Re: [Dnsmasq-discuss] Finding actual DNS server used
Lars, On Sat, Jan 14, 2017 at 7:40 AM, Lars Noodénwrote: > How can I get an already running instance of Dnsmasq to tell which DNS > servers it is using to resolve new queries upstream? > > I am not sure that is the most reliable way to get the information you are looking for. Any client App can try to use whatever DNS server it wants to resolve names. That isn't polite, but it happens a lot with smartphones, and IoT in general. As far as the desktop OS, a user can override the DNS entries that DHCP provides. I lock my network clients into OpenDNS by using dnsmasq on my router (Untangle's NGFW) pointed to their servers, and the firewall to block any other attempts besides dnsmasq. The firewall then provides a handy log of attempts to bypass my wishes. Another way to see what is going on, is to run wireshark and filter for UDP port 53. dnsmasq can't know about things going around it. Peace, Jim A. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Duplicate IPs assigned to devices with similar MAC (same vendor)
May we have dnsmasq.conf? On Jan 14, 2017 11:56 AM, "Oleg Brodkin"wrote: # dnsmasq --version Dnsmasq version 2.76 Copyright (c) 2000-2016 Simon Kelley # Lease time 48 hours DNSMASQ server has been in our office for last 4-5 years, and mostly no issues with assigning IPs. Except there are two recent devices in our lab from the same vendor, and the server dishes them out duplicate IPs. Any ideas on what is going on and how to fix it? Thank you ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Finding actual DNS server used
On Sat, Jan 14, 2017 at 07:29:47PM +0100, Albert ARIBAUD wrote: > Hi again Chris, > > Le Sat, 14 Jan 2017 16:06:39 + > Chris Greena écrit: > > > On Sat, Jan 14, 2017 at 03:40:52PM +0100, Albert ARIBAUD wrote: > > > > I've not spotted anything in the manual page that stands out for > > > > that purpose. > > > > > > There is not much point for it, is there? I mean, if dnsmasq has > > > upstream servers (possibly per request domain) and acts as a local > > > server, it is so that DNS clients on the LAN do *not* have to know > > > these upstream servers. > > > > > > Or maybe I am missing something. What is your use case? > > > > > Well for one it's useful to be able to check whether dnsmasq is using > > a sensible DNS server. > > Whatever server dnsmasq uses, it does so because its configuration > tells it to. The servers in this configuration are there either > because they were put in there by the dnamasq host admin (e.g., for > handling unqualified names as LAN names), or because the host has one > or more interfaces on which it is a DHCP client, not server, and the > actual DHCP server announces a DNS server which e.g. the Network > Manager added to the dnsmasq config. Do you see another case? > Yes, so I want to check that the DNS server I *think* it should be using from the configuration or DHCP is *actually* what it's using. > > On my home LAN I have a full dnsmasq running on a Raspberry Pi and > > point all the other systems at that for DNS. The other systems > > include a number of xubuntu Linux systems which run the 'local only' > > dnsmasq which is run automatically by Network Manager. > > Pretty much the same here on the very machine I am typing on right > now except my LAN's dnsmasq does not run on a RPi. :) > > > Thus in my case, to prove that everything is working as intended, I'd > > like to be able to see that all systems (except the Raspberry Pi) are > > using the Raspberry Pi as their DNS server. In addition I might also > > want to check what upstream servers the Pi is using. > > I don't understand your problem... The local dnsmasq on my Xubuntu > machine takes its servers from its only source of DNS server IPs: the > DHCP (and RA) info it receives from my LAN's dnsmasq, and I control that > (as you control that on your RPi's dnsmasq), therefore I *know* which > DNS servers my Xubuntu machine can use. > If it's working right and as you expected, yes. However it could be, for example, that your desktop machine is getting the wrong DHCP server (I have routers that might, if misconfigured, provide DHCP). > Why do you think any of your Xubuntu machine would use a DNS server it > was not provided through DHCP or RA ? > I don't, but it *might* not have used the DHCP server I thought it did. Why is is so difficult to provide this information? At the very least it would provide a confidence check that all is working as intended. It might very well help if something isn't working too. For example if my machine can't connect to another machine on the LAN but can see the outside world it suggests it's getting DNS from something other than my Pi DNS server. If I could check what DNS it is using then it would confirm that either it has got it's DNS set up from somewhere else or that it has got the right DNS (the Pi) but that the Pi is set up wrong somehow. -- Chris Green ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Finding actual DNS server used
Hi again Chris, Le Sat, 14 Jan 2017 16:06:39 + Chris Greena écrit: > On Sat, Jan 14, 2017 at 03:40:52PM +0100, Albert ARIBAUD wrote: > > > I've not spotted anything in the manual page that stands out for > > > that purpose. > > > > There is not much point for it, is there? I mean, if dnsmasq has > > upstream servers (possibly per request domain) and acts as a local > > server, it is so that DNS clients on the LAN do *not* have to know > > these upstream servers. > > > > Or maybe I am missing something. What is your use case? > > > Well for one it's useful to be able to check whether dnsmasq is using > a sensible DNS server. Whatever server dnsmasq uses, it does so because its configuration tells it to. The servers in this configuration are there either because they were put in there by the dnamasq host admin (e.g., for handling unqualified names as LAN names), or because the host has one or more interfaces on which it is a DHCP client, not server, and the actual DHCP server announces a DNS server which e.g. the Network Manager added to the dnsmasq config. Do you see another case? > On my home LAN I have a full dnsmasq running on a Raspberry Pi and > point all the other systems at that for DNS. The other systems > include a number of xubuntu Linux systems which run the 'local only' > dnsmasq which is run automatically by Network Manager. Pretty much the same here on the very machine I am typing on right now except my LAN's dnsmasq does not run on a RPi. :) > Thus in my case, to prove that everything is working as intended, I'd > like to be able to see that all systems (except the Raspberry Pi) are > using the Raspberry Pi as their DNS server. In addition I might also > want to check what upstream servers the Pi is using. I don't understand your problem... The local dnsmasq on my Xubuntu machine takes its servers from its only source of DNS server IPs: the DHCP (and RA) info it receives from my LAN's dnsmasq, and I control that (as you control that on your RPi's dnsmasq), therefore I *know* which DNS servers my Xubuntu machine can use. Why do you think any of your Xubuntu machine would use a DNS server it was not provided through DHCP or RA ? Amicalement, -- Albert. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Finding actual DNS server used
On 01/14/2017 06:06 PM, Chris Green wrote: > On Sat, Jan 14, 2017 at 03:40:52PM +0100, Albert ARIBAUD wrote: [snip] >> Or maybe I am missing something. What is your use case? >> > Well for one it's useful to be able to check whether dnsmasq is using > a sensible DNS server. [snip] That's what I'm aiming for. There is an application on a remote computer that is failing because it appears to initially get a working nameserver but then somewhere early on the DNS fails. I think it would help the diagnosis to see which nameservers dnsmasq is actually calling or caching. Because it's not my system and it is remote, I have to go step by step, slowly. Since everything on that system, in regards to DNS, is going via Dnsmasq, I'd like to see what it has loaded and is using. Regards, Lars ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] Duplicate IPs assigned to devices with similar MAC (same vendor)
# dnsmasq --version Dnsmasq version 2.76 Copyright (c) 2000-2016 Simon Kelley # Lease time 48 hours DNSMASQ server has been in our office for last 4-5 years, and mostly no issues with assigning IPs. Except there are two recent devices in our lab from the same vendor, and the server dishes them out duplicate IPs. Any ideas on what is going on and how to fix it? Thank you Oleg -- DEVICE 1 Jan 13 17:33:23 dnsmasq-dhcp[12864]: 328676717 sent size: 4 option: 54 server-identifier 10.111.222.6 Jan 13 17:33:23 dnsmasq-dhcp[12864]: 328676717 sent size: 4 option: 1 netmask 255.255.248.0 Jan 13 17:33:23 dnsmasq-dhcp[12864]: 328676717 sent size: 4 option: 28 broadcast 10.111.223.255 Jan 13 17:33:23 dnsmasq-dhcp[12864]: 328676717 sent size: 16 option: 15 domain-name xxx.com Jan 13 17:33:23 dnsmasq-dhcp[12864]: 328676717 sent size: 4 option: 6 dns-server 10.111.222.6 Jan 13 17:33:23 dnsmasq-dhcp[12864]: 328676717 sent size: 4 option: 3 router 10.111.222.1 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 available DHCP range: 10.111.216.10 -- 10.111.219.250 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 client provides name: g5br2d2 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 DHCPDISCOVER(eth0) f4:4d:30:60:73:40 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 tags: eth0 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 DHCPOFFER(eth0) 10.111.218.130 f4:4d:30:60:73:40 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 requested options: 1:netmask, 3:router, 12:hostname, 15:domain-name, Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 requested options: 6:dns-server, 33:static-route, 121:classless-static-route, Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 requested options: 42:ntp-server, 101 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 next server: 10.111.222.6 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 sent size: 1 option: 53 message-type 2 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 sent size: 4 option: 54 server-identifier 10.111.222.6 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 sent size: 4 option: 51 lease-time 2d Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 sent size: 4 option: 58 T1 1d -- Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 sent size: 4 option: 1 netmask 255.255.248.0 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 sent size: 4 option: 28 broadcast 10.111.223.255 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 sent size: 16 option: 15 domain-name xxx.com Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 sent size: 8 option: 42 ntp-server 10.111.222.18, 10.111.222.22 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 sent size: 4 option: 6 dns-server 10.111.222.6 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 sent size: 4 option: 3 router 10.111.222.1 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 available DHCP range: 10.111.216.10 -- 10.111.219.250 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 client provides name: g5br2d2 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 DHCPREQUEST(eth0) 10.111.218.130 f4:4d:30:60:73:40 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 tags: eth0 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 DHCPACK(eth0) 10.111.218.130 f4:4d:30:60:73:40 g5br2d2 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 requested options: 1:netmask, 3:router, 12:hostname, 15:domain-name, Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 requested options: 6:dns-server, 33:static-route, 121:classless-static-route, Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 requested options: 42:ntp-server, 101 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 next server: 10.111.222.6 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 sent size: 1 option: 53 message-type 5 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 sent size: 4 option: 54 server-identifier 10.111.222.6 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 sent size: 4 option: 51 lease-time 2d Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 sent size: 4 option: 58 T1 1d -- DEVICE 2 Jan 13 14:12:23 dnsmasq-dhcp[12619]: 457454147 sent size: 4 option: 54 server-identifier 10.111.222.6 Jan 13 14:12:23 dnsmasq-dhcp[12619]: 457454147 sent size: 4 option: 1 netmask 255.255.248.0 Jan 13 14:12:23 dnsmasq-dhcp[12619]: 457454147 sent size: 4 option: 28 broadcast 10.111.223.255 Jan 13 14:12:23 dnsmasq-dhcp[12619]: 457454147 sent size: 16 option: 15 domain-name xxx.com Jan 13 14:12:23 dnsmasq-dhcp[12619]: 457454147 sent size: 4 option: 6 dns-server 10.111.222.6 Jan 13 14:12:23 dnsmasq-dhcp[12619]: 457454147 sent size: 4 option: 3 router 10.111.222.1 Jan 13 14:12:31 dnsmasq-dhcp[12619]: 341215309 available DHCP range: 10.111.216.10 -- 10.111.219.250 Jan 13 14:12:31 dnsmasq-dhcp[12619]: 341215309 client provides name: nuc_labtest_1 Jan 13 14:12:31 dnsmasq-dhcp[12619]: 341215309 DHCPDISCOVER(eth0) f4:4d:30:60:90:8d Jan 13 14:12:31 dnsmasq-dhcp[12619]: 341215309 tags: eth0 Jan 13 14:12:31 dnsmasq-dhcp[12619]: 341215309 DHCPOFFER(eth0) 10.111.218.130 f4:4d:30:60:90:8d Jan 13 14:12:31 dnsmasq-dhcp[12619]: 341215309
Re: [Dnsmasq-discuss] Finding actual DNS server used
On Sat, Jan 14, 2017 at 03:40:52PM +0100, Albert ARIBAUD wrote: > > I've not spotted anything in the manual page that stands out for that > > purpose. > > There is not much point for it, is there? I mean, if dnsmasq has > upstream servers (possibly per request domain) and acts as a local > server, it is so that DNS clients on the LAN do *not* have to know > these upstream servers. > > Or maybe I am missing something. What is your use case? > Well for one it's useful to be able to check whether dnsmasq is using a sensible DNS server. On my home LAN I have a full dnsmasq running on a Raspberry Pi and point all the other systems at that for DNS. The other systems include a number of xubuntu Linux systems which run the 'local only' dnsmasq which is run automatically by Network Manager. Thus in my case, to prove that everything is working as intended, I'd like to be able to see that all systems (except the Raspberry Pi) are using the Raspberry Pi as their DNS server. In addition I might also want to check what upstream servers the Pi is using. -- Chris Green ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Finding actual DNS server used
Hi Lars, Le Sat, 14 Jan 2017 14:40:14 +0200 Lars Noodéna écrit: > How can I get an already running instance of Dnsmasq to tell which DNS > servers it is using to resolve new queries upstream? > > Specifically how can this be done in distros like Ubuntu and Linux > Mint, which have setups like this:: > > # cat /etc/resolv.conf > # Dynamic resolv.conf(5) file for glibc resolver(3) generated by > resolvconf(8) > # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE > OVERWRITTEN nameserver 127.0.1.1 > > > # ps auxw |grep dnsmasq > nobody2711 0.0 0.0 31028 3276 ?S13:27 0:00 > /usr/sbin/dnsmasq --no-resolv --keep-in-foreground --no-hosts > --bind-interfaces > --pid-file=/run/sendsigs.omit.d/network-manager.dnsmasq.pid > --listen-address=127.0.1.1 > --conf-file=/var/run/NetworkManager/dnsmasq.conf --cache-size=0 > --proxy-dnssec --enable-dbus=org.freedesktop.NetworkManager.dnsmasq > --conf-dir=/etc/NetworkManager/dnsmasq.d > > I've not spotted anything in the manual page that stands out for that > purpose. There is not much point for it, is there? I mean, if dnsmasq has upstream servers (possibly per request domain) and acts as a local server, it is so that DNS clients on the LAN do *not* have to know these upstream servers. Or maybe I am missing something. What is your use case? > Regards, > Lars Amicalement, -- Albert. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] Finding actual DNS server used
How can I get an already running instance of Dnsmasq to tell which DNS servers it is using to resolve new queries upstream? Specifically how can this be done in distros like Ubuntu and Linux Mint, which have setups like this:: # cat /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 127.0.1.1 # ps auxw |grep dnsmasq nobody2711 0.0 0.0 31028 3276 ?S13:27 0:00 /usr/sbin/dnsmasq --no-resolv --keep-in-foreground --no-hosts --bind-interfaces --pid-file=/run/sendsigs.omit.d/network-manager.dnsmasq.pid --listen-address=127.0.1.1 --conf-file=/var/run/NetworkManager/dnsmasq.conf --cache-size=0 --proxy-dnssec --enable-dbus=org.freedesktop.NetworkManager.dnsmasq --conf-dir=/etc/NetworkManager/dnsmasq.d I've not spotted anything in the manual page that stands out for that purpose. Regards, Lars ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss