[Dnsmasq-discuss] Dnsmasq 2.44 refuses DNS-Queries from LAN clients

[Steven Barth]

Hello,

it looks like there is an issue with the latest 2.44 version of Dnsmasq.
I recently upgraded the Dnsmasq on my router from 2.43 to 2.44 and it started 
to refuse DNS-Queries from PCs in the LAN. Downgrading to 2.43 made it work 
again.

This is the output of host on a PC in the LAN:
 host -v kernel.org 192.168.2.1
 Trying kernel.org
 Received 28 bytes from 192.168.2.1#53 in 14 ms
 Trying kernel.org
 Using domain server:
 Name: 192.168.2.1
 Address: 192.168.2.1#53
 Aliases:
 
 Host kernel.org not found: 5(REFUSED)
 Received 28 bytes from 192.168.2.1#53 in 12 ms


The same request on the router running Dnsmasq itself worked flawlessly:
 root@OpenWrt:/# nslookup kernel.org 192.168.2.1
 Server:192.168.2.1
 Address 1: 192.168.2.1
 
 Name:  kernel.org
 Address 1: 204.152.191.5 pub1.kernel.org
 Address 2: 204.152.191.37 pub2.kernel.org


Running dnsmasq -qd for debug purposes:
the host-call produced the following output on the router:
 dnsmasq: query[A] kernel.org from 192.168.2.2
 dnsmasq: query[A] kernel.org from 192.168.2.2

the nslookup-call:
 dnsmasq: query[PTR] 1.2.168.192.in-addr.arpa from 127.0.0.1
 dnsmasq: query[PTR] 1.2.168.192.in-addr.arpa from 127.0.0.1
 dnsmasq: query[PTR] 1.2.168.192.in-addr.arpa from 127.0.0.1
 dnsmasq: query[] kernel.org from 127.0.0.1
 dnsmasq: query[] kernel.org from 127.0.0.1
 dnsmasq: query[] kernel.org from 127.0.0.1



This behaviour occured on both a Linksys WRT54GL (OpenWRT Kamikaze, MIPSel, 
Linux 2.4/uclibc) and a Netgear WGT634U  (OpenWRT Kamikaze, MIPSel, Linux 
2.6/uclibc).

It seems that setting --min-port to anything from 1 to 65535 works around this 
but I think this is not expected behaviour.

The following patches have been applied before building (after being 
refreshed):
https://dev.openwrt.org/cgi-bin/trac.fcgi/browser/trunk/package/dnsmasq/patches/101-ipv6.patch
https://dev.openwrt.org/cgi-bin/trac.fcgi/browser/trunk/package/dnsmasq/patches/102-rtnetlink.patch

compile time options: IPv6 GNU-getopt ISC-leasefile no-DBus no-I18N TFTP

Greetings
Steven

Re: [Dnsmasq-discuss] Dnsmasq 2.44 refuses DNS-Queries from LAN clients

[Simon Kelley]

Steven Barth wrote:

Hello,

it looks like there is an issue with the latest 2.44 version of Dnsmasq.
I recently upgraded the Dnsmasq on my router from 2.43 to 2.44 and it started 
to refuse DNS-Queries from PCs in the LAN. Downgrading to 2.43 made it work 
again.


This is the output of host on a PC in the LAN:

host -v kernel.org 192.168.2.1
Trying kernel.org
Received 28 bytes from 192.168.2.1#53 in 14 ms
Trying kernel.org
Using domain server:
Name: 192.168.2.1
Address: 192.168.2.1#53
Aliases:

Host kernel.org not found: 5(REFUSED)
Received 28 bytes from 192.168.2.1#53 in 12 ms



The same request on the router running Dnsmasq itself worked flawlessly:

root@OpenWrt:/# nslookup kernel.org 192.168.2.1
Server:192.168.2.1
Address 1: 192.168.2.1

Name:  kernel.org
Address 1: 204.152.191.5 pub1.kernel.org
Address 2: 204.152.191.37 pub2.kernel.org



Running dnsmasq -qd for debug purposes:
the host-call produced the following output on the router:

dnsmasq: query[A] kernel.org from 192.168.2.2
dnsmasq: query[A] kernel.org from 192.168.2.2


the nslookup-call:

dnsmasq: query[PTR] 1.2.168.192.in-addr.arpa from 127.0.0.1
dnsmasq: query[PTR] 1.2.168.192.in-addr.arpa from 127.0.0.1
dnsmasq: query[PTR] 1.2.168.192.in-addr.arpa from 127.0.0.1
dnsmasq: query[] kernel.org from 127.0.0.1
dnsmasq: query[] kernel.org from 127.0.0.1
dnsmasq: query[] kernel.org from 127.0.0.1




This behaviour occured on both a Linksys WRT54GL (OpenWRT Kamikaze, MIPSel, 
Linux 2.4/uclibc) and a Netgear WGT634U  (OpenWRT Kamikaze, MIPSel, Linux 
2.6/uclibc).


It seems that setting --min-port to anything from 1 to 65535 works around this 
but I think this is not expected behaviour.


It's not, but it takes straight to the problem; thanks.

Expect a new release soon.


Cheers,

Simon.



The following patches have been applied before building (after being 
refreshed):

https://dev.openwrt.org/cgi-bin/trac.fcgi/browser/trunk/package/dnsmasq/patches/101-ipv6.patch
https://dev.openwrt.org/cgi-bin/trac.fcgi/browser/trunk/package/dnsmasq/patches/102-rtnetlink.patch

compile time options: IPv6 GNU-getopt ISC-leasefile no-DBus no-I18N TFTP

Greetings
Steven

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss