Re: [Dnsmasq-discuss] multiple dhcp-options with the same tag
> Op 9 sep. 2023 om 07:19 heeft Wink Saville het volgende > geschreven: > > I'm learning dnsmasq and I'm taking advice from ChatGPT-4, probably a > bad idea but so far it's given reasonable advice :) How are you able to judge if advice is reasonable if you’re needing to ask for advice? > > Anyway, in this instance I was asking a question[1] about how to > configure dnsmasq on OpenWRT. > > The first prompt was: > > "Using Luci on openwrt is there a way to set a dhcp-option and use it > on a dhcp-host record?" > > It answered correctly that using luci you can't do it but you can do > it in /etc/dnsmasq.conf and gave an example: > > ``` > dhcp-host=00:11:22:33:44:55,set:myOptions,192.168.1.100 > dhcp-option=tag:myOptions,option:dns-server,192.168.1.2 > dhcp-option=tag:myOptions,option:router,192.168.1.1 > ``` > > My second prompt ends with the question: > > "Anyway, your example shows that myOptions is composed of two separate > dhcp-option's. Are you sure that is legal, can you provide me with a > link or a quote from the dnsmasg.conf documentation?" > > Its response was, as is typical. a long winded yes and it also gave me > a quote from the documentation. Of course, I couldn't find that quote, > which is also typical, it lies! Anyway, to cut to the chase I'm > writing because the technique the bot showed does work, at least it > seems to work for me on OpenWRT with dnsmasq v2.86. But, as I said I > don't see in the documentation. Did I just miss it or should I not use > it or maybe it should be documented? > > -- Wink > > [1]:https://chat.openai.com/share/cadee80b-4e3e-41e1-b95e-5fd62e799a9a > > ___ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss > ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Is empty domain OK?
Grant Edwards schreef op 2022-10-18 15:50: On 2022-10-18, William Edwards wrote: Grant Edwards schreef op 2022-10-18 03:03: All of the examples I see for setting up dnsmasq on networks without a "real" domain always say to choose a "fake" local domain (e.g. .lan, .home.arpa, .local, etc.). Then you also configure dnsmask to treat that domain as local so that requests for that domain are never forwarded. Why? Are you not allowed to have have an empty domain so that "plain" hostnames are satisfied locall (e.g. from /etc/hosts and the DHCP leases) and only requests with a domain are forwarded to the external server? DNS supports this. Yes, I knew that. I don't know if dnsmasq does. That's what I was trying to ask. I guess I wasn't clear enough. Regardless of whether it's technically possible: why would you want this? If there is no domain name for a network, then it seems logical to not use a domain name for that network. Making up a fake one which might later conflict with a real, external, domain seems like the wrong way to go about things. That's why .local is a reserved TLD. This will cause issues. Many hostname validators require the presence of a dot, for example. That's an interesting point. Where does one run into such "hostname validators"? Anywhere in userland. Would a search domain work for you? I don't know what you mean by "a search domain". https://en.wikipedia.org/wiki/Search_domain -- Grant ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss -- With kind regards, William Edwards ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Is empty domain OK?
Grant Edwards schreef op 2022-10-18 03:03: All of the examples I see for setting up dnsmasq on networks without a "real" domain always say to choose a "fake" local domain (e.g. .lan, ..home.arpa, .local, etc.). Then you also configure dnsmask to treat that domain as local so that requests for that domain are never forwarded. Why? Are you not allowed to have have an empty domain so that "plain" hostnames are satisfied locall (e.g. from /etc/hosts and the DHCP leases) and only requests with a domain are forwarded to the external server? DNS supports this. I don't know if dnsmasq does. Regardless of whether it's technically possible: why would you want this? This will cause issues. Many hostname validators require the presence of a dot, for example. Would a search domain work for you? -- Grant ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss -- With kind regards, William Edwards ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] multiple instances
> Op 24 jul. 2022 om 15:19 heeft AWL bvba het volgende > geschreven: > > > Hello , > > First post to this list : I've been looking everywhere for some cook book > recipe or pointers to a solution for the problem at hand. > > Problem : > - dnsmasq manages different vlan's > - some vlan(s) should be isolated from the others (guest functionality) > Solution (what I found until now) : > - use different instances For running multiple instances efficiently, you could use systemd targets / template units with several config files. > - combinations of interface and/or except-interface parameters per instance > - use of bind-interface etc. > > Question : what's the preferred way to start this automatically (at boot) ? > - can't pass parameters to openrc service (Alpine Linux) ? > - change openrc dnsmasq script ? > - launch a shell script including needed dnsmasq commands ? > - something else ? > > I am still a bit new at this (level of) "tinkering" and would prefer to do > things (the one and true ? :-) "proper way" > > Any pointers appreciated. > > Cheers , > ___ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Whitelist again
Kovács József via Dnsmasq-discuss schreef op 2022-04-11 13:28: Hello All, I downgraded the dnsmasq from 2.86 to 2.80 and whitelist is working. What could be the difference, if the configuration files are same? These are is my configuration files: kovacsj@laptop:~# cat /tmp/cmr/ap_dnsmasq_v1p1.5.conf no-hosts except-interface=lo bind-interfaces pid-file=/var/run/dnsmasq_v1p1.5.pid dhcp-leasefile=/var/run/dnsmasq_v1p1.5.leases log-facility=/var/log/lwuci/dnsmasq_v1p1.5.log interface=v1p1.5 dhcp-range=192.168.5.11,192.168.5.91,255.255.255.0 servers-file=/tmp/cmr/filtering.conf kovacsj@laptop:~# cat /tmp/cmr/filtering.conf server=/robotszoft.hu/# server=/#/ kovacsj@laptop:~# The robotszoft.hu website is reachable, but the any others are not. This is the desired result, but in the 2.86 version, it is not working. Could somebody help me? You could help yourself by binary searching for the commit that caused the change in behaviour ;) Thank you very much, in advance! -- Üdvözlettel: Kovács József - villamosmérnök informatikus programozó PLC programozó etikus hacker Cert:ECC7512963840 Tel: +36703146459 ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss -- With kind regards, William Edwards ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] HA Cluster - IPv6 router adv lifetime of 0
Jochen Demmer via Dnsmasq-discuss schreef op 2021-10-02 10:28: Hi, I've been trying to develop my own kind of firewall solution named nftwall which uses nftables as packet filter and is being managed centrally by Ansible - no webGUI. My first attempt was to use dnsmasq but then I found out of this obstacle. I've been thinking about switching to KEA + radvd but actually I would like to keep using dnsmasq. I manage my VRRP IPs with keepalived. There are small scripts for an event of a primary - secondary change. Especially in an event of controlled switch of primary - secondary I would like the primary dnsmasq to send a lifetime of 0 in the router advertisement package. That way the clients know that this router shall not be used any more. No experience with RAs so far, but isn't that what the priority field is for? Please confirm my findings that this is currently not possible with dnsmasq. If so please accept my feature request to implement that. Regards Jochen Demmer ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss -- With kind regards, William Edwards ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Rather basic question - how do you tell dnsmasq what upstream DNS servers to use?
Use --server. Met vriendelijke groeten, William Edwards - Original Message - From: Chris Green (c...@isbd.net) Date: 10/03/20 17:41 To: dnsmasq-disc...@thekelleys.org.uk Subject: [Dnsmasq-discuss] Rather basic question - how do you tell dnsmasq what upstream DNS servers to use? I'm feeling really silly, I've been using dnsmasq for several years running it on a dedicated Raspberry Pi on the LAN to provide local DNS. It's been working perfectly OK but just a very short while ago the Google DNS server at 8.8.8.8 went down for a while and it's what I (appear to) use as the upstream DNS. How and where does one set dnsmasq's upstream DNS? Is it the following line in /etc/dhcpcd.conf :- /etc/dhcpcd.conf:static domain_name_servers=192.168.1.4 8.8.8.8 fd51:42f8:caae:d92e::1 The file /run/dnsmasq/resolv.conf appears to be derived directly from the above:- chris@newdns$ more resolv.conf # Generated by resolvconf nameserver 192.168.1.4 nameserver 8.8.4.4 nameserver fd51:42f8:caae:d92e::1 The Raspberry Pi running dnsmasq is 192.168.1.4 on the LAN here, I'm running dnsmasq version 2.76. Would I be better with two unrelated DNS servers in the above configuration, e.g. a Google one and one from my ISP? -- Chris Green ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dnsmasq keepalive or RasberryPi?
Restart=on-failure ? Or better yet, fix the actual issue :) > Op 19 aug. 2020 om 20:37 heeft Olaf Hering het volgende > geschreven: > > Am Wed, 19 Aug 2020 07:06:31 -0600 > schrieb Michael Walter : > >> service dnsmasq restart > > See systemd.service(5) "Restart=" for details. > > Olaf > ___ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] DNS servers in router advertisements
Hello, I would like to send DNS servers in router advertisements (not DHCPv6) according to RFC 6106. Is this possible with dnsmasq? I could not find the ability to specify custom RA options (like dhcp-option) or native functionality for specifying RA DNS servers in 'man dnsmasq'. Thank you. With kind regards, William Edwards Tuxis ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] DHCPv6 with IPv4 address in last 32 bits of IPv6 address: ideas?
> Op 22 apr. 2020 om 08:41 heeft Olaf Hering het volgende > geschreven: > > Am Tue, 21 Apr 2020 15:58:25 +0200 > schrieb "William Edwards" : > >> Ideas are welcome. > > You did not say how hosts are identified, nor did you say why exactly > addresses matter in your setup. > If it is done based on their MAC addresses, just give each host a name. > > host-record=hostname,hostname.${dns_domain},${ipv4},${ipv6_prefix}::0323:45ff:feab:cdef > dhcp-host=01:23:45:ab:cd:ef,set:hostname,hostname,216000 > > After all this project is called DNSmasq, not DHCPmasq... Your position is clear. What I’ll probably do is write a config file in dnsmasq.d/ with dhcp-host directive from my dhcp-script, after handing out a v4 lease and replacing . with :. > > Olaf ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] DHCPv6 with IPv4 address in last 32 bits of IPv6 address: ideas?
Hello, I am working on replacing static IP addresses in our network by static DHCP leases (which is in turn preparation for PXE). For IPv4, this is easily doable, but for IPv6 this is a bit of a challenge because of the following: In our case, all services directly attached to the internet are dual-stack. We make IPv6 addresses easy to remember by placing corresponding /32s in the last 32 bits of /128s. For example, 98.98.98.98's dual-stack IPv6 address would become 2a01:ac00::$something:98:98:98:98. That way, we only have to remember our prefix and the IPv4 address, increasing IPv6 adoption rates. Of course, when providing our network with IPv6 addresses by DHCP, this will become a bit of a challenge. I would not expect dnsmasq to support this very specific way of assigning IPv6 addresses, but I am wondering if others on the mailing list use a similar address format, and if so, how they have automated this. Especially as I would have to link the IPv6 and IPv4 addresses on the DHCP side. Ideas are welcome. Met vriendelijke groeten, William Edwards T. 040 - 711 44 96 E. wedwa...@cyberfusion.nl ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Nameserver dot
> This sounds like a bug, doing auth DNS without an auth-server statement > is a recent addition, and I probably forgot this effect on secondary > servers. Will take a look in the next day or two. No worries. What's important to me is that only entries in 'auth-sec-servers' are returned as NS records, being my public DNS servers. Thanks, William On 20/03/2020 08:25, William Edwards wrote: > >> Op 20 mrt. 2020 om 00:23 heeft Simon Kelley het >> volgende geschreven: >> >>> On 19/03/2020 17:23, William Edwards wrote: >>> Hi, >>> >>> I have auth-sec-servers set to: >>> 'auth-sec-servers=nsauth0.cyberfusion.nl,nsauth1.cyberfusion.be,nsauth2.cyberfusion.nu,nsauth3.cyberfusion.nl' >>> >>> These nameservers are shown, but I am also getting back an NS record >>> consisting of '.': >>> >>> --- >>> ;; ANSWER SECTION: >>> vlan5.hosts.cyberfusion.space. 600 IN NS nsauth1.cyberfusion.be. >>> vlan5.hosts.cyberfusion.space. 600 IN NS . >>> vlan5.hosts.cyberfusion.space. 600 IN NS nsauth0.cyberfusion.nl. >>> vlan5.hosts.cyberfusion.space. 600 IN NS nsauth2.cyberfusion.nu. >>> vlan5.hosts.cyberfusion.space. 600 INNSnsauth3.cyberfusion.nl. >>> -- >>> >>> Where does 'NS .' come from? >> >> The --auth-server configuration, probably. What does that look like? > > I did not specify an ‘auth-server’ directive. I did so, and now, the first NS > record indeed is no longer a dot. > > This brings me to the next question: how do I prevent dnsmasq from even > showing itself in NS records? dnsmasq will not answer queries to the internet. > >> >> >> Simon. >> >> >>> >>> Met vriendelijke groeten, >>> >>> William Edwards >>> T. 040 - 711 44 96 >>> E. wedwa...@cyberfusion.nl >>> >>> >>> >>> >>> >>> ___ >>> Dnsmasq-discuss mailing list >>> Dnsmasq-discuss@lists.thekelleys.org.uk >>> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss >>> >> >> >> ___ >> Dnsmasq-discuss mailing list >> Dnsmasq-discuss@lists.thekelleys.org.uk >> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > ___ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] SOA serial increase
Hi Simon! > If you don't explicitly set the serial, then it should start at the > current epoch time (ie seconds since 1/1/1970) which avoids the problem > unless you average more than one new DHCP lease per second. After setting 'auth-server', this behaviour has been 'fixed'. Without 'auth-server': -- vlan5.hosts.cyberfusion.space. 600 IN SOA . . 1 1200 180 1209600 600 -- With 'auth-server': -- vlan5.hosts.cyberfusion.space. 600 IN SOA vlan5.hosts.cyberfusion.space. hostmaster.vlan5.hosts.cyberfusion.space. 1584702843 1200 180 1209600 600 -- So this seems like a combination of 1) possibly some room for improvement in docs (there is little mention of serials there at all) and 2) working too late at night. William On 20/03/2020 08:18, William Edwards wrote: > > Op 20 mrt. 2020 om 00:39 heeft Simon Kelley <mailto:si...@thekelleys.org.uk>> het volgende geschreven: > >> On 19/03/2020 17:28, William Edwards wrote: >>> Hello, >>> >>> Does dnsmasq increase SOA serial when adding a new DNS record after DHCP >>> lease is requested? >> >> Yes. >> >>> >>> I am not sure because docs say '--auth-soa' allows for specifying serial. >> >> It does, but it's optional: dnsmasq will generate one for you. If you do >> specify a serial, it will still get incremented after a new DHCP lease >> is created. > > Thanks. > > I noticed that serial is reset back to 1 when dnsmasq is restarted. This > would cause the serial to be lower on dnsmasq than its slaves after a > restart, even when DHCP leases are handed out and DNS records are added. > > Is this intentional behaviour? > >> >> >> Cheers, >> >> Simon. >> >>> >>> Met vriendelijke groeten, >>> >>> William Edwards >>> T. 040 - 711 44 96 >>> E. wedwa...@cyberfusion.nl <mailto:wedwa...@cyberfusion.nl> >>> >>> >>> >>> >>> >>> ___ >>> Dnsmasq-discuss mailing list >>> Dnsmasq-discuss@lists.thekelleys.org.uk >>> <mailto:Dnsmasq-discuss@lists.thekelleys.org.uk> >>> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss >>> >> >> >> ___ >> Dnsmasq-discuss mailing list >> Dnsmasq-discuss@lists.thekelleys.org.uk >> <mailto:Dnsmasq-discuss@lists.thekelleys.org.uk> >> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > > ___ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] SOA serial increase
> Op 20 mrt. 2020 om 00:39 heeft Simon Kelley het > volgende geschreven: > >> On 19/03/2020 17:28, William Edwards wrote: >> Hello, >> >> Does dnsmasq increase SOA serial when adding a new DNS record after DHCP >> lease is requested? > > Yes. > >> >> I am not sure because docs say '--auth-soa' allows for specifying serial. > > It does, but it's optional: dnsmasq will generate one for you. If you do > specify a serial, it will still get incremented after a new DHCP lease > is created. Thanks. I noticed that serial is reset back to 1 when dnsmasq is restarted. This would cause the serial to be lower on dnsmasq than its slaves after a restart, even when DHCP leases are handed out and DNS records are added. Is this intentional behaviour? > > > Cheers, > > Simon. > >> >> Met vriendelijke groeten, >> >> William Edwards >> T. 040 - 711 44 96 >> E. wedwa...@cyberfusion.nl >> >> >> >> >> >> ___ >> Dnsmasq-discuss mailing list >> Dnsmasq-discuss@lists.thekelleys.org.uk >> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss >> > > > ___ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Nameserver dot
> Op 20 mrt. 2020 om 00:23 heeft Simon Kelley het > volgende geschreven: > >> On 19/03/2020 17:23, William Edwards wrote: >> Hi, >> >> I have auth-sec-servers set to: >> 'auth-sec-servers=nsauth0.cyberfusion.nl,nsauth1.cyberfusion.be,nsauth2.cyberfusion.nu,nsauth3.cyberfusion.nl' >> >> These nameservers are shown, but I am also getting back an NS record >> consisting of '.': >> >> --- >> ;; ANSWER SECTION: >> vlan5.hosts.cyberfusion.space. 600 IN NS nsauth1.cyberfusion.be. >> vlan5.hosts.cyberfusion.space. 600 IN NS . >> vlan5.hosts.cyberfusion.space. 600 IN NS nsauth0.cyberfusion.nl. >> vlan5.hosts.cyberfusion.space. 600 IN NS nsauth2.cyberfusion.nu. >> vlan5.hosts.cyberfusion.space. 600 INNSnsauth3.cyberfusion.nl. >> -- >> >> Where does 'NS .' come from? > > The --auth-server configuration, probably. What does that look like? I did not specify an ‘auth-server’ directive. I did so, and now, the first NS record indeed is no longer a dot. This brings me to the next question: how do I prevent dnsmasq from even showing itself in NS records? dnsmasq will not answer queries to the internet. > > > Simon. > > >> >> Met vriendelijke groeten, >> >> William Edwards >> T. 040 - 711 44 96 >> E. wedwa...@cyberfusion.nl >> >> >> >> >> >> ___ >> Dnsmasq-discuss mailing list >> Dnsmasq-discuss@lists.thekelleys.org.uk >> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss >> > > > ___ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] Nameserver dot
Hi, I have auth-sec-servers set to: 'auth-sec-servers=nsauth0.cyberfusion.nl,nsauth1.cyberfusion.be,nsauth2.cyberfusion.nu,nsauth3.cyberfusion.nl' These nameservers are shown, but I am also getting back an NS record consisting of '.': --- ;; ANSWER SECTION: vlan5.hosts.cyberfusion.space. 600 IN NS nsauth1.cyberfusion.be. vlan5.hosts.cyberfusion.space. 600 IN NS . vlan5.hosts.cyberfusion.space. 600 IN NS nsauth0.cyberfusion.nl. vlan5.hosts.cyberfusion.space. 600 IN NS nsauth2.cyberfusion.nu. vlan5.hosts.cyberfusion.space. 600 IN NS nsauth3.cyberfusion.nl. -- Where does 'NS .' come from? Met vriendelijke groeten, William Edwards T. 040 - 711 44 96 E. wedwa...@cyberfusion.nl ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] SOA serial increase
Hello, Does dnsmasq increase SOA serial when adding a new DNS record after DHCP lease is requested? I am not sure because docs say '--auth-soa' allows for specifying serial. Met vriendelijke groeten, William Edwards T. 040 - 711 44 96 E. wedwa...@cyberfusion.nl ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] dhcp-script not being called with "del"
Hi, I have a 'dhcp-script'. It is being called with "add" and "old" upon requesting DHCP lease, but when a lease expires, it is not called with "del". To test, I changed lease time to 1 minute and kept an eye on /var/lib/misc/dnsmasq.leases . After 1 minute, the lease disappeared from /var/lib/misc/dnsmasq.leases (thus expired). However, the 'dhcp-script' was not called. How could I start researching this issue? Met vriendelijke groeten, William Edwards T. 040 - 711 44 96 E. wedwa...@cyberfusion.nl ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Sending user-specified default gateway with RAs
Hello Pali, Thank you for your answer. I am aware RAs are supposed to be sent by routers. I attempted using dnsmasq for RAs, because it seemed easier than getting RAs to be sent from my VRRP address as source address. I have enough information to proceed with dnsmasq configuration. Met vriendelijke groeten, William Edwards T. 040 - 711 44 96 E. wedwa...@cyberfusion.nl - Original Message - From: Pali Rohár (pali.ro...@gmail.com) Date: 02/23/20 12:25 To: William Edwards (wedwa...@cyberfusion.nl) Cc: dnsmasq-discuss@lists.thekelleys.org.uk Subject: Re: [Dnsmasq-discuss] Sending user-specified default gateway with RAs On Sunday 23 February 2020 11:41:47 William Edwards wrote: > Question: how do I configure dnsmasq to supply a user-specified default > gateway address in RAs? Hello William! This is not possible as IPv6 gateway (router) address is not present in RA packet structure. If client receives RA packet it expects that sender of RA packet is gateway (router). So if you do not have dnsmasq on your router, you must disable RA in dnsmasq. And enable RA on your real IPv6 router. In IPv6 network it is expected that RA is sent only by IPv6 router. RA means Router Advertisement and only real router should advertise that is router. -- Pali Rohár pali.ro...@gmail.com ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] Sending user-specified default gateway with RAs
Hello, I use dnsmasq to provide DHCP. IPv4 is working well, but I'm struggling to configure IPv6. I use DHCPv6 and Router Advertisements and get a /64 when requesting a DHCP lease, which is according to my configuration. However: the RA contains a default route to the dnsmasq server, but the default gateway should be my router, which is located at another address. I have looked through the documentation carefully, but cannot find any way to supply my own default gateway to RAs. Although I am aware that DHCPv6 is not in charge of supplying the default gateway, I set 'dhcp-option=option6:router' as a test, but dnsmasq refused to start up afterwards. Question: how do I configure dnsmasq to supply a user-specified default gateway address in RAs? Met vriendelijke groeten, William Edwards T. 040 - 711 44 96 E. wedwa...@cyberfusion.nl ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss