq from
> reading /etc/hosts.
> So if your dnsmasq configuration would use the 'no-hosts' option (or if
> you'd just like to keep things separated), you could configure
> 'addn-hosts' to point dnsmasq to a separate file with your custom host
> definitions.
>
I will re-state all of this, to see if I have it right:

The OP wants example.com to return 1.2.3.4, but *.example.com to go up
the DNS tree and return the actual IP address.

Using -A/--address doesn't do this, it replies with 1.2.3.4 for
*.example.com as well as example.com, as documented (and presumably as
intended).

Setting example.com to be 1.2.3.4 in /etc/hosts or similar, and not
fiddling around with -A/--address should give the OP the required behaviour.

Is that an accurate summation?

Cheers,
GaryB-)

Might try host-record=example.com,1.2.3.4




___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Implement --no-dns-interface?

[Donald Muller]

For those Vlans set the DNS addresses to the other DNS servers.

Sent from my iPhone. Please excuse typos and autocorrection errors.

“One of the saddest lessons of history is this: If we’ve been bamboozled long 
enough, we tend to reject any evidence of the bamboozle. We’re no longer 
interested in finding out the truth. The bamboozle has captured us. It’s simply 
too painful to acknowledge, even to ourselves, that we’ve been taken. Once you 
give a charlatan power over you, you almost never get it back.” - Carl Sagan

From: Dnsmasq-discuss  on 
behalf of Tony Zhou 
Sent: Thursday, April 20, 2023 9:18:51 PM
To: dnsmasq-discuss@lists.thekelleys.org.uk 

Subject: [Dnsmasq-discuss] Implement --no-dns-interface?

Hi,

I am running dnsmasq 2.86 on openwrt, and have multiple vlans in my
network. dnsmasq works great for dhcp purposes (for both dynamic and
static leases) that I need for all interfaces/vlans. However, some of
the vlans I do not need/want to have dnsmasq providing dns, but another
dns server for content filtering purposes.

I'd prefer to keep both dns servers on the same host/router, but the way
dnsmasq works, either binding to interfaces, or wildcard, binds to all
port 53, so that the 2nd dns server can't bind.

It appears that when dnsmasq is set to bind to interfaces, it has to
either offer both dns and dhcp, or skip dhcp by "--no-dhcp-interface"
argument, but there is no counterpart "--no-dns-interface".

Setting port=0 disables dns service on all interfaces, which is not what
I wanted as well.

I did found there were two discussions regarding this:

https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2011q4/005335.html

https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q3/015429.html

Running two instances of dnsmasq doesn't resolve this issue, since I
still rely on dnsmasq's dhcp.


Thanks.



___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] How to set no gateway

[Donald Muller]

> -Original Message-
> From: Dnsmasq-discuss 
> On Behalf Of Geert Stappers
> Sent: Friday, February 24, 2023 4:18 PM
> To: dnsmasq-discuss@lists.thekelleys.org.uk
> Subject: Re: [Dnsmasq-discuss] How to set no gateway
> 
> On Fri, Feb 24, 2023 at 04:54:28AM +, Donald Muller wrote:
> >
> > I have two networks. One is a 1GB routable network. The other is a 2.5GB
> > private, non-routable network. The DHCP server (dnsmasq) is attached
> > to both networks and all addresses are assigned via DHCP. The address
> > on the private network all have reservations. DHCP is working fine
> > and addresses are properly assigned. The issue I am having is that I
> > don't want the private network to have a default gateway. Is there a
> > way via DHCP to tell the client to net set a default gateway when the
> > IP configuration information is sent?
> 
> Usually, if not always, goes default gateway in the reply DHCP packets.
> 
> For the "private network"  play with configuring 0.0.0.0  or a
> non-existing host on that network as default gateway.
> 

I tried 0.0.0.0 and before I discovered that the man page states - "The special 
address 0.0.0.0 is taken to mean "the address of the machine running dnsmasq"."

Matus UHLAR provide the solution by specifying 

DHCP-OPTION=3

With no parameters.


> 
> > This may or may not be a dnsmasq question/issue.
> 
> Please make it a dnsmasq thingy by reporting what works for you.
> 
> 
> > If not, sorry for the noise.
> 
> Just transmit what you consider as a valid message
> and let the recieving end decide whether it is noise.
> 
> 
> Groeten
> Geert Stappers
> --
> Silence is hard to parse
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] How to set no gateway

[Donald Muller]

> -Original Message-
> From: Dnsmasq-discuss 
> On Behalf Of Matus UHLAR - fantomas
> Sent: Friday, February 24, 2023 5:46 AM
> To: dnsmasq-discuss@lists.thekelleys.org.uk
> Subject: Re: [Dnsmasq-discuss] How to set no gateway
> 
> On 24.02.23 04:54, Donald Muller wrote:
> > This may or may not be a dnsmasq question/issue. If not, sorry for the
> noise.
> 
> > I have two networks.  One is a 1GB routable network.  The other is a 2.5GB
> > private, non-routable network.  The DHCP server (dnsmasq) is attached to
> > both networks and all addresses are assigned via DHCP.  The address on
> the
> > private network all have reservations.  DHCP is working fine and addresses
> > are properly assigned.  The issue I am having is that I don't want the
> > private network to have a default gateway.  Is there a way via DHCP to
> > tell the client to net set a default gateway when the IP configuration
> > information is sent?
> 
> I have this in dnsmasq.conf file:
> 
> # Override the default route supplied by dnsmasq and send no default
> # route at all. Note that this only works for the options sent by
> # default (1, 3, 6, 12, 28) the same line will send a zero-length option
> # for all other option numbers.
> #dhcp-option=3
> 
> perhaps this helps

Thank you for responding Matus. It worked perfectly!

This behavior should really be documented.

Don

> --
> Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> 42.7 percent of all statistics are made up on the spot.
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] How to set no gateway

[Donald Muller]

This may or may not be a dnsmasq question/issue. If not, sorry for the noise.

I have two networks. One is a 1GB routable network. The other is a 2.5GB 
private, non-routable network. The DHCP server (dnsmasq) is attached to both 
networks and all addresses are assigned via DHCP. The address on the private 
network all have reservations. DHCP is working fine and addresses are properly 
assigned. The issue I am having is that I don't want the private network to 
have a default gateway. Is there a way via DHCP to tell the client to net set a 
default gateway when the IP configuration information is sent?
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] DHCP range for hostnames containing string

[Donald Muller]

Sorry. Misread and thought they were being assigned to the first range.

From: Craig Wright 
Sent: Monday, January 23, 2023 9:15:39 AM
To: Donald Muller 
Subject: Re: [Dnsmasq-discuss] DHCP range for hostnames containing string

Can you explain how this would help? The mbdevices are being assigned to the 
!known range, not the top range -

dhcp-range=tag:!known,192.168.0.11,192.168.0.20,255.255.255.0,12h

Thanks



On Monday, 23 January 2023 at 14:11:06 GMT, Donald Muller 
 wrote:


For your other IP range try this.

dhcp-range=tag:!mbdevices,192.168.0.2,192.168.0.10,255.255.255.0,12h


From: Dnsmasq-discuss  on 
behalf of Craig Wright via Dnsmasq-discuss 

Sent: Monday, January 23, 2023 4:28:50 AM
To: dnsmasq-discuss@lists.thekelleys.org.uk 

Subject: Re: [Dnsmasq-discuss] DHCP range for hostnames containing string

Update on this issue, but still not fully resolved

I received the following advice from Simon:

"> To set the mbdevices tag, you need to use dhcp-match to look for MB in
> the hostname option (which has number 12).
>> dhcp-match=set:mbdevices,12,MB
>> Almost works, but it will match MB anywhere in the host name.
> To match just the start, you need to get out your ASCII table and
> specify the first two bytes of the hostname
>> dhcp-match=set:mbdevices,12,4d:42
>> (4d = M, 42 = B)
> Not tested this, but it (or something like it) should work.
> Or dhcp-match=set:mbdevices,option:hostname,4d:42"


I have currently:

dhcp-range=192.168.0.2,192.168.0.10,255.255.255.0,12h
dhcp-range=tag:mbdevices,192.168.0.50,192.168.0.60,255.255.255.0,12h
dhcp-range=tag:!known,192.168.0.11,192.168.0.20,255.255.255.0,12h

and have tried each of the lines:

dhcp-match=set:mbdevices,option:hostname,MB
dhcp-match=set:mbdevices,option:hostname,4d:42
dhcp-match=set:mbdevices,12,MB
dhcp-match=set:mbdevices,12,4d:42
dhcp-name-match=set:mbdevices,MB*

and the devices with hostnames starting with MB are all being allocated to the 
!known range.
The log doesn't appear to show any errors, just that the devices were allocated 
an IP in the wrong range.

Log extract:

<
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 vendor class: MSFT 5.0
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 client provides name: MBA-4d5e7qJ
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 DHCPINFORM(epair0b) 192.168.0.12 
3c:21:9c:10:9d:48
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 tags: mbdevices, epair0b
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 DHCPACK(epair0b) 192.168.0.12 
3c:21:9c:10:9d:48 MBA-4d5e7qJ
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 requested options: 1:netmask, 
3:router, 6:dns-server, 15:domain-name,
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 requested options: 
31:router-discovery, 33:static-route, 43:vendor-encap,
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 requested options: 
44:netbios-ns, 46:netbios-nodetype, 47:netbios-scope,
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 requested options: 
119:domain-search, 121:classless-static-route,
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 requested options: 249, 252, 234
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 next server: 192.168.5.252
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 sent size:  1 option: 53 
message-type  5
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 sent size:  4 option: 54 
server-identifier  192.168.5.252
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 sent size:  4 option:  1 netmask 
 255.255.255.0
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 sent size:  4 option: 28 
broadcast  192.168.5.255
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 sent size:  4 option:  6 
dns-server  192.168.5.251
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 sent size:  4 option:  3 router  
192.168.5.1
Jan 20 15:11:09 dnsmasq-dhcp[54742]: 2797271231 available DHCP range: 
192.168.0.2 -- 192.168.0.10
Jan 20 15:11:09 dnsmasq-dhcp[54742]: 2797271231 available DHCP range: 
192.168.0.50 -- 192.168.0.60
Jan 20 15:11:09 dnsmasq-dhcp[54742]: 2797271231 available DHCP range: 
192.168.0.11 -- 192.168.0.20
>

dhcp-match=set:mbdevices,12,MB seems to work in that it applies the tag some of 
the devices but not others, but it puts them in the in the !known range

dhcp-match=set:mbdevices,12,4d:42 does not appear to work

dhcp-name-match=set:mbdevices,MB* appears to tag more consistently but still 
the devices do not get allocated to the mbdevices range.

Any help would be really appreciated.
Thanks




On Thursday, 19 January 2023 at 14:03:18 GMT, Craig Wright  wrote:


Hi,
I am trying to allocate all hosts that join my network with a hostname 
beginning 'MB' to a specific DHCP range.
After much internet research I can't find if there is a solution.
So far I have got:

dhcp-range=tag:mbdevices,192.168.0.50,192.168.0.60,255.255.255.0,12h

and have tried
dhcp-host=MB*,set:mbdevices
thinking I could try using a wildcard to add them to the ta

Re: [Dnsmasq-discuss] DHCP range for hostnames containing string

[Donald Muller]

For your other IP range try this.

dhcp-range=tag:!mbdevices,192.168.0.2,192.168.0.10,255.255.255.0,12h


From: Dnsmasq-discuss  on 
behalf of Craig Wright via Dnsmasq-discuss 

Sent: Monday, January 23, 2023 4:28:50 AM
To: dnsmasq-discuss@lists.thekelleys.org.uk 

Subject: Re: [Dnsmasq-discuss] DHCP range for hostnames containing string

Update on this issue, but still not fully resolved

I received the following advice from Simon:

"> To set the mbdevices tag, you need to use dhcp-match to look for MB in
> the hostname option (which has number 12).
>> dhcp-match=set:mbdevices,12,MB
>> Almost works, but it will match MB anywhere in the host name.
> To match just the start, you need to get out your ASCII table and
> specify the first two bytes of the hostname
>> dhcp-match=set:mbdevices,12,4d:42
>> (4d = M, 42 = B)
> Not tested this, but it (or something like it) should work.
> Or dhcp-match=set:mbdevices,option:hostname,4d:42"


I have currently:

dhcp-range=192.168.0.2,192.168.0.10,255.255.255.0,12h
dhcp-range=tag:mbdevices,192.168.0.50,192.168.0.60,255.255.255.0,12h
dhcp-range=tag:!known,192.168.0.11,192.168.0.20,255.255.255.0,12h

and have tried each of the lines:

dhcp-match=set:mbdevices,option:hostname,MB
dhcp-match=set:mbdevices,option:hostname,4d:42
dhcp-match=set:mbdevices,12,MB
dhcp-match=set:mbdevices,12,4d:42
dhcp-name-match=set:mbdevices,MB*

and the devices with hostnames starting with MB are all being allocated to the 
!known range.
The log doesn't appear to show any errors, just that the devices were allocated 
an IP in the wrong range.

Log extract:

<
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 vendor class: MSFT 5.0
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 client provides name: MBA-4d5e7qJ
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 DHCPINFORM(epair0b) 192.168.0.12 
3c:21:9c:10:9d:48
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 tags: mbdevices, epair0b
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 DHCPACK(epair0b) 192.168.0.12 
3c:21:9c:10:9d:48 MBA-4d5e7qJ
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 requested options: 1:netmask, 
3:router, 6:dns-server, 15:domain-name,
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 requested options: 
31:router-discovery, 33:static-route, 43:vendor-encap,
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 requested options: 
44:netbios-ns, 46:netbios-nodetype, 47:netbios-scope,
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 requested options: 
119:domain-search, 121:classless-static-route,
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 requested options: 249, 252, 234
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 next server: 192.168.5.252
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 sent size:  1 option: 53 
message-type  5
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 sent size:  4 option: 54 
server-identifier  192.168.5.252
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 sent size:  4 option:  1 netmask 
 255.255.255.0
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 sent size:  4 option: 28 
broadcast  192.168.5.255
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 sent size:  4 option:  6 
dns-server  192.168.5.251
Jan 20 15:06:01 dnsmasq-dhcp[54742]: 209364703 sent size:  4 option:  3 router  
192.168.5.1
Jan 20 15:11:09 dnsmasq-dhcp[54742]: 2797271231 available DHCP range: 
192.168.0.2 -- 192.168.0.10
Jan 20 15:11:09 dnsmasq-dhcp[54742]: 2797271231 available DHCP range: 
192.168.0.50 -- 192.168.0.60
Jan 20 15:11:09 dnsmasq-dhcp[54742]: 2797271231 available DHCP range: 
192.168.0.11 -- 192.168.0.20
>

dhcp-match=set:mbdevices,12,MB seems to work in that it applies the tag some of 
the devices but not others, but it puts them in the in the !known range

dhcp-match=set:mbdevices,12,4d:42 does not appear to work

dhcp-name-match=set:mbdevices,MB* appears to tag more consistently but still 
the devices do not get allocated to the mbdevices range.

Any help would be really appreciated.
Thanks




On Thursday, 19 January 2023 at 14:03:18 GMT, Craig Wright  wrote:


Hi,
I am trying to allocate all hosts that join my network with a hostname 
beginning 'MB' to a specific DHCP range.
After much internet research I can't find if there is a solution.
So far I have got:

dhcp-range=tag:mbdevices,192.168.0.50,192.168.0.60,255.255.255.0,12h

and have tried
dhcp-host=MB*,set:mbdevices
thinking I could try using a wildcard to add them to the tag which would them 
allocate them an IP in the range above.

But this doesn't work.

Can you advise if what I am trying to achieve is possible please?
Many thanks
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] Unable to get a reserved address when dhcp-range not specified

[Donald Muller]

I recently added a 2.5GB switch to my network. All devices, which are NAS 
devices, plugged into the switch have a reservation for their IP4 address 
except of course the NAS running dnsmasq which has a fixed address. I updated 
dnsmasq to include the reservations and the following dhcp options.

dhcp-option=tag:eth4,option:netmask,255.255.255.0   
   # set 
net mask (1)
dhcp-option=tag:eth4,option:router,0.0.0.0  

   # set router address (3)

No address range is specified for eth4. When one of the NAS devices attempts to 
get an IP address I receive the following error message.

no address range available for DHCP request via eth4

Even though I have reservations for the devices they never receive their 
reserved address. If I add the range option then the devices receive their 
reserved address.

dhcp-range=tag:eth4,192.168.122.100,192.168.122.199,255.255.255.0,3d

Why do I need to specify a dhcp range when the devices have reservations? I 
don't want a device that does not have a reservation on this subnet to be able 
to plug into the switch and get an address. Is this a bug in dnsmasq? If not is 
there a way to accomplish what I am trying to do?

I am running dnsmasq version 2.88.
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Feature request: DHCP options 100 and 101

[Donald Muller]

> -Original Message-
> From: Geert Stappers 
> Sent: Tuesday, November 29, 2022 4:14 PM
> To: dnsmasq-discuss@lists.thekelleys.org.uk
> Cc: Joe Pfeiffer ; Donald Muller
> 
> Subject: Re: [Dnsmasq-discuss] Feature request: DHCP options 100 and 101
> 
> On Tue, Nov 29, 2022 at 08:10:18PM +, Donald Muller wrote:
> > From: Dnsmasq-discuss, on behalf of Joe Pfeiffer, Sent: Tuesday,
> November 29, 2022 2:25:59 PM
> > >
> > > At present, dnsmasq supports DHCP option 2 (time-offset), but does
> > > not support options 100 (TZ-POSIX string) or 101 (TZ-Database
> > > String).
> > >
> > > It would be very helpful if options 100 and 101 could be supported, as
> > > they are more human readable and enable daylight savings time
> > > support.  Also, option 2 is deprecated (per
> > > https://www.rfc-editor.org/rfc/rfc4833)
> > >
> > >
> > All options are supported. Just specify the number.
> >
> > --dhcp-option=[tag:,[tag:,]][encap:,][vi-
> encap:,][vendor:[],][|option: name>|option6:|option6:],[[,]]
> > Specify different or extra options to DHCP clients. By default,
> > dnsmasq sends some standard options to DHCP clients, the netmask and
> > broadcast address are set to the same as the host running dnsmasq, and
> > the DNS server and default route are set to the address of the machine
> > running dnsmasq. (Equivalent rules apply for IPv6.) If the domain name
> > option has been set, that is sent. This configuration allows these
> > defaults to be overridden, or other options specified. The option, to
> > be sent may be given as a decimal number or as "option:"
> > The option numbers are specified in RFC2132 and subsequent RFCs. The
> > set of option-names known by dnsmasq can be discovered by running
> > "dnsmasq --help dhcp". For example, to set the default route option
> > to 192.168.4.4, do --dhcp-option=3,192.168.4.4 or --dhcp-option =
> > option:router, 192.168.4.4 and to set the time-server address to
> > 192.168.0.4, do --dhcp-option = 42,192.168.0.4 or --dhcp-option =
> > option:ntp-server, 192.168.0.4 The special address 0.0.0.0 is taken
> > to mean "the address of the machine running dnsmasq".
> >
> > Data types allowed are comma separated dotted-quad IPv4 addresses,
> > []-wrapped IPv6 addresses, a decimal number, colon-separated hex digits
> > and a text string. If the optional tags are given then this option is
> > only sent when all the tags are matched.
> >
> > Special processing is done on a text argument for option 119, to
> > conform with RFC 3397. Text or dotted-quad IP addresses as arguments
> > to option 120 are handled as per RFC 3361. Dotted-quad IP addresses
> > which are followed by a slash and then a netmask size are encoded as
> > described in RFC 3442.
> >
> > IPv6 options are specified using the option6: keyword,
> > followed by the option number or option name. The IPv6 option
> > name space is disjoint from the IPv4 option name space. IPv6
> > addresses in options must be bracketed with square brackets,
> > eg. --dhcp-option=option6:ntp-server,[1234::56] For IPv6, [::] means
> > "the global address of the machine running dnsmasq", whilst [fd00::]
> > is replaced with the ULA, if it exists, and [fe80::] with the link-local
> > address.
> >
> > Be careful: no checking is done that the correct type of data for the
> > option number is sent, it is quite possible to persuade dnsmasq to
> > generate illegal DHCP packets with injudicious use of this flag. When
> > the value is a decimal number, dnsmasq must determine how large the
> data
> > item is. It does this by examining the option number and/or the value,
> > but can be overridden by appending a single letter flag as follows:
> > b = one byte, s = two bytes, i = four bytes. This is mainly useful
> > with encapsulated vendor class options (see below) where dnsmasq
> > cannot determine data size from the option number. Option data which
> > consists solely of periods and digits will be interpreted by dnsmasq
> > as an IP address, and inserted into an option as such. To force a
> > literal string, use quotes. For instance when using option 66 to
> > send a literal IP address as TFTP server name, it is necessary to do
> > --dhcp-option=66,"1.2.3.4"
> >
> > Encapsulated Vendor-class options may also be
> > specified (IPv4 only) using --dhcp-option: for instance
> > --dhcp-option=vendor:PXEClient,1,0.0.0.0 sends the encapsulated
> > vendor class-specific option "mftp-address=0.0.0.0&q

Re: [Dnsmasq-discuss] Feature request: DHCP options 100 and 101

[Donald Muller]

All options are supported. Just specify the number.

O, 
--dhcp-option=[tag:,[tag:,]][encap:,][vi-encap:,][vendor:[],][|option:|option6:|option6:],[[,]]
Specify different or extra options to DHCP clients. By default, dnsmasq sends 
some standard options to DHCP clients, the netmask and broadcast address are 
set to the same as the host running dnsmasq, and the DNS server and default 
route are set to the address of the machine running dnsmasq. (Equivalent rules 
apply for IPv6.) If the domain name option has been set, that is sent. This 
configuration allows these defaults to be overridden, or other options 
specified. The option, to be sent may be given as a decimal number or as 
"option:" The option numbers are specified in RFC2132 and 
subsequent RFCs. The set of option-names known by dnsmasq can be discovered by 
running "dnsmasq --help dhcp". For example, to set the default route option to 
192.168.4.4, do --dhcp-option=3,192.168.4.4 or --dhcp-option = option:router, 
192.168.4.4 and to set the time-server address to 192.168.0.4, do --dhcp-option 
= 42,192.168.0.4 or --dhcp-option = option:ntp-server, 192.168.0.4 The special 
address 0.0.0.0 is taken to mean "the address of the machine running dnsmasq".

Data types allowed are comma separated dotted-quad IPv4 addresses, []-wrapped 
IPv6 addresses, a decimal number, colon-separated hex digits and a text string. 
If the optional tags are given then this option is only sent when all the tags 
are matched.

Special processing is done on a text argument for option 119, to conform with 
RFC 3397. Text or dotted-quad IP addresses as arguments to option 120 are 
handled as per RFC 3361. Dotted-quad IP addresses which are followed by a slash 
and then a netmask size are encoded as described in RFC 3442.

IPv6 options are specified using the option6: keyword, followed by the option 
number or option name. The IPv6 option name space is disjoint from the IPv4 
option name space. IPv6 addresses in options must be bracketed with square 
brackets, eg. --dhcp-option=option6:ntp-server,[1234::56] For IPv6, [::] means 
"the global address of the machine running dnsmasq", whilst [fd00::] is 
replaced with the ULA, if it exists, and [fe80::] with the link-local address.

Be careful: no checking is done that the correct type of data for the option 
number is sent, it is quite possible to persuade dnsmasq to generate illegal 
DHCP packets with injudicious use of this flag. When the value is a decimal 
number, dnsmasq must determine how large the data item is. It does this by 
examining the option number and/or the value, but can be overridden by 
appending a single letter flag as follows: b = one byte, s = two bytes, i = 
four bytes. This is mainly useful with encapsulated vendor class options (see 
below) where dnsmasq cannot determine data size from the option number. Option 
data which consists solely of periods and digits will be interpreted by dnsmasq 
as an IP address, and inserted into an option as such. To force a literal 
string, use quotes. For instance when using option 66 to send a literal IP 
address as TFTP server name, it is necessary to do --dhcp-option=66,"1.2.3.4"

Encapsulated Vendor-class options may also be specified (IPv4 only) using 
--dhcp-option: for instance --dhcp-option=vendor:PXEClient,1,0.0.0.0 sends the 
encapsulated vendor class-specific option "mftp-address=0.0.0.0" to any client 
whose vendor-class matches "PXEClient". The vendor-class matching is substring 
based (see --dhcp-vendorclass for details). If a vendor-class option (number 
60) is sent by dnsmasq, then that is used for selecting encapsulated options in 
preference to any sent by the client. It is possible to omit the vendorclass 
completely; --dhcp-option=vendor:,1,0.0.0.0 in which case the encapsulated 
option is always sent.

Options may be encapsulated (IPv4 only) within other options: for instance 
--dhcp-option=encap:175, 190, iscsi-client0 will send option 175, within which 
is the option 190. If multiple options are given which are encapsulated with 
the same option number then they will be correctly combined into one 
encapsulated option. encap: and vendor: are may not both be set in the same 
--dhcp-option.

The final variant on encapsulated options is "Vendor-Identifying Vendor 
Options" as specified by RFC3925. These are denoted like this: 
--dhcp-option=vi-encap:2, 10, textThe number in the vi-encap: section is the 
IANA enterprise number used to identify this option. This form of encapsulation 
is supported in IPv6.
  The address 0.0.0.0 is not treated specially in encapsulated options.




From: Dnsmasq-discuss  on 
behalf of Joe Pfeiffer 
Sent: Tuesday, November 29, 2022 2:25:59 PM
To: dnsmasq-discuss@lists.thekelleys.org.uk 

Subject: [Dnsmasq-discuss] Feature request: DHCP options 100 and 101

At present, dnsmasq supports DHCP option 2 (time-offset), but does
not support options 100 (TZ-POSIX string) or 101 (TZ-Database
String).

Re: [Dnsmasq-discuss] Possible to reuse Cache over restats?

[Donald Muller]

Also, what you are running it on?

From: Dnsmasq-discuss  on 
behalf of Geert Stappers via Dnsmasq-discuss 

Sent: Wednesday, June 29, 2022 6:14:30 PM
To: dnsmasq-discuss@lists.thekelleys.org.uk 

Subject: Re: [Dnsmasq-discuss] Possible to reuse Cache over restats?

On Wed, Jun 29, 2022 at 08:25:18PM +, Dominik Derigs wrote:
> On Wed, 2022-06-29 at 18:37 +, Tobias Hochgürtel wrote:
> > There isn't a feature to reuse the dns-cache?
> > or a plan to add this feature?
> >
>
> There is no such feature and there is also nothing planned at the moment

Oh, it was not a joke.


> However, restarting dnsmasq once per hour surely is the least optimal
> solution to circumvent what you are observing.

So true.


> On Wed, 2022-06-29 at 18:37 +, Tobias Hochgürtel wrote:
> > I also don't know how I can analyse that behavior.
>
> You could use some widely known and used tools like Wireshark where various
> tutorial are available to see whether the issue is dnsmasq not responding
> or the queries not making their way to dnsmasq or if something happens to
> the queries sent upstream to the forward destionation, or whatever else may
> be happening. We can surely give some assistance here, if you want.

Here already some assistance:

* Tell us which version of dnsmasq is being used
* Reread the manual page and in particular --log-queries option


Groeten
Geert Stappers
--
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] new config file in /etc/dnsmasq.d

[Donald Muller]

>From the manpage

NOTES
When it receives a SIGHUP, dnsmasq clears its cache and then re-loads 
/etc/hosts and /etc/ethers and any file given by --dhcp-hostsfile, 
--dhcp-hostsdir, --dhcp-optsfile, --dhcp-optsdir, --addn-hosts or --hostsdir. 
The DHCP lease change script is called for all existing DHCP leases. If 
--no-poll is set SIGHUP also re-reads /etc/resolv.conf. SIGHUP does NOT re-read 
the configuration file.
When it receives a SIGUSR1, dnsmasq writes statistics to the system log. It 
writes the cache size, the number of names which have had to removed from the 
cache before they expired in order to make room for new names and the total 
number of names that have been inserted into the cache. The number of cache 
hits and misses and the number of authoritative queries answered are also 
given. For each upstream server it gives the number of queries sent, and the 
number which resulted in an error. In --no-daemon mode or when full logging is 
enabled (--log-queries), a complete dump of the contents of the cache is made.

The cache statistics are also available in the DNS as answers to queries of 
class CHAOS and type TXT in domain bind. The domain names are cachesize.bind, 
insertions.bind, evictions.bind, misses.bind, hits.bind, auth.bind and 
servers.bind. An example command to query this, using the dig utility would be

dig +short chaos txt cachesize.bind

When it receives SIGUSR2 and it is logging direct to a file (see --log-facility 
) dnsmasq will close and reopen the log file. Note that during this operation, 
dnsmasq will not be running as root. When it first creates the logfile dnsmasq 
changes the ownership of the file to the non-root user it will run as. 
Logrotate should be configured to create a new log file with the ownership 
which matches the existing one before sending SIGUSR2. If TCP DNS queries are 
in progress, the old logfile will remain open in child processes which are 
handling TCP queries and may continue to be written. There is a limit of 150 
seconds, after which all existing TCP processes will have expired: for this 
reason, it is not wise to configure logfile compression for logfiles which have 
just been rotated. Using logrotate, the required options are create and 
delaycompress.


> -Original Message-
> From: Dnsmasq-discuss 
> On Behalf Of Frank Liu
> Sent: Wednesday, March 9, 2022 2:10 PM
> To: dnsmasq-discuss@lists.thekelleys.org.uk
> Subject: [Dnsmasq-discuss] new config file in /etc/dnsmasq.d
> 
> Hi,
> 
> If I add a new file in /etc/dnsmasq.d that has a few srv-host entries,
> what's the best way to signal dnsmasq, other than restart it, so that
> those records can be resolvable?
> 
> Thanks!
> Frank
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Problem with no-resolv and no IP

[Donald Muller]

I think you need to enable 

--bind-dynamic
Enable a network mode which is a hybrid between --bind-interfaces and the 
default. Dnsmasq binds the address of individual interfaces, allowing multiple 
dnsmasq instances, but if new interfaces or addresses appear, it automatically 
listens on those (subject to any access-control configuration). This makes 
dynamically created interfaces work in the same way as the default. 
Implementing this option requires non-standard networking APIs and it is only 
available under Linux. On other platforms it falls-back to --bind-interfaces 
mode.

> -Original Message-
> From: Dnsmasq-discuss 
> On Behalf Of Alkis Georgopoulos
> Sent: Saturday, March 5, 2022 4:46 PM
> To: dnsmasq-discuss@lists.thekelleys.org.uk
> Subject: [Dnsmasq-discuss] Problem with no-resolv and no IP
> 
> Hi, on Ubuntu 22.04 and dnsmasq 2.86-1.1:
> 
> 1) Use the following dnsmasq.conf:
> no-resolv
> server=8.8.8.8
> 2) Ifdown the network so that there's no local IP
> 3) (Re)start dnsmasq
> 4) Ifup the network, let's say local IP=10.0.0.1 now
> 
> At that point:
> 5) `host google.com 10.0.0.1` fails with connection timed out,
> 6) `host google.com 127.0.0.1` works.
> 
> In other words, when dnsmasq is started when there's no local IP, AND
> no-resolv is set, then dnsmasq doesn't reply to the local IPs that are
> assigned later on.
> 
> Is this a bug? Am I doing something wrong?
> Please Cc me as I'm not subscribed to the list.
> 
> Thank you,
> Alkis Georgopoulos
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Does dnsmasq support cname within same domain?

[Donald Muller]

Sorry there was a cut and paste mistake on my part. It should be

cname=alias.test.example.com<http://alias.test.example.com>,alias.dummy.example.com<http://alias.dummy.example.com>,client1.test.example.com<http://client1.test.example.com>


From: Frank Liu 
Sent: Wednesday, March 2, 2022 5:39 PM
To: Donald Muller 
Cc: Matus UHLAR - fantomas ; 
dnsmasq-discuss@lists.thekelleys.org.uk
Subject: Re: [Dnsmasq-discuss] Does dnsmasq support cname within same domain?



On Wed, Mar 2, 2022 at 2:13 PM Donald Muller 
mailto:donmulle...@outlook.com>> wrote:

What if you try

cname=alias.test.example.com<http://alias.test.example.com>,client1.test.example.com<http://client1.test.example.com>,alias.dummy.example.com<http://alias.dummy.example.com>,client1.test.example.com<http://client1.test.example.com>

Does it work?

No, dnsmasq fails to start, with "CNAME loop" error.

Can anyone try to add cname for same domain, and see if it works for you?
Assuming your dhcp domain is 
internal.yourcompany.com<http://internal.yourcompany.com>, with an existing 
dhcp client client1, please add
cname=testalias.internal.yourcompany.com<http://testalias.internal.yourcompany.com>,client1.internal.yourcompany.com<http://client1.internal.yourcompany.com>
and check if 
testalias.internal.yourcompany.com<http://testalias.internal.yourcompany.com> 
resolves?

Thanks!
Frank


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Does dnsmasq support cname within same domain?

[Donald Muller]

From: Dnsmasq-discuss  On 
Behalf Of Frank Liu
Sent: Wednesday, March 2, 2022 12:46 PM
To: Matus UHLAR - fantomas ; 
dnsmasq-discuss@lists.thekelleys.org.uk
Subject: Re: [Dnsmasq-discuss] Does dnsmasq support cname within same domain?



On Wed, Mar 2, 2022 at 7:14 AM Matus UHLAR - fantomas via Dnsmasq-discuss 
 wrote:
>> > > On Tue, Mar 01, 2022 at 01:01:51AM -0800, Frank Liu wrote:
>> > > > I am running dnsmasq for dhcp/dns of a local test domain: 
>> > > > http://test.example.com.
>> > > > Everything works fine. When a dhcp client (eg: client1) comes up, it 
>> > > > gets
>> > > > the IP from dnsmasq, and I can dig/nslookup 
>> > > > http://client1.test.example.com to get
>> > > > its IP.
>> > > >
>> > > > When I add a cname in the same domain, eg:
>> > > > cname=http://alias.test.example.com,http://client1.test.example.com
>> > > >
>> > > > dig/nslookup of http://alias.test.example.com only returns name
>> > > > http://client1.test.example.com, not the actual IP of 
>> > > > http://client1.test.example.com
>> > > >
>> > > > It's interesting that if I add the cname for a different domain, eg:
>> > > > cname=http://alias.dummy.example.com,http://client1.test.example.com
>> > > >
>> > > > dig/nslookup of http://alias.dummy.example.com will return both name
>> > > > http://client1.test.example.com and its IP.
>> > > >
>> > > > I tried a few different versions but that doesn't make a difference.

>> > On Tue, Mar 1, 2022 at 3:37 AM Geert Stappers via Dnsmasq-discuss wrote:
>> > > Please name those different versions.

>> On Tue, Mar 01, 2022 at 09:21:58AM -0800, Frank Liu wrote:
>> > 2.76 (Debian 9),   2.85 (Debian 11).

>On Tue, Mar 1, 2022 at 2:39 PM Geert Stappers via Dnsmasq-discuss 
>  wrote:
>> Ah, I'm now beyond the ambiguty of different version of dig/nslookup.

On 02.03.22 01:28, Frank Liu wrote:
>I don't think it matters with test OS or test application.

it may matter, 

>I also tried:
>ping http://alias.dummy.example.com works, but ping 
>http://alias.test.example.com gives
>unknown host error.
>(even though both names cname to the same http://client1.test.example.com in
>dnsmasq).

What do there result in?

dig http://alias.dummy.example.com http://alias.test.example.com 
http://client1.test.example.com
dig -t any http://alias.dummy.example.com http://alias.test.example.com 
http://client1.test.example.com

In below test, dnsmasq server (192.168.0.253) runs dnsmasq 2.85 (from Debian11).
I have below in the dnsmasq conf:

cname=http://alias.test.example.com,http://client1.test.example.com
cname=http://alias.dummy.example.com,http://client1.test.example.com

Test client is another Debian11 box

$ dig -v
DiG 9.16.22-Debian

$ dig @http://192.168.0.253 http://alias.dummy.example.com 
http://alias.test.example.com http://client1.test.example.com

; <<>> DiG 9.16.22-Debian <<>> @http://192.168.0.253 
http://alias.dummy.example.com http://alias.test.example.com 
http://client1.test.example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29718
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;http://alias.dummy.example.com. IN A

;; ANSWER SECTION:
http://alias.dummy.example.com. 0 IN CNAME http://client1.test.example.com.
http://client1.test.example.com. 0 IN A 192.168.0.70

;; Query time: 20 msec
;; SERVER: 192.168.0.253#53(192.168.0.253)
;; WHEN: Wed Mar 02 17:34:27 UTC 2022
;; MSG SIZE  rcvd: 114

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62870
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;http://alias.test.example.com. IN A

;; ANSWER SECTION:
http://alias.test.example.com. 5 IN CNAME http://client1.test.example.com.

;; Query time: 20 msec
;; SERVER: 192.168.0.253#53(192.168.0.253)
;; WHEN: Wed Mar 02 17:34:27 UTC 2022
;; MSG SIZE  rcvd: 96

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40301
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;http://client1.test.example.com. IN A

;; ANSWER SECTION:
http://client1.test.example.com. 5 IN A 192.168.0.70

;; Query time: 16 msec
;; SERVER: 192.168.0.253#53(192.168.0.253)
;; WHEN: Wed Mar 02 17:34:27 UTC 2022
;; MSG SIZE  rcvd: 75

$ dig -t any @http://192.168.0.253 http://alias.dummy.example.com 
http://alias.test.example.com http://client1.test.example.com

; <<>> DiG 9.16.22-Debian <<>> -t any @http://192.168.0.253 
http://alias.dummy.example.com http://alias.test.example.com 
http://client1.test.example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24227
;; flags: qr 

Re: [Dnsmasq-discuss] Is there any way found this "Cannot assign requested address"?

[Donald Muller]

> -Original Message-
> From: Dnsmasq-discuss 
> On Behalf Of Chris Green
> Sent: Sunday, February 13, 2022 12:20 PM
> To: dnsmasq-discuss@lists.thekelleys.org.uk
> Subject: [Dnsmasq-discuss] Is there any way found this "Cannot assign
> requested address"?
> 
> I want to configure a system to listen on an address that it doesn't
> actually have until I add the address to the network interface.
> 
> It works OK on Raspberry Pi systems but apparently not on a pretty
> standard ubuntu Linux system.
> 
> When I try to start dnsmasq I get this error:-
> 
> root@esprimo# systemctl status dnsmasq.service
> × dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server
>  Loaded: loaded (/lib/systemd/system/dnsmasq.service; enabled;
> vendor preset: enabled)
>  Active: failed (Result: exit-code) since Sun 2022-02-13 16:56:27 GMT;
> 1min 46s ago
> Process: 3839 ExecStartPre=/etc/init.d/dnsmasq checkconfig
> (code=exited, status=0/SUCCESS)
> Process: 3847 ExecStart=/etc/init.d/dnsmasq systemd-exec
> (code=exited, status=2)
> CPU: 19ms
> 
> Feb 13 16:56:27 esprimo systemd[1]: Starting dnsmasq - A lightweight DHCP
> and caching DNS server...
> Feb 13 16:56:27 esprimo dnsmasq[3847]: dnsmasq: failed to create listening
> socket for 192.168.1.2: Cannot assign requested address
> Feb 13 16:56:27 esprimo dnsmasq[3847]: failed to create listening socket
> for 192.168.1.2: Cannot assign requested address
> Feb 13 16:56:27 esprimo dnsmasq[3847]: FAILED to start up
> Feb 13 16:56:27 esprimo systemd[1]: dnsmasq.service: Control process
> exited, code=exited, status=2/INVALIDARGUMENT
> Feb 13 16:56:27 esprimo systemd[1]: dnsmasq.service: Failed with result
> 'exit-code'.
> Feb 13 16:56:27 esprimo systemd[1]: Failed to start dnsmasq - A 
> lightweight
> DHCP and caching DNS server.
> 
> 
> In the dnsmasq man page it has:-
> 
> -z, --bind-interfaces
>   On  systems  which support it, dnsmasq binds the wildcard address,
> even when it
>   is listening on only  some  interfaces.  It  then  discards  
> requests  that  it
>   shouldn't reply to. This has the advantage of working even when
> interfaces come
>   and go and change address. This option forces dnsmasq to really bind
> only  the
>   interfaces  it is listening on. About the only time when this is 
> useful is
> when
>   running another nameserver (or another instance of dnsmasq)  on  the
> same  ma‐
>   chine.  Setting  this  option  also enables multiple instances of 
> dnsmasq
> which
>   provide DHCP service to run in the same machine.
> 
> I thought this would mean I could do what I want which is to have:-
> 
> listen-address=192.168.1.2,127.0.0.1
> 
> ... and only actually create the IP 192.168.1.2 on the network interface
> when I want this system to be the DHCP/DNS server.
> 
> Does the error mean that Ubuntu Linux isn't among "systems  which support
> it"?
> 
> Is there any other way to get the result I want?  That is dnsmasq running but
> not
> actually being visible as a server on the LAN until I do something to "switch 
> it
> on"?
> 
> --
> Chris Green
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

--bind-dynamic
Enable a network mode which is a hybrid between --bind-interfaces and the 
default. Dnsmasq binds the address of individual interfaces, allowing multiple 
dnsmasq instances, but if new interfaces or addresses appear, it automatically 
listens on those (subject to any access-control configuration). This makes 
dynamically created interfaces work in the same way as the default. 
Implementing this option requires non-standard networking APIs and it is only 
available under Linux. On other platforms it falls-back to --bind-interfaces 
mode.
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] restarting

[Donald Muller]

Yes, signals and their actions are described in the manpage.

Sent from my iPhone. Please excuse typos and autocorrection errors.

“One of the saddest lessons of history is this: If we’ve been bamboozled long 
enough, we tend to reject any evidence of the bamboozle. We’re no longer 
interested in finding out the truth. The bamboozle has captured us. It’s simply 
too painful to acknowledge, even to ourselves, that we’ve been taken. Once you 
give a charlatan power over you, you almost never get it back.” - Carl Sagan

From: Dnsmasq-discuss  on 
behalf of Ken Gillett via Dnsmasq-discuss 

Sent: Monday, February 7, 2022 2:56:42 AM
To: dnsmasq-discuss 
Subject: [Dnsmasq-discuss] restarting

On MacOS, dnsmasq is started and run by launchd, so launchctl would normally be 
used to stop and start. Instead however, a simple 'killall dnsmasq' will stop 
it and launchd will automatically restart it. Does it matter to dnsmasq which 
method is used?

What is the best way to tell dnsmasq to just reread the config files (to 
include changes etc)? Is a full stop and restart required, or does it respond 
to any particular signal by simply re-loading its configuration?



Ken  G i l l e t t

_/_/_/_/_/_/_/_/




___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] srv-host and domain

[Donald Muller]

> -Original Message-
> From: Dnsmasq-discuss 
> On Behalf Of Otto Modinos
> Sent: Tuesday, September 14, 2021 4:01 AM
> To: dnsmasq-discuss@lists.thekelleys.org.uk
> Subject: Re: [Dnsmasq-discuss] srv-host and domain
> 
> Something like this:
> 
>domain=mydomain.home,192.168.1.0/24,local
>srv-host=_xmpp-client._tcp,myhost.mydomain.home,5222,0,5
> 
> This should work I believe.  Yet, a SRV query for
> _xmpp-client._tcp.mydomain.home gets no answer.
> 
> I also tried srv-host=_xmpp-client._tcp.,myhost.mydomain.home, notice
> the ending dot on the service (just like the manual also has) and that's
> exactly the same.
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Try querying xmpp-client._tcp.mydomain.home

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] srv-host and domain

[Donald Muller]

> -Original Message-
> From: Dnsmasq-discuss 
> On Behalf Of Otto Modinos
> Sent: Sunday, September 12, 2021 7:20 PM
> To: dnsmasq-discuss@lists.thekelleys.org.uk
> Subject: [Dnsmasq-discuss] srv-host and domain
> 
> Hello,
> 
> It seems that, despite what the manpage says, the domain is not included
> by default in srv-host.
> 
> Is this a genuine bug or did I messed something up?
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

It would be really helpful if you provided your config file. Without it there 
is no way to tell if there is a misconfiguration or a bug.

>From the manpage - "If not supplied, the domain defaults to that given by 
>--domain. The default for the target domain is empty"

Don

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Can only have one servers-file in config file

[Donald Muller]

Bump.

From: Dnsmasq-discuss  On 
Behalf Of Donald Muller
Sent: Saturday, April 3, 2021 11:27 PM
To: dnsmasq-discuss@lists.thekelleys.org.uk
Subject: [Dnsmasq-discuss] Can only have one servers-file in config file

I had two 'conf-file=' entries in my dnsmasq.conf file that pointed to files 
that contained server= entries. One file was for adservers and the other was 
used for redirecting a couple of domains to different upstream DNS servers.  I 
had separate files as the adserver file is downloaded nightly and I wanted to 
have DNSMASQ reread the file without having to restart it. This worked fine. I 
changed the 'conf-file=' entries to 'servers-file=' so they could be reloaded 
by sending a SIGHUP signal. However, DNSMASQ would not start with this 
configuration. It would produce the following error: dnsmasq: illegal repeated 
keyword at line 22. Line 22 contained the second 'servers-file=' entry. Is this 
by design or is this a bug? If it is a bug then hopefully it will get fixed 
soon. If it is by design I would like to see that changed to you can have more 
than one 'servers-file=' entry. If is it by design and it is not going to 
change then I think an entry needs to be added to the man page indicating that 
you can have only one 'servers-file=' entry.

Thanks
Don

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Log DNS Queries/Responses based on IP Address

[Donald Muller]

Thanks Geert.

> -Original Message-
> From: Dnsmasq-discuss 
> On Behalf Of Geert Stappers via Dnsmasq-discuss
> Sent: Monday, April 5, 2021 3:55 AM
> To: dnsmasq-discuss@lists.thekelleys.org.uk
> Subject: Re: [Dnsmasq-discuss] Log DNS Queries/Responses based on IP
> Address
> 
> On Mon, Apr 05, 2021 at 09:47:38AM +0200, Yes wrote:
> > On Sat, Apr 03, 2021 at 09:02:02PM +, Donald Muller wrote:
> > > I looked at the man pages but didn't see anything for this (maybe
> > > I missed it). Is there a way to specify DNS logging based on an IP
> > > address? In other word I just want to log DNS queries and responses
> > > from/to a particular IP address. Is this possible?
> >
> > Yes
> 
> Adding such **condiontal** logging to dnsmasq should be avoided.
> 
> Run dnsmasq with --log-queries=extra and filter from the output
> the wanted information.
> 
> 
> Groeten
> Geert Stappers
> --
> Silence is hard to parse
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] Can only have one servers-file in config file

[Donald Muller]

I had two 'conf-file=' entries in my dnsmasq.conf file that pointed to files 
that contained server= entries. One file was for adservers and the other was 
used for redirecting a couple of domains to different upstream DNS servers.  I 
had separate files as the adserver file is downloaded nightly and I wanted to 
have DNSMASQ reread the file without having to restart it. This worked fine. I 
changed the 'conf-file=' entries to 'servers-file=' so they could be reloaded 
by sending a SIGHUP signal. However, DNSMASQ would not start with this 
configuration. It would produce the following error: dnsmasq: illegal repeated 
keyword at line 22. Line 22 contained the second 'servers-file=' entry. Is this 
by design or is this a bug? If it is a bug then hopefully it will get fixed 
soon. If it is by design I would like to see that changed to you can have more 
than one 'servers-file=' entry. If is it by design and it is not going to 
change then I think an entry needs to be added to the man page indicating that 
you can have only one 'servers-file=' entry.

Thanks
Don

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] adding domain suffix search to dns forward

[Donald Muller]

That is a DHCP option that is passed to the DHCP client. It is up to the client 
to add the suffix to its DNS requests.

Don

From: Dnsmasq-discuss  On 
Behalf Of Dave Sullivan
Sent: Monday, August 17, 2020 3:15 PM
To: dnsmasq-discuss@lists.thekelleys.org.uk
Subject: [Dnsmasq-discuss] adding domain suffix search to dns forward

Hi All,

Is there a way to get dnsmasq to provide additional search domain suffix to an 
'A' query and forward that query to any number of added search domains.

Seems like dhcp-option would be the right place per [0]

"DHCP option 15: specifies the domain name that client should use as suffix 
when resolving hostnames via the Domain Name System"

However, when doing a dig/nslookup using a shortname and looking at the 
dnsmasq.log it doesn't seem to add the domain suffix.

Am I missing something here?

Maybe dhcp-option is only for dhcp requests and not implied for dns forward.

Any ideas?

Thanks,

Dave

[0] https://www.efficientip.com/glossary/dhcp-option/



--
==
Dave Sullivan RHCE Email: 
dsull...@redhat.com
Sr. OpenShift And Middleware Technical Account Manager

+1 312 660 3525 (Office)
+1 804 837 8924 (Cell)
==
Red Hat, Inc. | 100 East Davie St | Raleigh, NC | 27601

Partnering with you to help achieve your business goals.

http://www.redhat.com
http://access.redhat.com
http://www.opensource.com
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Determine wireless SSID

[Donald Muller]

Correct. I cannot set a VLAN for a specific SSID.

> -Original Message-
> From: Dnsmasq-discuss 
> On Behalf Of Daniel Huhardeaux
> Sent: Friday, February 1, 2019 4:51 AM
> To: dnsmasq-discuss@lists.thekelleys.org.uk
> Subject: Re: [Dnsmasq-discuss] Determine wireless SSID
> 
> Le 31/01/2019 à 21:52, Donald Muller a écrit :
> > Petr, Daniel
> >
> > Thanks for the suggestions. I checked on my router and I can set a VLAN for
> 2.4Ghz and 5Ghz networks but not for guest vs non guest.
> 
> You mean that you can't set VLAN for a specific SSID ?
> 
> >
> >> -Original Message-
> >> From: Dnsmasq-discuss  boun...@lists.thekelleys.org.uk>
> >> On Behalf Of Daniel Huhardeaux
> >> Sent: Tuesday, January 29, 2019 8:08 AM
> >> To: dnsmasq-discuss@lists.thekelleys.org.uk
> >> Subject: Re: [Dnsmasq-discuss] Determine wireless SSID
> >>
> >> Hello,
> >>
> >> I did it like Petr say, setting up 2 SSID in wireless router, each of
> >> them in a different VLAN (my wireless router has this possibility). With
> >> Tags you can also set different GW or DNS or ...
> >>
> >> Le 28/01/2019 à 20:47, Petr Mensik a écrit :
> >>> Hi Donald,
> >>>
> >>> it is kind of possible. But usually there is another way to solve your
> >>> situation.
> >>>
> >>> First of all, you want to assign guests different addresses. Why would
> >>> you want that? I think you want to separate them from internal
> network.
> >>> Good design. However, that means they should be coming from
> different
> >>> network device. Just need to map device request is coming from to
> >>> different range and tag.
> >>>
> >>> Or maybe better, have separate instances listening just on given
> >>> interface. For example have guest network have VLAN 1, internal VLAN
> 2.
> >>> Run dnsmasq with bind-interfaces, interface=eth0.1 and so on.
> >>> Another instance with interface=eth0.2, etc. It would separate
> >>> physically guests from home users, would allow firewall separation as
> >>> well. Possibly just one direction.
> >>>
> >>> It would not be simple setup I am afraid. Requires a lot of
> >>> configuration outside dnsmasq. I guess you are looking for some simple
> >>> configuration. I am afraid I do not know simpler setup.
> >>>
> >>> Is this somehow simplified in OpenWRT for example?
> >>>
> >>> Cheers,
> >>> Petr
> >>>
> >>> On 1/11/19 10:58 PM, Donald Muller wrote:
> >>>> This is probably not possible but I thought I would ask.
> >>>>
> >>>> Is it possible for DNSMASQ to determine the SSID for a DHCP request? I
> >> would like to be able to assign different values for devices using the 
> >> guest
> >> network. DNSMASQ is running on my QNAP NAS while I have a Netgear
> >> wireless router providing the wireless connectivity.
> >>>>
> >>>> Thanks
> >>
> >> --
> >> Daniel
> >>
> >> ___
> >> Dnsmasq-discuss mailing list
> >> Dnsmasq-discuss@lists.thekelleys.org.uk
> >> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> > ___
> > Dnsmasq-discuss mailing list
> > Dnsmasq-discuss@lists.thekelleys.org.uk
> > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> >
> 
> 
> --
> TOOTAi Networks
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Determine wireless SSID

[Donald Muller]

Router is Netgear R7800 running the Netgear firmware.

Yeah I was thinking of maybe putting in an AP or another wireless router in 
bridge mode as I can set a VLAN by port on the R7800.

> -Original Message-
> From: Dnsmasq-discuss 
> On Behalf Of john doe
> Sent: Friday, February 1, 2019 12:58 AM
> To: dnsmasq-discuss@lists.thekelleys.org.uk
> Subject: Re: [Dnsmasq-discuss] Determine wireless SSID
> 
> On 1/31/2019 9:52 PM, Donald Muller wrote:
> > Petr, Daniel
> >
> > Thanks for the suggestions. I checked on my router and I can set a VLAN for
> 2.4Ghz and 5Ghz networks but not for guest vs non guest.
> >
> 
> Can you afford an other wireless device on your network?
> Do you mind sharing the model of your Netgear router?
> 
> --
> John Doe
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Determine wireless SSID

[Donald Muller]

Petr, Daniel

Thanks for the suggestions. I checked on my router and I can set a VLAN for 
2.4Ghz and 5Ghz networks but not for guest vs non guest.

Don

> -Original Message-
> From: Dnsmasq-discuss 
> On Behalf Of Daniel Huhardeaux
> Sent: Tuesday, January 29, 2019 8:08 AM
> To: dnsmasq-discuss@lists.thekelleys.org.uk
> Subject: Re: [Dnsmasq-discuss] Determine wireless SSID
> 
> Hello,
> 
> I did it like Petr say, setting up 2 SSID in wireless router, each of
> them in a different VLAN (my wireless router has this possibility). With
> Tags you can also set different GW or DNS or ...
> 
> Le 28/01/2019 à 20:47, Petr Mensik a écrit :
> > Hi Donald,
> >
> > it is kind of possible. But usually there is another way to solve your
> > situation.
> >
> > First of all, you want to assign guests different addresses. Why would
> > you want that? I think you want to separate them from internal network.
> > Good design. However, that means they should be coming from different
> > network device. Just need to map device request is coming from to
> > different range and tag.
> >
> > Or maybe better, have separate instances listening just on given
> > interface. For example have guest network have VLAN 1, internal VLAN 2.
> > Run dnsmasq with bind-interfaces, interface=eth0.1 and so on.
> > Another instance with interface=eth0.2, etc. It would separate
> > physically guests from home users, would allow firewall separation as
> > well. Possibly just one direction.
> >
> > It would not be simple setup I am afraid. Requires a lot of
> > configuration outside dnsmasq. I guess you are looking for some simple
> > configuration. I am afraid I do not know simpler setup.
> >
> > Is this somehow simplified in OpenWRT for example?
> >
> > Cheers,
> > Petr
> >
> > On 1/11/19 10:58 PM, Donald Muller wrote:
> >> This is probably not possible but I thought I would ask.
> >>
> >> Is it possible for DNSMASQ to determine the SSID for a DHCP request? I
> would like to be able to assign different values for devices using the guest
> network. DNSMASQ is running on my QNAP NAS while I have a Netgear
> wireless router providing the wireless connectivity.
> >>
> >> Thanks
> 
> --
> Daniel
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Determine wireless SSID

[Donald Muller]

Since no one responded I am assuming this is not possible.

From: Dnsmasq-discuss  On 
Behalf Of Donald Muller
Sent: Friday, January 11, 2019 4:58 PM
To: dnsmasq-discuss@lists.thekelleys.org.uk
Subject: [Dnsmasq-discuss] Determine wireless SSID

This is probably not possible but I thought I would ask.

Is it possible for DNSMASQ to determine the SSID for a DHCP request? I would 
like to be able to assign different values for devices using the guest network. 
DNSMASQ is running on my QNAP NAS while I have a Netgear wireless router 
providing the wireless connectivity.

Thanks

-
"Everyone is entitled to his own opinion, but not to his own facts." - Daniel 
Patrick Moynihan

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] Determine wireless SSID

[Donald Muller]

This is probably not possible but I thought I would ask.

Is it possible for DNSMASQ to determine the SSID for a DHCP request? I would 
like to be able to assign different values for devices using the guest network. 
DNSMASQ is running on my QNAP NAS while I have a Netgear wireless router 
providing the wireless connectivity.

Thanks

-
"Everyone is entitled to his own opinion, but not to his own facts." - Daniel 
Patrick Moynihan

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Patch to cache SRV records - updated version (#3)

[Donald Muller]

I think this should be added to the code maybe with an option in the config 
file to turn on the caching of these records.

> -Original Message-
> From: Dnsmasq-discuss 
> On Behalf Of Jeremy Allison
> Sent: Thursday, December 20, 2018 4:39 PM
> To: dnsmasq-discuss@lists.thekelleys.org.uk
> Subject: Re: [Dnsmasq-discuss] Patch to cache SRV records - updated version
> (#3)
> 
> On 12/20/2018 12:20 PM, Jeremy Allison wrote:
> > On Thu, 20 Dec 2018 11:53:11 -0800
> >
> > Jeremy Allison  wrote:
> >
> >> I know dnsmasq doesn't cache SRV records by design:
> >>
> >> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=579536;msg=9
> >>
> >> However, when used with Samba code (winbindd) and
> >> other Windows-integrating technology (MIT krb5)
> >> there are a lot of SRV record queries that make
> >> the whole integration stack slow if SRV records
> >> are not cached.
> >>
> >> With that in mind, here is a patch to cache
> >> SRV records positively and negatively inside
> >> dnsmasq.
> >>
> >> I'm sending here it so that people who might need
> >> this functionality have a central place to find
> >> it (it might end up being used in ChromeOS, depending
> >> on test results / review).
> >
> > Sigh. Found a bug when testing. free_mx_srv_record()
> > wasn't checking for NULL pointers on free(),
> > which can be the case for negative cache
> > records.
> 
> Third time is the charm :-). Remember to NULL
> out free'd and uninitialized pointers and
> structrures, and remove the F_SRV flag on deleting
> the cache entry.
> 
> Hopefully this is the last iteration of this.
> I can't see any more issues to address, but
> I'm still testing :-).
> 
> Jeremy.
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] duplicate dhcp-host IP address

[Donald Muller]

See john doe's response.

> -Original Message-
> From: Dnsmasq-discuss 
> On Behalf Of Roy Marples
> Sent: Monday, November 12, 2018 12:57 PM
> To: dnsmasq-discuss@lists.thekelleys.org.uk
> Subject: Re: [Dnsmasq-discuss] duplicate dhcp-host IP address
> 
> On 12/11/2018 16:11, Donald Muller wrote:
> > You could put a reservation in dnsmasq for the wired and wireless MAC
> addresses and give them the same IP address.
> 
> How?
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] duplicate dhcp-host IP address

[Donald Muller]

You could put a reservation in dnsmasq for the wired and wireless MAC addresses 
and give them the same IP address.

> -Original Message-
> From: Dnsmasq-discuss 
> On Behalf Of Roy Marples
> Sent: Monday, November 12, 2018 10:13 AM
> To: DNSMASQ Mailing List 
> Subject: [Dnsmasq-discuss] duplicate dhcp-host IP address
> 
> Hi List
> 
> dnsmasq has this lovely piece of code
> https://nam02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fthek
> elleys.org.uk%2Fgitweb%2F%3Fp%3Ddnsmasq.git%3Ba%3Dblob%3Bf%3Dsrc
> %2Foption.c%3Bh%3D462796996ef208bd013eece70fce51e7dc1a45ad%3Bhb
> %3DHEAD%23l3240data=02%7C01%7C%7Ca7cf1826fc2c4b02726f08d64
> 8b73f13%7C84df9e7fe9f640afb435%7C1%7C0%7C636776349219
> 249498sdata=PO0Ufdzr9NyR7dJYUXRhc5My94kEt7CzHWA4De1taHc%3
> Dreserved=0
> 
> This effectively stops me using dnsmasq to give the same IP address to
> wired and wireless interfaces (which are on the same network) of my laptop.
> The laptop in question runs NetBSD + dhcpcd can is more than capable of
> having the same address UP on >1 interface.
> 
> Can this be removed, or an option added to disable the check please?
> I want to enjoy a persitent ssh shell from/to it while swapping between
> wired/wireless without it droping due to changing the IP address.
> 
> Thanks
> 
> Roy
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> https://nam02.safelinks.protection.outlook.com/?url=http%3A%2F%2Flists.t
> hekelleys.org.uk%2Fmailman%2Flistinfo%2Fdnsmasq-
> discussdata=02%7C01%7C%7Ca7cf1826fc2c4b02726f08d648b73f13%7C
> 84df9e7fe9f640afb435%7C1%7C0%7C636776349219249498
> p;sdata=ennca%2B7by%2BpuDTYxG8YkbIC2N6Exi3xeMqF2RNaFHMs%3D
> mp;reserved=0

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] Release of V2.80

[Donald Muller]

Hi Simon,

I believe that a while ago you mentioned that you were going to be releasing 
2.80 soon. Do you have a target date yet?

Don
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] addn-hosts vs host-record

[Donald Muller]

> -Original Message-
> From: Simon Kelley <si...@thekelleys.org.uk>
> Sent: Thursday, March 8, 2018 11:06 AM
> To: Donald Muller <donmulle...@outlook.com>
> Subject: Re: [Dnsmasq-discuss] addn-hosts vs host-record
> 
> 
> 
> 
> > What is the difference between addn-hosts and host-record? Are the
> > same records created for both?
> >
> 
> Not necessarily. A name/address pair in a hosts file creates a A/ record
> and a PTR record to do address->name mapping. Depending on the setting of
> --expand-hosts, it may do the same for a name composed of a simple name
> and the contents of the dnsmasdq --domain setting.
> 
> host-record just creates a simple A or  record.
> 
> 
> Cheers,
> 
> Simon.

HI Simon,

According to the man pages a host-record also creates a PTR record.

>From the man page - Add A,  and PTR records to the DNS.

Thanks
Don

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] lame response

[Donald Muller]

> -Original Message-
> From: Dnsmasq-discuss <dnsmasq-discuss-boun...@lists.thekelleys.org.uk>
> On Behalf Of Donald Muller
> Sent: Wednesday, March 7, 2018 12:23 PM
> To: dnsmasq-discuss@lists.thekelleys.org.uk
> Subject: Re: [Dnsmasq-discuss] lame response
> 
> 
> 
> > -Original Message-
> > From: Dnsmasq-discuss
> > <dnsmasq-discuss-boun...@lists.thekelleys.org.uk>
> > On Behalf Of Yeah
> > Sent: Monday, March 5, 2018 12:01 PM
> > To: dnsmasq-discuss@lists.thekelleys.org.uk
> > Subject: Re: [Dnsmasq-discuss] lame response
> >
> > On Fri, Mar 02, 2018 at 05:36:03PM +, Donald Muller wrote:
> > > 2 computers on the same network. One running Windows server 2012
> > > R2 with Microsoft DNS and DHCP and the other one a QNAP NAS running
> > > dnsmasq. Both connected to the same switch and both versions of DNS
> > > pointing to the same upstream DNS server which is my router which is
> > > not running DNS but just forwards the requests to my ISP DNS servers.
> > > The network is 1GB and there is not a lot of N/W traffic. A nslookup
> > > of www.microsoft.com using dnsmasq takes 40 seconds. The same
> lookup
> > > using the Microsoft DNS takes less than a second.
> >
> > Nslookup --->  Name Server  ---x--> Next Name Server.
> >
> >
> > Move to x and do testing/checking/measuring there.
> >
> > Find out why  Next Name Server is so lame in responding when Name
> > Server is dnsmasq.
> > Or find out what Name Server on MS Window 2012 is caching/lying/making
> > up.
> >
> >
> > See also http://www.catb.org/~esr/faqs/smart-questions.html
> >
> 
> Your suggestion prompted me dig deeper. I tried what you suggested and on
> checking the next name server there was no 40 second lag which points me
> back to dnsmasq. I tried to use debug on the nslookup that comes with the
> NAS but it is crippled. The only options you can use as name and server. So I
> switched to using nslookup on Win10. I put it into debug and D2 mode and
> executed a lookup using www.microsoft.com against dnsmasq. I have
> attached the debug info. As you can see a request for an (A) record was sent
> using www.microsoft.com.djmuller.com. This request to dnsmasq timed out.
> After the timeout a second request was sent for an () record. This also
> timed out. Further requests were sent without .djmuller.com and received
> replies. When the same was executed against a Microsoft DNS server the
> same series of requests were made. However instead of the MS DNS not
> replying on the queries that had .djmuller.com on them it responded with
> NXDOMAIN. Debug file attached.
> 
> So I think I have run into two issues. The first is nslookup on the NAS which 
> is
> a busybox version. I think the retries are set high which is causing the 40
> second timing. Since it won't accept any options there is nothing I can do 
> with
> it. So as far as I am concerned the 40 second issue is closed. The second is
> that on certain queries dnsmasq is not responding. Below is my DNS config
> for dnsmasq. Is there an option I have set or one that I don't have set that 
> is
> causing this behavior?
> 
> domain-needed
> domain=djmuller.com
> no-hosts
> addn-
> hosts=/share/CACHEDEV1_DATA/UserData/Configs/DNSMasq/dnsmasq-
> hosts.conf
> expand-hosts
> local-service
> bogus-priv
> filterwin2k
> resolv-
> file=/share/CACHEDEV1_DATA/UserData/Configs/DNSMasq/dnsmasq-
> resolv.conf
> stop-dns-rebind
> rebind-localhost-ok
> no-poll
> clear-on-reload
> mx-host=djmuller.com,djmuller.com,50
> mx-target=mail.djmuller.com
> cache-size=1000
> conf-file=/share/CACHEDEV1_DATA/UserData/Configs/DNSMasq/dnsmasq-
> adservers.conf# List of servers that will return 
> no-domain
> rebind-domain-ok=/plex.direct/
> 
> Thanks
> Don

Did more testing and when I change the nameservers from my router (which should 
be doing pass through only) to my ISP DNS servers dnsmasq no longer timed out. 
So it looks like there are some things that the router doesn't like and doesn't 
respond on.

As far as I am concerned this issue is solved.

Don

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] addn-hosts vs host-record

[Donald Muller]

Hi,

What is the difference between addn-hosts and host-record? Are the same records 
created for both?

Thanks
Don
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] dnsmasq failover

[Donald Muller]

Thanks Kurt. I don't use tftp so that is not a concern. I was hoping for 
something a little easier like the two dnsmasq instances talking to each other 
and passing information. Oh well, c'est la vie. So this is not on the roadmap?

Thanks
Don

> -Original Message-
> From: Kurt H Maier [mailto:k...@sciops.net]
> Sent: Friday, March 2, 2018 1:34 PM
> To: Donald Muller <donmulle...@outlook.com>
> Cc: dnsmasq-discuss@lists.thekelleys.org.uk
> Subject: Re: [Dnsmasq-discuss] dnsmasq failover
> 
> On Fri, Mar 02, 2018 at 05:36:35PM +, Donald Muller wrote:
> > At the risk of offending Geert I have a question on failover. I found a
> thread from 6 years ago discussing dnsmasq failover. There were a number
> of suggestions made that required enhancements to dnsmasq none of which
> seem to have been implemented. Is this a dead idea or something that is still
> on the back (very back) burner?
> 
> The simplest approach is to share your configs, usually with a shared
> filesystem or drbd if you must, then configure CARP or VRRP, and set up
> heartbeat to start up the secondary when the primary fails.  This is far more
> reliable than trying to juggle which tftp address to pass your pxe clients, 
> and
> is generalizable to other services.
> 
> khm

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Long nslookup times

[Donald Muller]

Geert,

Apologies if offended you in some way by emailing this list about some strange 
behavior I noticed when testing my dnsmasq setup. I admit that my Linux skills 
aren't strong but I am not looking for a consultant. What I was looking for was 
some assistance in determining whether the issue was with dnsmasq itself, my 
setup/configuration of dnsmasq, or somewhere else in which case I would bother 
someone else.

Thanks for your assistance so far. If anyone else would like offer suggestions 
please do.

Recap

2 computers on the same network. One running Windows server 2012 R2 with 
Microsoft DNS and DHCP and the other one a QNAP NAS running dnsmasq. Both 
connected to the same switch and both versions of DNS pointing to the same 
upstream DNS server which is my router which is not running DNS but just 
forwards the requests to my ISP DNS servers. The network is 1GB and there is 
not a lot of N/W traffic. A nslookup of www.microsoft.com using dnsmasq takes 
40 seconds. The same lookup using the Microsoft DNS takes less than a second.

Thanks
Don

> @Original Poster:  Come back to the dnsmasq mailinglist
>when you have more proof that your interresting problem
>is caused by dnsmasq.
>If want to hire a consultant, do so.
>If you are here for hiring a consultant, say so.
> 
> 
> At least try to understand where to ask what.
> Karma bonus points for telling over few weeks what caused the forty
> seconds lookup time.
> 
> 
> Groeten
> Geert Stappers
> Probably way too concerned about the health of dnsmasq community
> --
> Leven en laten leven
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] dnsmasq failover

[Donald Muller]

At the risk of offending Geert I have a question on failover. I found a thread 
from 6 years ago discussing dnsmasq failover. There were a number of 
suggestions made that required enhancements to dnsmasq none of which seem to 
have been implemented. Is this a dead idea or something that is still on the 
back (very back) burner?

Thanks
Don
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Long nslookup times

[Donald Muller]

> -Original Message-
> From: Dnsmasq-discuss [mailto:dnsmasq-discuss-
> boun...@lists.thekelleys.org.uk] On Behalf Of Geert Stappers
> Sent: Wednesday, February 21, 2018 1:18 PM
> To: dnsmasq-discuss@lists.thekelleys.org.uk
> Subject: Re: [Dnsmasq-discuss] Long nslookup times
> 
> On Wed, Feb 21, 2018 at 07:02:45PM +0100, Geert Stappers wrote:
> > On Wed, Feb 21, 2018 at 05:03:34PM +, Donald Muller wrote:
> > > > > > On Wed, Jan 31, 2018 at 10:22:53AM +0100, Geert Stappers wrote:
> > > > > > > On Tue, Jan 30, 2018 at 05:08:05PM +, Donald Muller wrote:
> > > > > > > >
> > > > > > > > Using Microsoft DNS server [~] # time nslookup
> > > > > > > > www.microsoft.com 192.168.22.200 Address 1:
> > > > > > > > 192.168.22.200 djmfs1.djmuller.com
> > > > > > >
> > > > > > > Programm nslookup did a reverse lookup on used DNS address
> > > > > > > and got back a FQDN
> > > > > > >
> > > > > > > > Using dnsmasq
> > > > > > > > [~] # time nslookup www.microsoft.com 192.168.22.220 Address
> 1:
> > > > > > > > 192.168.22.220 DJMFS2
> > > > > > >
> > > > > > > Non Fully Qualified Domain Name for the used DNS address
> 
> So we know that the reverse DNS data source is some what sloppy
> configured.
> 
> ||| 192.168.22.200 djmfs1.djmuller.com
> ||| 192.168.22.220 DJMFS2
> 
> But the real thing I'm trying to tell:  extra (unwanted??) reverse lookup
> happen
> 
> 
> > > > > > > Wow, a full forty seconds ...
> > > > > > >
> > > >
> > > > I'm not convinced that the culprit is in  dnsmasq.
> > > > Please continue to find proof  ...
> 
> Because you have a interesting probleem ...
> 
> 
> > > > > > > > What additional information do you need?
> > > > > All devices, including the router, are connected at 1GB to a switch.
> > > >
> > > > The testclient what does it have in /etc/resolv.conf while testing?
> > > > Other tools for `nslookup`, such as `dig` and `host`, what timing
> > > > results have those?
> > > > The QNAP NAS with dnsmasq, how much traffic must it handle?
> > >
> > > The test client has the following in reslov.conf
> > >
> > > [~] # cat /etc/resolv.conf
> > > nameserver 192.168.22.220
> > > nameserver 192.168.22.242
> > >
> > > host shows the following:
> > >
> > > [~] # time host www.microsoft.com 192.168.22.220 Using domain
> > > server:
> > > Name: 192.168.22.220
> > > Address: 192.168.22.220#53
> > > Aliases:
> > >
> > > www.microsoft.com is an alias for www.microsoft.com-c-3.edgekey.net.
> > > www.microsoft.com-c-3.edgekey.net is an alias for www.microsoft.com-
> c-3.edgekey.net.globalredir.akadns.net.
> > > www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net is an alias
> for e13678.dspb.akamaiedge.net.
> > > e13678.dspb.akamaiedge.net has address 104.88.47.193
> > > e13678.dspb.akamaiedge.net has IPv6 address 2001:418:143c:19e::356e
> > > e13678.dspb.akamaiedge.net has IPv6 address 2001:418:143c:1a9::356e
> > >
> > > real0m0.050s
> > > user0m0.001s
> > > sys 0m0.001s
> 
> That is much better than forty seconds ...
> 
> > > dig is not installed.
> 
> Install it. Rule out that we are dealing with a bogus nslookup.

Results of dig

[~] # dig www.microsoft.com 192.168.22.220

; <<>> DiG 9.11.2 <<>> www.microsoft.com 192.168.22.220
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54000
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; QUESTION SECTION:
;www.microsoft.com. IN  A

;; ANSWER SECTION:
www.microsoft.com.  2025IN  CNAME   
www.microsoft.com-c-3.edgekey.net.
www.microsoft.com-c-3.edgekey.net. 13945 IN CNAME 
www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net.
www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net. 72 IN CNAME 
e13678.dspb.akamaiedge.net.
e13678.dspb.akamaiedge.net. 19  IN  A   23.206.169.201

;; Query time: 10 msec
;; SERVER: 192.168.22.220#53(192.168.22.220)
;; WHEN: Fri Mar 02 01:13:06 EST 2018
;; MSG SIZE  rcvd: 213

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22575
;; fl

Re: [Dnsmasq-discuss] Long nslookup times

[Donald Muller]

Sorry for the delayed response. Life got in the way 

> -Original Message-
> From: Dnsmasq-discuss [mailto:dnsmasq-discuss-
> boun...@lists.thekelleys.org.uk] On Behalf Of Geert Stappers
> Sent: Wednesday, January 31, 2018 5:33 PM
> To: dnsmasq-discuss@lists.thekelleys.org.uk
> Subject: Re: [Dnsmasq-discuss] Long nslookup times
> 
> On Wed, Jan 31, 2018 at 04:44:03PM +, Donald Muller wrote:
> > boun...@lists.thekelleys.org.uk] On Behalf Of Geert Stappers
> > Sent: Wednesday, January 31, 2018 4:56 AM
> > > On Wed, Jan 31, 2018 at 10:22:53AM +0100, Geert Stappers wrote:
> > > > On Tue, Jan 30, 2018 at 05:08:05PM +, Donald Muller wrote:
> > > > >
> > > > > Using Microsoft DNS server
> > > > >
> > > > > [~] # time nslookup www.microsoft.com 192.168.22.200 Address 1:
> > > > > 192.168.22.200 djmfs1.djmuller.com
> > > >
> > > > Programm nslookup did a reverse lookup on used DNS address and got
> > > > back a FQDN
> > > >
> > > > > Address 1: 172.229.210.230
> > > > > a172-229-210-230.deploy.static.akamaitechnologies.com
> > > > >
> > > > > real0m0.103s
> > > > >
> > > > > Using dnsmasq
> > > > >
> > > > > [~] # time nslookup www.microsoft.com 192.168.22.220 Address 1:
> > > > > 192.168.22.220 DJMFS2
> > > >
> > > > Non Fully Qualified Domain Name for the used DNS address
> > > >
> > > > > Address 1: 172.229.210.230
> > > > > a172-229-210-230.deploy.static.akamaitechnologies.com
> > > > >
> > > > > real0m40.057s
> > > >
> > > > Wow, a full forty seconds ...
> > > >
> > > > > As you can see dnsmasq took a lot longer.
> > > >
> > > > > Both DNS servers are set up to
> > > > > forward requests to my router (192.168.22.252) which then
> > > > > forwards them on the my ISP DNS servers. The router is NOT running
> a DNS server.
> > > >
> > > > So the "forward" is about forwarding plain IP packets.
> > > > Initially I did read the "forward" as "forwarding a DNS request"
> > > >
> > > >
> > > > > Some queries run faster on the NAS. Others, like
> > > > > www.micorsoft.com run slower. Here is my dnsmasq setup.
> > > > >
> > > > > Main dnsmasq config file
> 
> > > > > Is there a setting that needs to be changed/added/removed?
> 
> I'm not convinced that the culprit is in  dnsmasq.
> Please continue to find proof  ...
> 
> > > > > What additional information do you need?
> > > > >
> > > >
> > > > The connection between the r2012 server and the router.
> > > > The connection between the dnsmasq and the router.
> > >
> > > And
> > > the connection between the nslookup client and the r2012 server the
> > > connection between the nslookup client and the dnsmasq server
> > >
> >
> > All devices, including the router, are connected at 1GB to a switch.
> 
> The testclient what does it have in /etc/resolv.conf while testing?
> Other tools for `nslookup`, such as `dig` and `host`, what timing results have
> those?
> The QNAP NAS with dnsmasq, how much traffic must it handle?

The test client has the following in reslov.conf

[~] # cat /etc/resolv.conf
nameserver 192.168.22.220
nameserver 192.168.22.242

host shows the following:

[~] # time host www.microsoft.com 192.168.22.220
Using domain server:
Name: 192.168.22.220
Address: 192.168.22.220#53
Aliases:

www.microsoft.com is an alias for www.microsoft.com-c-3.edgekey.net.
www.microsoft.com-c-3.edgekey.net is an alias for 
www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net.
www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net is an alias for 
e13678.dspb.akamaiedge.net.
e13678.dspb.akamaiedge.net has address 104.88.47.193
e13678.dspb.akamaiedge.net has IPv6 address 2001:418:143c:19e::356e
e13678.dspb.akamaiedge.net has IPv6 address 2001:418:143c:1a9::356e

real0m0.050s
user0m0.001s
sys 0m0.001s

dig is not installed.

The QNAP NAS is not handling much traffic. If is a home file server with 
minimal traffic.

I also set up dnsmasq on a second NAS with just DNS running, no DHCP. This NAS 
is used for backups so normally has no traffic. I get the same long times

[~] # time nslookup www.microsoft.com 192.168.22.242
Server:192.168.22.242
Address 1: 192.168.22.242 djmfs3.djmuller.com

Name:  www.microsoft.com
Address 1: 104.88.47.193 a104-88-47-193.deploy.static.akamaitechnologies.com
Address 2: 2001:418:143c:19e::356e
Address 3: 2001:418:143c:1a9::356e

real0m40.071s
user0m0.000s
sys 0m0.001s

What times do you get if you do a nslookup on www.microsoft.com?
> 
> 
> Groeten
> Geert Stappers
> --
> Leven en laten leven
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Long nslookup times

[Donald Muller]

> -Original Message-
> From: Dnsmasq-discuss [mailto:dnsmasq-discuss-
> boun...@lists.thekelleys.org.uk] On Behalf Of Geert Stappers
> Sent: Wednesday, January 31, 2018 4:56 AM
> To: dnsmasq-discuss@lists.thekelleys.org.uk
> Subject: Re: [Dnsmasq-discuss] Long nslookup times
> 
> On Wed, Jan 31, 2018 at 10:22:53AM +0100, Geert Stappers wrote:
> > On Tue, Jan 30, 2018 at 05:08:05PM +, Donald Muller wrote:
> > >
> > > Using Microsoft DNS server
> > >
> > > [~] # time nslookup www.microsoft.com 192.168.22.200 Address 1:
> > > 192.168.22.200 djmfs1.djmuller.com
> >
> > Programm nslookup did a reverse lookup on used DNS address and got
> > back a FQDN
> >
> > > Address 1: 172.229.210.230
> > > a172-229-210-230.deploy.static.akamaitechnologies.com
> > >
> > > real0m0.103s
> > >
> > > Using dnsmasq
> > >
> > > [~] # time nslookup www.microsoft.com 192.168.22.220 Address 1:
> > > 192.168.22.220 DJMFS2
> >
> > Non Fully Qualified Domain Name for the used DNS address
> >
> > > Address 1: 172.229.210.230
> > > a172-229-210-230.deploy.static.akamaitechnologies.com
> > >
> > > real0m40.057s
> >
> > Wow, a full forty seconds ...
> >
> > > As you can see dnsmasq took a lot longer.
> >
> > > Both DNS servers are set up to
> > > forward requests to my router (192.168.22.252) which then forwards
> > > them on the my ISP DNS servers. The router is NOT running a DNS server.
> >
> > So the "forward" is about forwarding plain IP packets.
> > Initially I did read the "forward" as "forwarding a DNS request"
> >
> >
> > > Some queries run faster on the NAS. Others, like www.micorsoft.com
> > > run slower. Here is my dnsmasq setup.
> > >
> > > Main dnsmasq config file
> > >
> > > user=x
> > > group=yyy
> > > log-
> facility=/share/CACHEDEV1_DATA/UserData/Logs/DNSMasq/dnsmasq.log
> > > log-async=25
> > > bind-dynamic
> > > conf-
> file=/share/CACHEDEV1_DATA/UserData/Configs/DNSMasq/dnsmasq-dns
> > > .conf  # DNS configuration information
> > > conf-
> file=/share/CACHEDEV1_DATA/UserData/Configs/DNSMasq/dnsmasq-dhc
> > > p.conf # DHCP configuration information
> > >
> > > dnsmasq-dns.conf file
> > >
> > > domain-needed
> > > domain=djmuller.com
> > > no-hosts
> > > addn-
> hosts=/share/CACHEDEV1_DATA/UserData/Configs/DNSMasq/dnsmasq-ho
> > > sts.conf
> > > expand-hosts
> > > #log-queries
> > > local-service
> > > bogus-priv
> > > filterwin2k
> > > resolv-
> file=/share/CACHEDEV1_DATA/UserData/Configs/DNSMasq/dnsmasq-r
> > > esolv.conf
> > > stop-dns-rebind
> > > rebind-localhost-ok
> > > no-poll
> > > clear-on-reload
> > > domain-needed
> > > mx-host=djmuller.com,djmuller.com,50
> > > mx-target=mail.djmuller.com
> > > cache-size=1000
> > > conf-
> file=/share/CACHEDEV1_DATA/UserData/Configs/DNSMasq/dnsmasq-ads
> > > ervers.conf # List of servers that will return no-domain
> > > rebind-domain-ok=/plex.direct/
> > >
> > > Is there a setting that needs to be changed/added/removed?
> > > What additional information do you need?
> > >
> >
> > The connection between the r2012 server and the router.
> > The connection between the dnsmasq and the router.
> 
> And
> the connection between the nslookup client and the r2012 server the
> connection between the nslookup client and the dnsmasq server
> 

All devices, including the router, are connected at 1GB to a switch.

> Groeten
> Geert Stappers
> Who thinks this mail thread is not about a dnsmasq issue
> --
> Leven en laten leven
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] Long nslookup times

[Donald Muller]

Hello all,

I have Microsoft DNS and DHCP running on a Windows 2012 R2 server. The 
processor is a 4 core 4 thread i5-4440 running at 3.1GHz with 16GB of memory. I 
am in the process of retiring this server and moving everything over to a QNAP 
NAS which runs Linux. The NAS is running a 4 core 8 thread i7-7700 running at 
3.6GHz with 40GB of memory. The Linux NAS is faster and has more threads and 
memory. I have installed dnsmasq on the NAS and DNS and DHCP are working. 
However during testing I ran into a strange issue.

Running an nslookup on the NAS using the DNS on the NAS takes a lot longer than 
it does using the DNS running on the 2012 server.

Using Microsoft DNS server

[~] # time nslookup www.microsoft.com 192.168.22.200
Server:192.168.22.200
Address 1: 192.168.22.200 djmfs1.djmuller.com

Name:  www.microsoft.com
Address 1: 172.229.210.230 a172-229-210-230.deploy.static.akamaitechnologies.com
Address 2: 2001:428:4404:18f::356e
Address 3: 2001:428:4404:192::356e

real0m0.103s
user0m0.001s
sys 0m0.000s

Using dnsmasq

[~] # time nslookup www.microsoft.com 192.168.22.220
Server:192.168.22.220
Address 1: 192.168.22.220 DJMFS2

Name:  www.microsoft.com
Address 1: 172.229.210.230 a172-229-210-230.deploy.static.akamaitechnologies.com
Address 2: 2001:428:4404:192::356e
Address 3: 2001:428:4404:18f::356e

real0m40.057s
user0m0.000s
sys 0m0.001s

As you can see dnsmasq took a lot longer. Both DNS servers are set up to 
forward requests to my router (192.168.22.252) which then forwards them on the 
my ISP DNS servers. The router is NOT running a DNS server. Some queries run 
faster on the NAS. Others, like www.micorsoft.com run slower. Here is my 
dnsmasq setup.

Main dnsmasq config file

user=x
group=yyy
log-facility=/share/CACHEDEV1_DATA/UserData/Logs/DNSMasq/dnsmasq.log
log-async=25
bind-dynamic
conf-file=/share/CACHEDEV1_DATA/UserData/Configs/DNSMasq/dnsmasq-dns.conf   
# DNS configuration information
conf-file=/share/CACHEDEV1_DATA/UserData/Configs/DNSMasq/dnsmasq-dhcp.conf  
   # DHCP configuration information

dnsmasq-dns.conf file

domain-needed
domain=djmuller.com
no-hosts
addn-hosts=/share/CACHEDEV1_DATA/UserData/Configs/DNSMasq/dnsmasq-hosts.conf
expand-hosts
#log-queries
local-service
bogus-priv
filterwin2k
resolv-file=/share/CACHEDEV1_DATA/UserData/Configs/DNSMasq/dnsmasq-resolv.conf
stop-dns-rebind
rebind-localhost-ok
no-poll
clear-on-reload
domain-needed
mx-host=djmuller.com,djmuller.com,50
mx-target=mail.djmuller.com
cache-size=1000
conf-file=/share/CACHEDEV1_DATA/UserData/Configs/DNSMasq/dnsmasq-adservers.conf 
  # List of servers that will return 
no-domain
rebind-domain-ok=/plex.direct/

Is there a setting that needs to be changed/added/removed? What additional 
information do you need?

Thanks
Don
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss