Re: [Dnsmasq-discuss] Bluetooth networking issue
On Wed, Feb 01, 2017 at 12:20:27PM -0700, Aaron Brice wrote: > On 01/31/2017 05:44 AM, Beniamino Galvani wrote: > > On Thu, Jan 26, 2017 at 02:22:14PM -0700, Aaron Brice wrote: > > > But there is neither a reply nor an error message after the query is > > > received. "dig www.cnn.com" shows "status: REFUSED". To be clear, the > > > queries are originating from the laptop and should be routed through the > > > bluetooth network connection. The network connection is there and I can > > > ping the nameserver over the bluetooth network, but it's having trouble > > > with > > > the DNS. I don't think the bluetooth part of it is exactly relevant, but > > > I'm assuming that somehow disconnecting and reconnecting a bluetooth > > > network > > > does something different than disconnecting and reconnecting a wifi > > > network. > > I think the following commit should solve your issue: > > > > http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=2675f2061525bc954be14988d64384b74aa7bf8b > > > > Do you have any chance to try a recent git snapshot? > > Thanks very much. I applied that commit as a patch against current Ubuntu > 16.10 dnsmasq source package and it does in fact fix the problem. Cool. You may want to also apply this follow-up commit: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=16800ea072dd0cdf14d951c4bb8d2808b3dfe53d Beniamino signature.asc Description: PGP signature ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Bluetooth networking issue
On Thu, Jan 26, 2017 at 02:22:14PM -0700, Aaron Brice wrote: > Simon, > > Thanks. dnsmasq is getting the queries, you can see them in the log: > > Jan 18 16:56:07 datasoft-travel dnsmasq[7973]: query[A] www.cnn.com from > 127.0.0.1 > > But there is neither a reply nor an error message after the query is > received. "dig www.cnn.com" shows "status: REFUSED". To be clear, the > queries are originating from the laptop and should be routed through the > bluetooth network connection. The network connection is there and I can > ping the nameserver over the bluetooth network, but it's having trouble with > the DNS. I don't think the bluetooth part of it is exactly relevant, but > I'm assuming that somehow disconnecting and reconnecting a bluetooth network > does something different than disconnecting and reconnecting a wifi network. I think the following commit should solve your issue: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=2675f2061525bc954be14988d64384b74aa7bf8b Do you have any chance to try a recent git snapshot? Beniamino signature.asc Description: PGP signature ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [solved] Re: Finding actual DNS server used
On Mon, Jan 16, 2017 at 08:36:05AM +0200, Lars Noodén wrote: > Thanks. That's it. I somehow missed it there in the manual page: > > When it receives a SIGUSR1, dnsmasq writes statistics > to the system log. … For each upstream server > it gives the number of queries sent, and the > number which resulted in an error. > … > > That gives me the information I was looking for regarding verifying > which server dnsmasq is using. Hi, in addition to the suggested methods, an alternative way is to grep system logs for: dnsmasq[6620]: setting upstream servers from DBus dnsmasq[6620]: using nameserver 192.168.10.1#53(via ens3) In the next version of NetworkManager (1.6) it will be possible to show the DNS configuration in the output of 'nmcli' [1], as: $ nmcli ens3: connected to internet+ "Realtek RTL-8100/8101L/8139 PCI Fast Ethernet Adapter (QEMU Virtual Machine)" ethernet (8139cp), 52:54:00:F1:61:81, hw, mtu 1500 ip4 default inet4 192.168.10.166/24 [...] DNS configuration: servers: 10.0.0.1 domains: foobar.com interface: tun0 type: vpn servers: 192.168.10.1 interface: ens3 Beniamino [1] https://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=20bf5ce35907e2a59fd1f1f9595b8eb202facc0f ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] [PATCH] Refresh cached socket fd if the interface index changed
The socket bound to a specific interface in the daemon->sfds cache is reused also when the interface disappears and is created again, causing resolution problems. This problem can be seen when connecting to VPNs with NetworkManager: when the VPN is connected NM pushes through D-Bus a configuration containing the upstream server '1.2.3.4@tun0' and dnsmasq creates a socket bound to tun0. Later, the VPN is reconnected and tun0 reappears with a different ifindex; but even if the server list is updated again (still containing an upstream server on tun0), dnsmasq tries to use the old socket and any DNS request fails. This patch adds a check on the ifindex in allocate_sfd() to prevent the reuse of a stale socket, and ensures that unused sockets are destroyed. --- src/dnsmasq.h | 2 ++ src/network.c | 29 +++-- 2 files changed, 29 insertions(+), 2 deletions(-) diff --git a/src/dnsmasq.h b/src/dnsmasq.h index 27385a9..462aaf5 100644 --- a/src/dnsmasq.h +++ b/src/dnsmasq.h @@ -487,8 +487,10 @@ union mysockaddr { struct serverfd { int fd; union mysockaddr source_addr; char interface[IF_NAMESIZE+1]; + unsigned int ifindex; + unsigned int used; struct serverfd *next; }; struct randfd { diff --git a/src/network.c b/src/network.c index e7722fd..bcb4d1f 100644 --- a/src/network.c +++ b/src/network.c @@ -1203,8 +1203,9 @@ int local_bind(int fd, union mysockaddr *addr, char *intname, int is_tcp) static struct serverfd *allocate_sfd(union mysockaddr *addr, char *intname) { struct serverfd *sfd; + unsigned int ifindex = 0; int errsave; /* when using random ports, servers which would otherwise use the INADDR_ANY/port0 socket have sfd set to NULL */ @@ -1223,14 +1224,19 @@ static struct serverfd *allocate_sfd(union mysockaddr *addr, char *intname) addr->in6.sin6_port == htons(0)) return NULL; #endif } + + if (intname) +ifindex = if_nametoindex(intname); /* may have a suitable one already */ for (sfd = daemon->sfds; sfd; sfd = sfd->next ) if (sockaddr_isequal(>source_addr, addr) && - strcmp(intname, sfd->interface) == 0) + strcmp(intname, sfd->interface) == 0 && + ifindex == sfd->ifindex) { return sfd; +} /* need to make a new one. */ errno = ENOMEM; /* in case malloc fails. */ if (!(sfd = whine_malloc(sizeof(struct serverfd @@ -1249,13 +1255,15 @@ static struct serverfd *allocate_sfd(union mysockaddr *addr, char *intname) free(sfd); errno = errsave; return NULL; } - + strcpy(sfd->interface, intname); sfd->source_addr = *addr; sfd->next = daemon->sfds; + sfd->ifindex = ifindex; daemon->sfds = sfd; + return sfd; } /* create upstream sockets during startup, before root is dropped which may be needed @@ -1428,14 +1436,18 @@ void add_update_server(int flags, void check_servers(void) { struct irec *iface; struct server *serv; + struct serverfd *sfd, **ptr; int port = 0, count; /* interface may be new since startup */ if (!option_bool(OPT_NOWILD)) enumerate_interfaces(0); + for (sfd = daemon->sfds; sfd; sfd = sfd->next) +sfd->used = 0; + #ifdef HAVE_DNSSEC /* Disable DNSSEC validation when using server=/domain/ servers unless there's a configured trust anchor. */ for (serv = daemon->servers; serv; serv = serv->next) @@ -1504,8 +1516,10 @@ void check_servers(void) daemon->namebuff, strerror(errno)); serv->flags |= SERV_MARK; continue; } + + serv->sfd->used++; } if (!(serv->flags & SERV_NO_REBIND) && !(serv->flags & SERV_LITERAL_ADDRESS)) { @@ -1546,8 +1560,19 @@ void check_servers(void) if (count - 1 > SERVERS_LOGGED) my_syslog(LOG_INFO, _("using %d more nameservers"), count - SERVERS_LOGGED - 1); + /* Remove unused sfds */ + for (ptr = >sfds; *ptr; ) { +sfd = *ptr; +if (!sfd->used) { + *ptr = sfd->next; + close(sfd->fd); + free(sfd); +} else + ptr = >next; + } + cleanup_servers(); } /* Return zero if no servers found, in that case we keep polling. -- 2.5.5 ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Debugging dnsmasq on Ubuntu
On Wed, Mar 29, 2017 at 09:43:33AM -0500, Joel Whitehouse wrote: > I'm running ubuntu 14, which uses dnsmasq as a local resolver on 127.0.1.1. > When I issue a dig query, dig informs me it's using 127.0.1.1 as its > resolver: > > ;; Query time: 3 msec > ;; SERVER: 127.0.1.1#53(127.0.1.1) > ;; WHEN: Wed Mar 29 09:36:06 CDT 2017 > ;; MSG SIZE rcvd: 63 > > > However, I would like to know what host dnsmasq is using as its resolver. > On my system, `ps ax' shows that dnsmasq is started with the command: > > /usr/sbin/dnsmasq --no-resolv --keep-in-foreground --no-hosts > --bind-interfaces > --pid-file=/run/sendsigs.omit.d/network-manager.dnsmasq.pid > --listen-address=127.0.1.1 --conf-file=/var/run/NetworkManager/dnsmasq.conf > --cache-size=0 --proxy-dnssec > --enable-dbus=org.freedesktop.NetworkManager.dnsmasq > –conf-dir=/etc/NetworkManager/dnsmasq.d > > > Both the file /var/run/NetworkManager/dnsmasq.conf and the directory > /etc/NetworkManager/dnsmasq.d/ are empty, so it's likely that dnsmasq is > receiving its resovlers from Network Manager over the dbus interface. Correct. You should find in system logs the list of name servers pushed by NM to dnsmasq through D-Bus: dnsmasq[6620]: setting upstream servers from DBus dnsmasq[6620]: using nameserver 192.168.10.1#53(via ens3) With NM > 1.6 name servers in use are also printed in the 'nmcli' output. > Is there any way to get dnsmasq to log when it issues a new query to a > resolver? Try: echo log-queries > /etc/NetworkManager/dnsmasq.d/log-queries and restart NetworkManager. Beniamino signature.asc Description: PGP signature ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] [PATCH] Fix parsing of IPv6 addresses with peer from netlink
In the most common case, an IPv6 address doesn't have a peer and the IFA_ADDRESS netlink attribute contains the address itself. But if the address has a peer (typically for point to point links), then IFA_ADDRESS contains the peer address and IFA_LOCAL contains the address [1]. [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/net/ipv6/addrconf.c?h=v5.17#n5030 Fix the parsing of IPv6 addresses with peers, as currently dnsmasq unsuccessfully tries to bind on the peer address. A simple reproducer is: dnsmasq --conf-file=/dev/null -i dummy1 -d --bind-dynamic & sleep 2 ip link add dummy1 type dummy ip link set dummy1 up ip addr add dev dummy1 fd01::1/64 peer fd01::2/64 ip addr add dev dummy1 fd01::42/64 sleep 2 ss -lnp | grep dnsmasq | grep fd01 Before the patch: dnsmasq: failed to create listening socket for fd01::2: Cannot assign requested address dnsmasq: failed to create listening socket for fd01::2: Cannot assign requested address udp UNCONN 0 [fd01::42]:53 [::]:*users:(("dnsmasq",pid=23947,fd=14)) tcp LISTEN 0 [fd01::42]:53 [::]:*users:(("dnsmasq",pid=23947,fd=15 After: udp UNCONN 0 [fd01::42]:53 [::]:*users:(("dnsmasq",pid=23973,fd=16)) udp UNCONN 0[fd01::1]:53 [::]:*users:(("dnsmasq",pid=23973,fd=14)) tcp LISTEN 0 [fd01::42]:53 [::]:*users:(("dnsmasq",pid=23973,fd=17)) tcp LISTEN 0[fd01::1]:53 [::]:*users:(("dnsmasq",pid=23973,fd=15)) --- src/netlink.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/netlink.c b/src/netlink.c index da82943..a6d1972 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -258,7 +258,9 @@ int iface_enumerate(int family, void *parm, int (*callback)()) while (RTA_OK(rta, len1)) { - if (rta->rta_type == IFA_ADDRESS) + if (rta->rta_type == IFA_LOCAL) + addrp = ((struct in6_addr *)(rta+1)); + else if (rta->rta_type == IFA_ADDRESS && !addrp) addrp = ((struct in6_addr *)(rta+1)); else if (rta->rta_type == IFA_CACHEINFO) { -- 2.34.1 ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH] Fix parsing of IPv6 addresses with peer from netlink
On Wed, May 18, 2022 at 04:10:52PM +0200, Geert Stappers via Dnsmasq-discuss wrote: > There new lines and one old line > > + if (rta->rta_type == IFA_LOCAL) > > + addrp = ((struct in6_addr *)(rta+1)); > > + else if (rta->rta_type == IFA_ADDRESS && !addrp) > > addrp = ((struct in6_addr *)(rta+1)); > rewritten as I see them > + if (conditionLOCAL) > + addrp = value > + else if (conditionADDRESS && !addrp) > addrp = value > > > It is the "&& !addrp" that makes me feel uncomfortable. > > > Would > + if (conditionLOCAL) > + addrp = value > + else if (conditionADDRESS) > addrp = value > > do? It wouldn't work, because a netlink message for an address with peer has: IFA_LOCAL = addr IFA_ADDRESS = peer We would first evaluate IFA_LOCAL and set addrp = addr, then overwrite it with peer when evaluating the next attribute IFA_ADDRESS. Since we are interested in 'addr', when IFA_LOCAL is present it should always override IFA_ADDRESS. > P.S. > @Beniamino welcome to dnsmasq Thanks, Beniamino signature.asc Description: PGP signature ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss