Re: [Dnsmasq-discuss] not giving name myhost to the DHCP lease of 192.168.1.171 because the name exists in /etc/hosts with address 127.0.0
On 2/23/24 21:12, Bernd Prager wrote: Hi, I am getting this annoying warning in my log files: "not giving name myhost to the DHCP lease of 192.168.1.171 because the name exists in /etc/hosts with address 127.0.0" from the dnsmaqs-daemon. This is the box that actually runs the dhcp daemon for my network and this host has 2 network interfaces: enp2s0: flags=4163 mtu 1500 inet 192.168.1.2 netmask 255.255.255.0 broadcast 192.168.1.255 with a fixed IP address, and wlp1s0: flags=4163 mtu 1500 inet 192.168.1.171 netmask 255.255.255.0 broadcast 192.168.1.255 that I want to grab the IP address via DHCP. The /etc.hosts contains: 127.0.0.1 localhost myhost How do I configure my dnsmasq.conf to solve this? Dnsmasq is a server. You should look at the DHCP client if you want to get a lease from a DHCP server for an interface. To address the issue, you can simply remove the duplicate host from the hosts file or make Dnsmasq ignore this file. What do you need Dnsmasq for? -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] wip: Add tag: usage in dhcp-option
On 9/23/23 02:27, Wink Saville wrote: On Fri, Sep 22, 2023 at 1:06 PM Geert Stappers wrote: On Thu, Sep 21, 2023 at 11:00:59PM -0700, Wink Saville wrote: On Thu, Sep 21, 2023 at 10:47 PM Geert Stappers wrote: On Wed, Sep 20, 2023 at 09:14:13PM -0700, Wink Saville wrote: TLDR. I would like to point out that there is only one maintainer for this project. Geert Stappers from stappers.nl is not affiliated with Dnsmasq nor is he a maintainer. As an aside the '--rfc' opt to the format-patch command is better than using WIP when sending patches via send-email. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dnsmasq.service: Control process exited, code=exited, status=127/n/a
On 7/10/23 17:20, dnsmasqyq@neverbox.com wrote: On Mon, Jul 10, 2023 at 11:17 AM Tong Sun wrote: Hi, I'm installing in Debian the normal way with sudo apt install -y dnsmasq and it fails out of the box with: -- Created symlink /etc/systemd/system/multi-user.target.wants/dnsmasq.service -> /lib/systemd/system/dnsmasq.service. Job for dnsmasq.service failed because the control process exited with error code. See "systemctl status dnsmasq.service" and "journalctl -xeu dnsmasq.service" for details. invoke-rc.d: initscript dnsmasq, action "start" failed. x dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server Loaded: loaded (/lib/systemd/system/dnsmasq.service; enabled; preset: enabled) Active: failed (Result: exit-code) since Mon 2023-07-10 10:52:02 EDT; 14ms ago Process: 506097 ExecStartPre=/etc/init.d/dnsmasq checkconfig (code=exited, status=127) CPU: 14ms Jul 10 10:52:02 coral systemd[1]: Starting dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server... Jul 10 10:52:02 coral systemd[1]: dnsmasq.service: Control process exited, code=exited, status=127/n/a What Debian release are you using and what dnsmasq version do you have? I would also file a bugreport against this Debian package. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Why i can not go to internet ?
On 2/7/23 07:55, HOANG TIEN wrote: I instal step by step with this link Installing SoftEther VPN on Ubuntu 22.04 – The IT Guy CJ <https://theitguycj.com/installing-softether-vpn-on-ubuntu-22-04/> . But after, it can nnot go to internet, Can you help me ? https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss Try to remove Dnsmasq from the mix and see if everything works. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Unable to get a reserved address when dhcp-range not specified
On 1/8/23 06:56, Donald Muller wrote: I recently added a 2.5GB switch to my network. All devices, which are NAS devices, plugged into the switch have a reservation for their IP4 address except of course the NAS running dnsmasq which has a fixed address. I updated dnsmasq to include the reservations and the following dhcp options. dhcp-option=tag:eth4,option:netmask,255.255.255.0 # set net mask (1) dhcp-option=tag:eth4,option:router,0.0.0.0 # set router address (3) No address range is specified for eth4. When one of the NAS devices attempts to get an IP address I receive the following error message. no address range available for DHCP request via eth4 Even though I have reservations for the devices they never receive their reserved address. If I add the range option then the devices receive their reserved address. dhcp-range=tag:eth4,192.168.122.100,192.168.122.199,255.255.255.0,3d Why do I need to specify a dhcp range when the devices have reservations? I don't want a device that does not have a reservation on this subnet to be able to plug into the switch and get an address. Is this a bug in dnsmasq? If not is there a way to > > Looks like you want the 'DHCP service' with 'static' leases. If I'm correct, [1] says The optional keyword may be static which tells dnsmasq to enable DHCP for the network specified, but not to dynamically allocate IP addresses: only hosts which have static addresses given via --dhcp-host or from /etc/ethers will be served." [1] https://thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Reserved IP Addresses for Specific DHCP Clients without a Connection to the Subnet
On 10/31/22 22:15, Simon Kelley wrote: On 27/10/2022 18:02, Rich Otero wrote: Simon, dhcp-host=set:wierd,,192.168.6.7 Are you sure that this is correct? According to the manual, the signature of dhcp-host is this: --dhcp-host=[][,id:|*][,set:][,tag:][,][,][,][,ignore] The relevant bit: ,set:, But your example is: set:,, The parser for dhcp-host accepts the various data types in any order and analyses the comma-delimited strings with various heuristics to work out what it's seeing. This seemed like a great idea at the time, but if I could communicate with 2002-Simon I'd probably tell him to find another way. There have been bugs when the heuristics were not as clever as they should have been, and confusion when they are a bit too clever. This is compounded by the fact that it's very difficult to tell that the parser has silently treated your MAC address as a hostname because you substituted an o for 0 or something similar. Too late now, it is what it is. I also always wonderd about this, is one syntax less error prone then an other? -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dnsmasq On Subnets - Failing
Giving some hints more than an answer. On 9/23/2022 2:20 PM, Zeta Cloud wrote: Hi. I'm running dnsmasq as the local DHCP server in a container/VM/jail intended to serve as a router for multiple VMs, and the router VM is set up with multiple vnics, each on a different subnet. I'll assume that you are talking about VLAN/alias interface. vnic1: Subnet A -> 192.168.11.0 (external) What Ip are you realy getting on this interface? vnic2: Subnet B -> 192.168.21.0 (internal) vnic3: Subnet C -> 192.168.31.0 (storage) The problem I'm having is that as soon as a VM on subnet A requests a DHCP address, dnsmasq will not respond to any future requests from VMs on subnet B or subnet C. If I restart the dnsmasq service, and if the first DHCP request is from subnet B, it won't respond to queries from subnet A/C. Etc. Does your network topology works without dnsmasq? Is this peculiar to the particular version of dnsmasq-2.86? I've tried everything, with and without option bind-interfaces, with and without all interfaces explicitly listed, exclude-interfaces, etc. See above point. Any help on this would be greatly appreciated. I've already spent 2 days trying to figure out what was going on. I'm trying to set up containers/VMs. The problem I face is that once I set up a VM on one subnet, VM creation fails for all other subnets. A restart of dnsmasq doesn't help, because then dnsmasq responds to the first and subsequent DHCP requests from a subnet, but stops responding to VMs on other subnets. Thanks very much. Try to get this working with one internal and one external interface. My dnsmasq.conf included below for reference. -- dhcp-authoritative dhcp-lease-max=1000 dhcp-leasefile=/var/cache/dnsmasq/dnsmasq.leases dhcp-rapid-commit Remove this one for the time being. log-facility=/var/log/dnsmasq/dnsmasq.log log-queries log-dhcp Do you see in the log why dnsmasq is not happy? # NAT Interface except-interface=net0 no-dhcp-interface=net0 If you ignore the interface, the other flag is not realy needed. domain=zetac.lan # Subnet A interface=net1 bind-interfaces listen-address=192.168.11.1 dhcp-range=set:extl,192.168.11.101,192.168.11.200,12h dhcp-option=tag:extl,option:dns-server,192.168.11.1 dhcp-option=option:netmask,255.255.255.0 dhcp-option=option:domain-name,zetac.lan # Subnet B interface=net2 bind-interfaces Why do you use this opt multiple times, I would only use it once. listen-address=192.168.21.1 In this context, I can't say that I see the point of using the above. dhcp-option=tag:intl,option:dns-server,192.168.21.1 dhcp-option=option:netmask,255.255.255.0 dhcp-option=option:domain-name,zetac.lan Do you realy need those opts? # Subnet B interface=net3 bind-interfaces listen-address=192.168.31.1 dhcp-range=set:intl,192.168.31.101,192.168.31.200,12h dhcp-option=tag:intl,option:dns-server,192.168.31.1 dhcp-option=option:netmask,255.255.255.0 dhcp-option=option:domain-name,zetac.lan Same points as for the other subnet. If I may, find a simple network example for two interfaces (internal/external), then get dnsmasq working and build up from there. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] Fwd: Monthly posting
pu3HbShcNl/Tybo77VZTYZmZFHVobC3iw/S8F1v L+xO7oV1+M1bjc868dwG1ebgwYHz+GaoC0dC2bzBozpdnj8bXe9sEwK2at350sgzNJNT6b5qi xMjuEzj0SDXcPDGwaTmdXbfj2xoXcaobBylVNWL3Q4+cdPFAvIdvyvfzdOU95xBX0mB9BpPLl JHkklmS+QXCN370yloOYY6TS+TzB6ZD8aM3qp4/UHTSsMh3SHfAVVXM2Xt2Wej+eUHve/BtSu rtsnsC1WA17DTcQencI97kAFTIun++S+u6a+CUdEvcv6sCgz3wnZMCpLI0sbS2MoXFMH7ildC ok7RGOTRv2CP4brI2a0qCic1uITxyPlz2LKZpLhKE5u9192vzSvWiL1IWKkv3VapZSNYy0EKx yAZxEJHjRcXBedWxgmnIk1zrbaYyQI/hU0Ozel4pydcACUSnbx7KHcI2uoa957LfSr01I4tXJ c+LpL1lYc5D7nHAXP0502O0M7f/h5dVAaVs85pL6xMxmRyQLyN2f1HIbg2TuRo0OAhmEhoZJF KfQ/pHFcEiboFa1doymdsTtNadcxWYYkE14uVNsn3GRhqgqp0Ar1Q+QllHSi3kdvsOnQ3CB/y ExpekLCLa08J+geD7VGlHXzpyVrEmyPcI5h5FYkSCoq9CCZ6i85G90qsetZEqEpjpR7F35cU9 ial9lk/CLNEf6HjE3+3axqYcAN8sGqsxdaEkyLH5LMFXewL2aCnCaQUL7Iywr4aGx//yZgnui UxwuPCdxNWl9JLxxE2PcRUkDgDy0AiR+dMEj0vhepa5IVhuIsb4UFLioZCASTP7EHO1kLDjAf Phis8uGGe3teGiOB2BMX974bv0HaQrpwfHmxwv+AdskFwc5+6rBEDuhBOyNa4gTrhLEAI5WvA 5sQVmBZ0SKdRKpHw6ys+UUqMDljit9RliMCYfgDqOsK4RWy/4Fdf/bgZhpvJ01QhSnnvWUjOb cN5GrxYuglhNFe4miZvL+4udsqRlkLNDXHEGZv7yPF4l+BehfJe5BVQcpD6qf8EjuiHZtGiGT bnCOPhgudFgW4sFoaIdtjutjm4CN9uApETN4HO7ZPd9xTES/hWCsWccaWYyWbL+eiF2lZYgu3 zWPqiH6NNSJD1DmUvq1HWqScFeRcFBVxQr1DYozl0UVsR5Bj1RRM79ZNP6ABcqORBaMxLEBaB kUiWIITOR2nT9Y7XOEdgGxcFah688oQI0j59Hf/bNgDMPcgori7g/NKSF10HUMm9JI2Bm2Cdn akr5XPehtyE0rZ2/f4xbI9RkekPyqY06+Lcp8Pi4rNvM+o5/XfTvbT+tYB62N1ci4PEmkF/Pp 0e9rjo6qdXIzSzf8JKs/BWkWKXQ24EujuPNoFE/8LYipsW2PehoJP9QCwWL7Wi56RWMOtqsvV 1JE2cYGi8Ucv0VrfIqHzsmha0ZPjfn46E1YTkd4waKttHC3khL3+zXQSpNkxlmbgfnrEwypgx wZC3xJI= Hi, "How To Ask Questions The Smart Way" has immediately after the introduction an advice on before you ask. http://www.catb.org/esr/faqs/smart-questions.html#before Following that advice is still no guarantee for a quick response. So when you are still stuck with something that you think it is dnsmasq related, you have to make more effort. Greatest challenge is most likely being persistent in solving the problem. ( Not being persistent in demanding an answer ) The dnsmasq man page is feature complete. And known as "hard to read" for those who are new to it. But still do read it and try to understand it. Reading it again is known being effective for getting better understanding. Find a copy of it in source code of dnsmasq and read it by `man man/dnsmasq.8`, or when installed by `man dnsmasq` or at https://dnsmasq.org/docs/dnsmasq-man.html Pattern seen on the mailing list is unawareness of network-server-client-model. Expressing such problems is indeed hard, but also the road to a solution. Know that you are the main stake holder of the problem that you are facing. The highest reward for finding a solution goes to you. Keep the eco system that you are consulting healthy by sharing also your success stories. Avoid "DNS doesn't work", make it "My DNS client gets odd replies from dnsmasq", "My DNS requests don't get forwarded" or another non-generic issue. Use real DNS client tools like `dig` or `host` (instead of `ping`). Set the configuration --log-queries. That will allow you to see if the queries are getting to dnsmasq, and it will give you a full dump of the DNS cache (including DHCP derived names) if you send the dnsmasq process SIGUSR1. Both of these will help in diagnosing the problem. For non-biased views is networksniffing recommented. When `tcpdump` or `wireshark` is used for such examinations, provide the mailinglist with an URL to `.pcap`-file. Karma bonus points for providing an URL that can be `wget`. So prevent that your community members get exposed to websites that scream advertisements and the need for JavaScript. Text version output of network sniffs don't show well after being put in an email. Please take the pain of uploading an .pcap file insteadof multipling the pain of malformed netsniffer output. Dnsmasq is a mature project, meaning not often a release. However we constantly want to improve. Yes, patches welcome. Patches are not always reviewed within three days. Retransmit of your review request after eight days is not too pushy. Aim for common interest. If you find it here, fine. If you cannot find it here, you might found a clue for looking elsewhere on "common interest". Do know there are real humans behind the email addresses. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dnsmasq & dhcp config options for static ip addresses
On 7/22/2022 10:56 AM, eMyListsDDg wrote: i want to migrate from a our home win server dns & dhcp services to couple raspberry pi's running pihole. so, on my home win server dhcp service i could easily assign different dns servers, etc to a given static address via config options when needed. i.e., customizing various static addresses config options when the global config options didn't suffice. is there options to the same with the dnsmasq config files? Yes, by using 'tag'. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] ddns from dhcp hostname
On 5/31/2022 10:35 PM, Carl Karsten wrote: does dnsmasq do this sort of ddns: dhcp client sends its hostname as part of its dhcp request ddnsmasq assigns an IP and also adds the hostname:IP to its dns I thought it did, but I can't find anything in the docs about it. Yes. -- we need more info if you need help! -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dhcp-host=hostnameonly does not work
On 5/19/2022 11:42 PM, Maulis Adam wrote: On 5/19/22 21:22, john doe wrote: On 5/19/2022 4:46 PM, Maulis Adam via Dnsmasq-discuss wrote: Hello, I like to configure my dhcp server with as little redundacy as possible. But it looks like the IP address needs to be written both of /etc/hosts and /etc/dnsmasq.conf The client machines are in the /etc/hosts for example: 192.168.64.200 cntemplate.hpc The non-default dnsmasq config options are: no-resolv server=192.168.5.251 expand-hosts domain=hpc Case 1: dhcp-range=192.168.64.0,static dhcp-host=cntemplate Does not work, syslog said: May 19 15:53:47 gw00 dnsmasq-dhcp[4912]: DHCPDISCOVER(vlan164) 02:00:00:00:00:65 no address available Case 2: dhcp-range=192.168.64.0,static dhcp-host=cntemplate,192.168.64.200 Working, but needed a duplicate entry both of /etc/hosts and /etc/dnsmasq.conf Case 3: dhcp-range=192.168.64.100,192.168.64.250 dhcp-host=cntemplate,192.168.64.200 Working, but needed a duplicate entry both of /etc/hosts and /etc/dnsmasq.conf Case 4: dhcp-range=192.168.64.100,192.168.64.250 dhcp-host=cntemplate I might be missing something here but why do you use the option 'dhcp-host' if you specify the hostname in '/etc/hosts'? -- John Doe Thank you for your answer. I thought that "dhcp-host" option is mandatory for fixed dhcp IPs. Case 5: dhcp-range=192.168.64.0,static # no dhcp-host Not working: dnsmasq-dhcp[5505]: DHCPDISCOVER(vlan164) 02:00:00:00:00:65 no address available Case 6: dhcp-range=192.168.64.0,static # no dhcp-host Not working: dnsmasq-dhcp[5533]: not giving name cntemplate.hpc to the DHCP lease of 192.168.64.215 because the name exists in /etc/hosts with address 192.168.64.200 The IPs are not the same, try to remove this lease in the lease file. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dhcp-host=hostnameonly does not work
On 5/19/2022 4:46 PM, Maulis Adam via Dnsmasq-discuss wrote: Hello, I like to configure my dhcp server with as little redundacy as possible. But it looks like the IP address needs to be written both of /etc/hosts and /etc/dnsmasq.conf The client machines are in the /etc/hosts for example: 192.168.64.200 cntemplate.hpc The non-default dnsmasq config options are: no-resolv server=192.168.5.251 expand-hosts domain=hpc Case 1: dhcp-range=192.168.64.0,static dhcp-host=cntemplate Does not work, syslog said: May 19 15:53:47 gw00 dnsmasq-dhcp[4912]: DHCPDISCOVER(vlan164) 02:00:00:00:00:65 no address available Case 2: dhcp-range=192.168.64.0,static dhcp-host=cntemplate,192.168.64.200 Working, but needed a duplicate entry both of /etc/hosts and /etc/dnsmasq.conf Case 3: dhcp-range=192.168.64.100,192.168.64.250 dhcp-host=cntemplate,192.168.64.200 Working, but needed a duplicate entry both of /etc/hosts and /etc/dnsmasq.conf Case 4: dhcp-range=192.168.64.100,192.168.64.250 dhcp-host=cntemplate I might be missing something here but why do you use the option 'dhcp-host' if you specify the hostname in '/etc/hosts'? -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Setting dnsmasq to serve multiple subnets
On 4/28/2022 6:20 PM, Will Dennis wrote: Hi all, I currently have dnsmasq set up and working well for the LAN that the dnsmasq server is on (for our purposes, say 192.168.0.0/24.) Config is like this currently: domain-needed bogus-priv strict-order no-hosts dhcp-authoritative dhcp-leasefile=/var/lib/misc/dnsmasq.leases domain=mycompany.com dhcp-range=192.168.0.20,192.168.0.59,1h dhcp-option=option:router,192.168.0.1 Now, I have now set up a router (layer-3 switch) that has interfaces to multiple other networks off of it, all having a /28 network mask. It has been set to be a DHCP relay (“ip helper”) pointing DHCP requests from these new networks to the dnsmasq server. I cannot seem to find a “howto” on how to configure dnsmasq to serve multiple dhcp pools/associated options so it can be the single DHCP/DNS server for these multiple new networks. In my reading of the man pages, I *think* I’d have to do something like this in my config to enable this: domain-needed bogus-priv strict-order no-hosts dhcp-authoritative dhcp-leasefile=/var/lib/misc/dnsmasq.leases domain=nec-labs.com dhcp-range=192.168.0.20,192.168.0.59,1h dhcp-option=option:router,192.168.0.1 dhcp-range=set:vlan10,192.168.1.1,192.168.1.13,255.255.255.240,1h dhcp-option=tag:vlan10,option:router,192.168.1.14 […] Am I correct in this? And, I don’t need to tag the original pool/options, do I? A fiew things: - Do you realy need the router lines (the default in Dnsmasq are reasonables)? - The tags has nothing to do with VLAN tagging, they are internal to Dnsmasq. To answer your questions: - Yes you are correct - Given the sample above I would say no. HTH. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Does dnsmasq support cname within same domain?
On 3/2/2022 10:28 AM, Frank Liu wrote: On Tue, Mar 1, 2022 at 2:39 PM Geert Stappers via Dnsmasq-discuss < dnsmasq-discuss@lists.thekelleys.org.uk> wrote: On Tue, Mar 01, 2022 at 09:21:58AM -0800, Frank Liu wrote: On Tue, Mar 1, 2022 at 3:37 AM Geert Stappers via Dnsmasq-discuss wrote: On Tue, Mar 01, 2022 at 01:01:51AM -0800, Frank Liu wrote: Hi, I am running dnsmasq for dhcp/dns of a local test domain: test.example.com. Everything works fine. When a dhcp client (eg: client1) comes up, it gets the IP from dnsmasq, and I can dig/nslookup client1.test.example.com to get its IP. When I add a cname in the same domain, eg: cname=alias.test.example.com,client1.test.example.com dig/nslookup of alias.test.example.com only returns name client1.test.example.com, not the actual IP of client1.test.example.com It's interesting that if I add the cname for a different domain, eg: cname=alias.dummy.example.com,client1.test.example.com dig/nslookup of alias.dummy.example.com will return both name client1.test.example.com and its IP. I tried a few different versions but that doesn't make a difference. Please name those different versions. 2.76 (Debian 9), 2.85 (Debian 11). Ah, I'm now beyond the ambiguty of different version of dig/nslookup. I don't think it matters with test OS or test application. I also tried: ping alias.dummy.example.com works, but ping alias.test.example.com gives unknown host error. (even though both names cname to the same client1.test.example.com in dnsmasq). I tried ping from various machines (Mac, Windows, Debian 9, Debian11) on the test network. Same result. I also tried curl alias.test.example.com which gives: curl: (6) Could not resolve host: alias.test.example.com but curl alias.dummy.example.com works fine. Is this a known issue/limitation? What is the actual question? Sorry, the question is in the email Subject. I guess it isn't clear, so I am pasting here: Does dnsmasq support cname within same domain? :-) I think it is more a dns-client problem as a dnsmasq problem. As in: I don't yet understand the "problem". Are you implicitly answering my question in the subject line with a "Yes" answer, because if the answer is "no", there is really no need to troubleshoot any further. The only thing that I can say , is that, this OP is annoying and was asked multiple times to respect the list and not to pollute it. Personally, I ignore any trafic from 'Geert Stappers' x...@stapper.nl. This person is not involved in anyway what so ever with this fine project and Simon Kelley is maintaining Dnsmasq. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Dhcp-host format
On 1/24/2022 6:27 AM, starwatcher22 wrote: I have seen the dhcp host directive formatted two ways:Dhcp-host (MAC), hostname, IP, lease time --And--Dhcp-host (MAC), IP, hostname, lease time They both work with no errors.Is there a difference between the two? The man page (1) says: "--dhcp-host=[][,id:|*][,set:][tag:][,][,][,][,ignore]" It might work in an other form depending on the number of arguments you provide but the supported way is the documented one!!! :) 1) https://thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Comments, can I add comments on same line as confiuguration?
On 12/3/2021 4:41 PM, Chris Green wrote: It's not explicitly allowed according te the man page but can I add comments to configuration lines in dnsmasq.conf, e.g. :- domain-needed # don't forward plain names dhcp-option=3,192.168.1.1 # default route Are you seeing any issues while doing it/does Dnsmasq complains? -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dnsmasq stuck at reading socket
On 10/19/2021 4:52 PM, Simon Kelley wrote: On 16/10/2021 21:31, Juhyung Park wrote: Wow, that's one hell of a dumb mistake. Thanks a lot! Would have pulled a lot of hair out if I were to keep debugging this alone.. Sorry for the false alarm. You're not the first, hence the warning in the man page. In an ideal world the option would be called something different, but, you know, history. Can't a new option with a better name be added that emulate the misleeding option? This kind of workaround is sometime useful. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] How to Add max-ttl in DNSMASQ
On 10/11/2021 7:41 PM, OMair Siddiquii wrote: 1. I stopped DNSMASQ service. 2. I ran "dnsmasq --max-ttl=30" 3. Got this error "dnsmasq: bad command line options: try --help" 4. Tried to manually add max-ttl= in dnsmasq.conf 5. Got this error "Starting dnsmasq: dnsmasq: bad option at line 56 of /etc/dnsmasq.conf [FAILED]" What output do you get if you do: $ dnsmasq --version -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] How to Add max-ttl in DNSMASQ
On 10/11/2021 6:01 PM, OMair Siddiquii wrote: Even after upgrading to version 2.85 it didn't work. Please provide the following: - Line that is not working - Output of error message -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] filter-AAAA is breaking dnsmasq
On 10/11/2021 12:30 PM, Paul Fertser wrote: Hi E, On Mon, Oct 11, 2021 at 02:53:40AM -0700, E wrote: Advice: Go for a good walk Then, at a healthy stress level, I _am_ fine. I just getting tired of unusable DNS service. You're probably fine, but I have to note your behaviour is annoying. # whereis dnsmasq dnsmasq: /usr/sbin/dnsmasq /etc/dnsmasq.d /etc/dnsmasq.conf /usr/local/sbin/dnsmasq /usr/share/dnsmasq /usr/share/man/man8/dnsmasq.8.gz Where is the results of renaming /usr/sbin/dnsmasq and using the service script afterward? I didn't rename anything. So what exactly makes you think that when you start dnsmasq via systemd unit file it's going to execute /usr/local/sbin/dnsmasq rather than /usr/sbin/dnsmasq ? If you check the unit file you'll almost certainly see it hardcoding the binary in /usr/sbin. The first step would be to start manually the executable that you have built to confirm that the feature that you want is there. When everything works from the command line, one option would be to modify the service script with that new path. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] unittests
On 10/5/2021 5:13 PM, Petr Menšík wrote: Hey Geert, On 10/2/21 14:40, Geert Stappers via Dnsmasq-discuss wrote: In-Reply-To: <8a018620-25a7-a292-c951-dd2017d54...@redhat.com> On Mon, May 03, 2021 at 12:53:39PM +0200, Petr Menšík wrote: On 4/30/21 12:42 AM, Simon Kelley wrote: On 14/04/2021 18:35, Petr Menšík wrote: Hi Simon and other dnsmasq friends, after some struggling with Makefile support, I am sending my dnsmasq unit tests. It uses another directory with tests specific code. I moved some common parts to Makefile.config, in order to be able to reuse them. Unit tests are under tests directory with own Makefile. New target make check should work also from top directory. Some checks would work only from tests directory (make kyua). Current coverage is rather poor, but I hope can be used as a building block to better tests. Especially option parsing tests are easy to write. Testing of sending and receiving packets seems to be difficult, it should be tested by different kind of test IMHO. First is attempt to refactor, the second is what evolved into more complex set of tests. Original separate commits are still available on github [1]. What do you think? Well, I applied the patch, and run "make check" and all the tests passed! Now I have to understand how to write new tests. Configuration parsing tests are easy, just provide input parameters similar way to existing test and then check expected values are provided. Would it make sense to consider some changes to the main code to make the tests easier? I see that die() is a problem. Can we change the code in die() to do something useful when testing? I have chosen to omit dnsmasq.c code from tests. It contains main() function, cannot be part of test anyway. Sure, some code changes would help with reducing needed repetitions in tests. Especially init code required in tests should be moved out of dnsmasq.c, where it could be called directly from tests. Shared init code must not be static functions of course. die does make sense everywhere where it is a corner case. If we move die() calls to dnsmasq.c, it would be okay. Other files should return indication of fatal error, but not die directly. It would need additional wrappers in dnsmasq.c, but such functions would be more testable. Also the tests seem to can copies of initialisation code, does it make sense to abstract the initialisation in main() so that it can be used by the tests standalone? Yes, it make sense to move parts of initialization to subsystem-specific initialization functions. I would move dns_init() into rfc1035.c, dhcp_init() into dhcp-common.c etc. It should make main source file shorter and it would be more obvious, which subsystems are initialized in which order, whether they depend on anything before it. I think the best practice is to break long functions into several shorter, more readable functions. I think current main() is a great example to break into more smaller functions and move some of them to shareable files. Parts required by current tests are small enough. I'm thinking of changing the existing main() main() { while (1) events() } into main() { init(); while (1) events() } So that init() is available for testing. Cheers, Simon. PS: sending this message again, because patch #2 were big enough to require moderator's approval. Compressed it as a workaround. Cheers, Petr 1. https://github.com/InfrastructureServices/dnsmasq/tree/unittests What was / is the posting from Simon asking something Would unittest have detect this side-effect of the change? I doubt unit tests would find that. Unit tests should test some functions that they work correctly. My unit tests were just attempt to make *some* tests, but just very basic. It was intended more to check options parsing correctness and obvious breakages in these parts. There is no function in dnsmasq, where you put "fake" incoming packet and it would respond reply would look like this. Unit tests usually require code like Lego, which uses parts of code to prepare reply to a request. Then virtual responder can be made. Many parts of dnsmasq are not ready for that. It provides no strong library, which can replicate internal data processing. Response to a dns packet is somehow hard to validate just from the code. cmocka library is a good one for unit tests. It would be beneficial to have also behavior tests. Which would start dnsmasq with some parameters and use standard tools like dhclient or dig Those tools are not standards, for instance on OpenWRT. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] DNS from dhcp-host while client is offline
On 10/5/2021 2:43 PM, Michael wrote: On 10/4/21 05:37, Dominik Derigs wrote: Hey Petr, On Mon, 2021-10-04 at 11:45 +0200, Petr Menšík wrote: Perhaps a flag could be added to dhcp-range, requesting also addition of dhcp-hosts to static dns. Maybe this flag would better be set on --dhcp-host and --dhcp- hostsfile if this is used? This would feel more "natural" to me. Initially, I've myself found this an odd behavior to only serve only DHCP host names that are known to be "alive". I do see some value in not serving A records when we know the server is offline, however, the very same happens on the Internet all the time: no DNS server I'm aware of checks if an A record is reachable before giving you the reply. I've seen other systems using dnsmasq (it may or not have been DD-WRT, no promises!) that created two files from static leases: A dhcp-hostsfile and an addn-hosts file. Having an option to make the latter obsolete sounds like a good idea. Maybe I am misunderstanding the issue, but dnsmasq already give the ability that is being asked for I believe. If you want a static DNS entry, add the entry to /etc/hosts or -addn-hosts= If you want a DHCP lease that always hands out the same ip address but is only valid during the lease, create a dhcp-host entry that includes the IP & hostname If you want a DHCP lease can always be looked up via DNS, add it to /etc/hosts or -addn-hosts and the dhcp-host entry contains the hostname The idea here is to let Dnsmasq do that programatically instead of having to do it manually. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] DNS from dhcp-host while client is offline
On 10/3/2021 3:24 PM, Alkis Georgopoulos wrote: Hello Geert and all, unfortunately this feature isn't convenient when you want to `ping pc` and wait until it's up; or when you check some system logs and see an IP and you want to run `host IP` to see which hostname it maps to, yet that PC isn't up at that time; or in certain multiple DHCP servers/failover/balancing scenarios. If there's no way to maintain a single file with that information, then I'll use a bash script to convert dhcp-hosts to addn-hosts. The option 'dhcp-host', uses the leases recorded in the leases file which are leasetime dependent. Using 'addnhost' will not have this limitation. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Bug while using address=//::
On 9/30/2021 7:17 AM, Geert Stappers via Dnsmasq-discuss wrote: On Wed, Sep 29, 2021 at 09:15:15PM -0700, E wrote: IPv6 connectivity Why dnsmasq can't drop , when the server has no IPv6 connectivity at all? This doesn't make sense. No sense to those would don't understand what DNS is. (DNS is a key value database (which is distributed)) Something like "no-ipv6" or "ipv4-only" switch would be really nice here... Nice is how people should behave. Computers and other tools are blunt, rude, straight down and such. Please understand that querying an record is the very same as querying an TXT, MX or A record. It doesn't mather if the request travels over IPv6 or IPv4. A '' record is for IPv6 and a 'A' record is for IPv4. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH] Add nftables set support
On 9/25/2021 12:06 AM, Simon Kelley wrote: On 22/08/2021 13:57, Chen Zhenge via Dnsmasq-discuss wrote: Hi all, I am trying to switch my firewall setup from iptables to nftables. One of the remaining parts that still doesn't support it is dnsmasq, so I wrote a patch to allow adding IP addresses to nftables sets in addition to ipsets. This patch adds a new option --nftset, which is the same as --ipset except that it adds IP address to a given nftables set. It uses libnftables to perform the operations. I've done some testing on my PC and found no issues so far. The implementation shares most of its code with ipset so it should be easy to review. Please let me know if you have found a bug or need something else. Best, Chen Zhenge OK, this got back to the top of the list, for 2.87, as I promised. One problem is that nft sets can hold either IPv4 or IPv6 addresses, but not both, so do we need some sort of syntax to specify if a particular set should be for IPv4 or IPv6 addresses? Or have I misunderstood? The mandatory 'type' of the set will determine if IPv4/v6 is used (1). 1) https://wiki.nftables.org/wiki-nftables/index.php/Sets#Named_sets_specifications -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Nonstandard Formatting?
On 9/16/2021 10:19 PM, Carson Riker wrote: Hi All, New to the project, but I looked through the source and found a lot of what seemed to be inconsistent formatting style. I read the FAQ and anything else I could find, but I couldn't locate a style guide. Specifically, there seemed to be a lot of mixed spaces and tabs. For example, seems to have interspersed blocks of tabs and spaces. Several other files showed the same structure. Is there some pattern I am missing, or is it just not standardized. On that note, would a PR standardizing things be welcome? I know I hate when someone drive-by PRs a bunch of formatting without understanding what's going on. As far as I can tell, there is sadly no clear structure on the coding style to use. I don't think that the maintainer 'Simon kelley' is opposed to a standardisation of the code. Personally, I think that would be a good idea to document and implement this but I'll let Simon decide on how to proceed. Note that Simon is currently away. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] What's this error in syslog mean?
On 9/4/2021 6:14 PM, Chris Green wrote: When [re]starting dnsmasq I see the following in syslog:- Sep 4 17:01:08 dns systemd[1]: dnsmasq.service: Succeeded. Sep 4 17:01:08 dns systemd[1]: Stopped dnsmasq - A lightweight DHCP and caching DNS server. Sep 4 17:01:08 dns systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server... Sep 4 17:01:08 dns dnsmasq[18982]: dnsmasq: syntax check OK. Sep 4 17:01:08 dns dnsmasq[18991]: started, version 2.80 cachesize 150 Sep 4 17:01:08 dns dnsmasq[18991]: DNS service limited to local subnets Sep 4 17:01:08 dns dnsmasq[18991]: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth DNSSEC loop-detect inotify dumpfile Sep 4 17:01:08 dns dnsmasq-dhcp[18991]: DHCP, IP range 192.168.1.80 -- 192.168.1.127, lease time 12h Sep 4 17:01:08 dns dnsmasq[18991]: using local addresses only for domain zbmc.eu Sep 4 17:01:08 dns dnsmasq[18991]: reading /run/dnsmasq/resolv.conf Sep 4 17:01:08 dns dnsmasq[18991]: using local addresses only for domain zbmc.eu Sep 4 17:01:08 dns dnsmasq[18991]: ignoring nameserver 192.168.1.2 - local interface Sep 4 17:01:08 dns dnsmasq[18991]: using nameserver 1.1.1.1#53 Sep 4 17:01:08 dns dnsmasq[18991]: using nameserver 212.159.13.49#53 Sep 4 17:01:08 dns dnsmasq[18991]: read /etc/hosts - 12 addresses Sep 4 17:01:08 dns dnsmasq[18992]: Too few arguments. Sep 4 17:01:08 dns systemd[1]: Started dnsmasq - A lightweight DHCP and caching DNS server. Sep 4 17:02:17 dns dnsmasq[18991]: read /etc/hosts - 12 addresses Sep 4 17:05:05 dns dnsmasq-dhcp[18991]: DHCPREQUEST(eth0) 192.168.1.95 cc:ab:2c:39:69:2b Sep 4 17:05:05 dns dnsmasq-dhcp[18991]: DHCPACK(eth0) 192.168.1.95 cc:ab:2c:39:69:2b benYouview What does that error from process 18992 mean "Too few arguments."? Does it indicate any sort of problem? Would be better if you could increase the log verbosity to troubleshoot this... -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] bind-interfaces does not apply on dhcp relay agent
On 8/25/2021 4:45 PM, Tom Yan wrote: > P.S. Btw it's sad that there's not something like `no-dns-interface`... From a POV of completeness, or would it actually be useful? Well it could be a bit problematic / annoying when one wants to use dnsmasq for dhcp only, but I guess in most cases everyone just copes with it in one way or another. From (1): "Listen on instead of the standard DNS port (53). Setting this to zero completely disables DNS function, leaving only DHCP and/or TFTP." 1) https://thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] feature: dictionary order import of addn-hosts dirs?
On 8/23/2021 8:37 AM, Dominik wrote: On Sun, 2021-08-22 at 20:09 +0200, john doe wrote: "dnsmasq: syntax check OK. dnsmasq: bad option at line 11 of /etc/dnsmasq.d/dnsmasq.conf bad option at line 11 of /etc/dnsmasq.d/dnsmasq.conf" Line 11: 'hostsfile=' hostsfile does not exist. Are you looking for dhcp-hostsfile ? Actually the option I was looking for is 'addn-hosts'. For a directory we have 'dhcp-optsdir', 'dhcp-hostsdir' and 'hostsdir' but not for a file. Thanks for the pointer. P.S. I'll assume that 'dhcp-hostsfile', 'dhcp-opsfile' and 'addn-hostsfile' when used with a directory performe like their directories cunterpart with the exception of 'inotify'. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] feature: dictionary order import of addn-hosts dirs?
On 8/18/2021 3:44 PM, Simon Kelley wrote: On 17/08/2021 19:24, john doe wrote: On 8/14/2021 7:00 PM, Simon Kelley wrote: On 12/08/2021 18:30, john doe wrote: On 8/12/2021 5:04 PM, Simon Kelley wrote: On 11/08/2021 00:25, Ed W wrote: On 10/08/2021 23:12, Simon Kelley wrote: On 08/08/2021 14:02, Ed W wrote: On 19/07/2021 18:52, Ed W wrote: [snip] --dhcp-hostsdir --dhcp-optsdir and --hostsdir work in much the same way as when the first three options are given a directory; the files are read at start-up and when SIGHUP is received. BUT any file which is modified or created gets read asynchronously, without needing SIGHUP to be sent. Note that the old data from the files is not discarded when this is done: if a file gets modified, then it gets re-read but data from the previous version of the file is not deleted. This means that Why is deleting not happening when the file is reread? this facility is useful for adding hosts to the configuration without the upheaval of a full SIGHUP re-read. Anytime you want to delete stuff, SIGHUP is still needed. In other words, what is the reasoning behind requiring SIGHUP to delete stuff? The cache datastructures don't allow track where names came from, so the choices are to clear the cache and re-read all configuration files, or not to delete anything. Thank you, that would explain the following: inotify, new or changed file /etc/dnsmasq-dhcp-hosts.d/try read /etc/dnsmasq-dhcp-hosts.d/try duplicate dhcp-host IP address 172.17.232.10 at line 7 of /etc/dnsmasq-dhcp-hosts.d/try duplicate dhcp-host IP address 172.17.232.11 at line 9 of /etc/dnsmasq-dhcp-hosts.d/try Is there a way to disable inotify? Use dhcp-hostsfile=instead of dhcp-hostsdir= dhcp-hostsfil is fine with a directory argument, and doesn't implement the automatic re-read function. Thank you. Changing 'dhcp-hostsdir' and 'dhcp-optsdir' to 'dhcp-*file=<...>' works but not for 'hostsfile=' "dnsmasq: syntax check OK. dnsmasq: bad option at line 11 of /etc/dnsmasq.d/dnsmasq.conf bad option at line 11 of /etc/dnsmasq.d/dnsmasq.conf" Line 11: 'hostsfile=' Debian Stretch: $ dnsmasq --version Dnsmasq version 2.76 Copyright (c) 2000-2016 Simon Kelley Compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth DNSSEC loop-detect inotify That is, if I'm reading the manpage correctly! :) My apologies for the noise if this is already fixed in a newer release. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] feature: dictionary order import of addn-hosts dirs?
On 8/14/2021 7:00 PM, Simon Kelley wrote: On 12/08/2021 18:30, john doe wrote: On 8/12/2021 5:04 PM, Simon Kelley wrote: On 11/08/2021 00:25, Ed W wrote: On 10/08/2021 23:12, Simon Kelley wrote: On 08/08/2021 14:02, Ed W wrote: On 19/07/2021 18:52, Ed W wrote: [snip] --dhcp-hostsdir --dhcp-optsdir and --hostsdir work in much the same way as when the first three options are given a directory; the files are read at start-up and when SIGHUP is received. BUT any file which is modified or created gets read asynchronously, without needing SIGHUP to be sent. Note that the old data from the files is not discarded when this is done: if a file gets modified, then it gets re-read but data from the previous version of the file is not deleted. This means that Why is deleting not happening when the file is reread? this facility is useful for adding hosts to the configuration without the upheaval of a full SIGHUP re-read. Anytime you want to delete stuff, SIGHUP is still needed. In other words, what is the reasoning behind requiring SIGHUP to delete stuff? The cache datastructures don't allow track where names came from, so the choices are to clear the cache and re-read all configuration files, or not to delete anything. Thank you, that would explain the following: inotify, new or changed file /etc/dnsmasq-dhcp-hosts.d/try read /etc/dnsmasq-dhcp-hosts.d/try duplicate dhcp-host IP address 172.17.232.10 at line 7 of /etc/dnsmasq-dhcp-hosts.d/try duplicate dhcp-host IP address 172.17.232.11 at line 9 of /etc/dnsmasq-dhcp-hosts.d/try Is there a way to disable inotify? P.S. When 'duplicate' messages are razed would it be possible to have a hint that SIGHUP should be used? -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] feature: dictionary order import of addn-hosts dirs?
On 8/12/2021 5:04 PM, Simon Kelley wrote: On 11/08/2021 00:25, Ed W wrote: On 10/08/2021 23:12, Simon Kelley wrote: On 08/08/2021 14:02, Ed W wrote: On 19/07/2021 18:52, Ed W wrote: [snip] --dhcp-hostsdir --dhcp-optsdir and --hostsdir work in much the same way as when the first three options are given a directory; the files are read at start-up and when SIGHUP is received. BUT any file which is modified or created gets read asynchronously, without needing SIGHUP to be sent. Note that the old data from the files is not discarded when this is done: if a file gets modified, then it gets re-read but data from the previous version of the file is not deleted. This means that Why is deleting not happening when the file is reread? this facility is useful for adding hosts to the configuration without the upheaval of a full SIGHUP re-read. Anytime you want to delete stuff, SIGHUP is still needed. In other words, what is the reasoning behind requiring SIGHUP to delete stuff? -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] feature: dictionary order import of addn-hosts dirs?
On 8/8/2021 2:54 PM, Ed W wrote: On 20/07/2021 21:31, Geert Stappers via Dnsmasq-discuss wrote: On Mon, Jul 19, 2021 at 06:52:03PM +0100, Ed W wrote: Hi, around 2.82 someone posted a little patch to import the config files in dictionary order, which is very useful for situations where you have overlapping definitions. I'm using an addn-hosts stanza pointing to a directory and files currently import in a somewhat random order (suppose inode order?), which can lead to unexpected reverse host definitions in some cases Could we have a dictionary order import for add-hosts files please? Qouting Dominik from https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q3/015307.html } Feature submissions via git patches are welcomed also on this list } and are known to accelerate feature realization drastically. Quoting from https://www.dictionary.com/browse/condescending "To be condescending is to interact with others in a way that implies that you’re superior to them. It especially refers to when this is done in an arrogant or patronizing way" ..."Being condescending often involves not only what is said, but also how it’s said. A condescending tone is often one that sounds like it’s directed at a child." So it is a good thing to be more precise then "around 2.82 someone posted a little patch to import the config files in dictionary order" Visit the mailinglist archive and come back with the URL of the (meanwhile outdated??) patch. I'm not sure why you bothered to even send your patronising reply, given that you don't seem to be keeping up to date with the code being added to dnsmasq? How does your response enhance my understanding of the problem, or encourage me to contribute, or educate me on what is needed to develop a patch? Is your goal only to chase me away by showing how clever you are, or is your goal to try and draw me into this community and become a valuable member? It's hard for me to see that the latter is your goal? I'm sure I'm wasting my time since if you were genuinely interested in helping you would already know, but for the archives sake: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=ab53883c94f94958e22077c79ba1dae1850a475e Groeten Geert Stappers I notice you like to offer snippy responses quite regularly on this mailing list. Can I recommend you read a few articles such as: https://compassionatecoding.com/blog/2016/8/25/tech-has-a-toxic-tone-problemlets-fix-it I would remind you that I have generally been happy to pay for my feature requests. Please don't feel encouraged for you to offer development time though, I don't feel that I wish to employ you. 'Geert Stappers' is not in anyway what so ever indorsed by Dnsmasq and his maintainer (Simon Kelly). -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Regarding: (Dnsmasq-discuss) localise-queries on ipv6 server does not work with ipv4-only hosts
On 7/17/2021 1:52 PM, Kevin Darbyshire-Bryant wrote: On 17 Jul 2021, at 01:32, f...@gmx.de wrote: Am 16.07.2021 um 13:42 schrieb Geert Stappers: ... All your messages are not helpfull and off topic. Please consider to use twitter or Facebook in the future I agree. I have long bitten my tongue on the antics of Geert from when he first appeared on this list in 2017 even to the extent of unsubscribing. I know others have done so too. As has been said on this list already "Can you go find another hobby or somewhere else to troll? I have yet to see any kind of usefulness to your belittling users and their questions. And the cutesy changing of your name along with the witty only to you signatures are quite draining.” Yes, appearing as ‘Monthly Posting’ or ‘Yes’ or ‘Feed Back’ or ‘Web Search’ is real cute. The sheer number of posts and displayed attitude come across as “I’m the moderator of this list” when there is no such thing. I wish there were, for surely this annoying turd that simply won’t flush would be long gone. Whilst the intention might have been to increase the signal to noise ratio on this list, quite the opposite has been achieved. Sadly, 'Geert Stappers' is also doing the same kind of things on the Debian lists. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Simplest working "shared-network" configuration?
On 7/11/2021 11:06 AM, Paul Gear via Dnsmasq-discuss wrote: On 10/7/21 9:52 pm, Geert Stappers via Dnsmasq-discuss wrote: On Sat, Jul 10, 2021 at 05:57:40PM +1000, Paul Gear wrote: On 10/7/21 5:13 pm, john doe wrote: On 7/10/2021 7:58 AM, Paul Gear wrote: Hi all, It's been a while since I originally posted about this, and I've done a lot of experimenting without landing on a working setup. I'm trying to get a very simple test case working, where I have a number of vnet interfaces, all configured with the link-local address 169.254.0.1/16, and have dnsmasq allocate the leases out of a different range (in this case, I'm using a portion of the documentation prefix, 203.0.113.0/29). Here's my configuration: pid-file=/var/lib/dnsmasq-vnet/dnsmasq-vnet.pid bind-dynamic interface=vnet* log-dhcp no-hosts dhcp-range=203.0.113.0, 255.255.255.248, 1d From (1): " this dhcp-range MUST include the netmask." Unless I'm missing something, I don't see a subnet mask being specified. 1) https://thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html Hi John, Unless I'm missing something 255.255.255.248 is a netmask, and dnsmasq doesn't appear to support CIDR notation in dhcp-range specifications. At least, when I attempt to use /29 instead, it fails to start, saying: dnsmasq: bad dhcp-range at line 41 of /var/lib/dnsmasq-vnet/dnsmasq.conf Snippet dnsmasq manual page --dhcp-range=[tag:[,tag:],][set:,][,|][,[,]][,] So dhcp-range=203.0.113.0, 255.255.255.248, 1d should be something like } } } dhcp-range=203.0.113.0, 203.0.113.7,255.255.255.248, 1d Back to From (1): " this dhcp-range MUST include the netmask." Unless I'm missing something, I don't see a subnet mask being specified. 1) https://thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html If so, the --dhcp-range=[tag:[,tag:],][set:,][,|][,[,]][,] should be --dhcp-range=[tag:[,tag:],][set:,][,|],[,][,] or even --dhcp-range=[tag:[,tag:],][set:,],|,[,][,] Hi John & Geert, So bottom line is that end-addr is not optional when netmask is specified, even though a literal reading of the current man page suggests that it is. I'll try to get a documentation patch together(is here the right place to post it?) when I'm done. I can see where you got confused, an explanation on how to interpret the '[],|' would go a long way. Patch submition via e-mail looks to be the prefered way for accepting contributions (The maintainer (Simon Kelley) might say otherwise though). -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Simplest working "shared-network" configuration? (was Re: dnsmasq on an IPv4 /32 interface)
On 7/10/2021 9:57 AM, Paul Gear via Dnsmasq-discuss wrote: On 10/7/21 5:13 pm, john doe wrote: On 7/10/2021 7:58 AM, Paul Gear via Dnsmasq-discuss wrote: Hi all, It's been a while since I originally posted about this, and I've done a lot of experimenting without landing on a working setup. I'm trying to get a very simple test case working, where I have a number of vnet interfaces, all configured with the link-local address 169.254.0.1/16, and have dnsmasq allocate the leases out of a different range (in this case, I'm using a portion of the documentation prefix, 203.0.113.0/29). Here's my configuration: pid-file=/var/lib/dnsmasq-vnet/dnsmasq-vnet.pid bind-dynamic interface=vnet* log-dhcp no-hosts dhcp-range=203.0.113.0, 255.255.255.248, 1d From (1): " this dhcp-range MUST include the netmask." Unless I'm missing something, I don't see a subnet mask being specified. 1) https://thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html Hi John, Unless I'm missing something 255.255.255.248 is a netmask, and dnsmasq doesn't appear to support CIDR notation in dhcp-range specifications. At least, when I attempt to use /29 instead, it fails to start, saying: I should have said, 'I don't see a subnet mask being specified in the correct column' (sorry about that). Still according to the same man page: "--dhcp-range=[tag:[,tag:],][set:,][,|][,[, dnsmasq: bad dhcp-range at line 41 of /var/lib/dnsmasq-vnet/dnsmasq.conf The mask is specified as an 'end-range'. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Simplest working "shared-network" configuration? (was Re: dnsmasq on an IPv4 /32 interface)
On 7/10/2021 7:58 AM, Paul Gear via Dnsmasq-discuss wrote: Hi all, It's been a while since I originally posted about this, and I've done a lot of experimenting without landing on a working setup. I'm trying to get a very simple test case working, where I have a number of vnet interfaces, all configured with the link-local address 169.254.0.1/16, and have dnsmasq allocate the leases out of a different range (in this case, I'm using a portion of the documentation prefix, 203.0.113.0/29). Here's my configuration: pid-file=/var/lib/dnsmasq-vnet/dnsmasq-vnet.pid bind-dynamic interface=vnet* log-dhcp no-hosts dhcp-range=203.0.113.0, 255.255.255.248, 1d From (1): " this dhcp-range MUST include the netmask." Unless I'm missing something, I don't see a subnet mask being specified. 1) https://thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] client q: both static and dhcp
On 6/27/2021 3:53 PM, Carl Karsten wrote: On Sun, Jun 27, 2021 at 7:56 AM john doe wrote: On 6/27/2021 9:17 AM, Carl Karsten wrote: On Sun, Jun 27, 2021 at 2:10 AM john doe wrote: On 6/27/2021 7:03 AM, Dominik wrote: Hey Carl, On Sat, 2021-06-26 at 19:16 -0500, Carl Karsten wrote: I'm looking for advice on haveing some boxes to have both dynamic and static IPs. Why use a static IP at all? We have often enough seen people use static addresses for the wrong reasons. As I understand it, the OP wants to use DHCP static leases. No. I need this for when move put a box on someone else's network. So I don't have any control over the dhcp server. Then set an fix IP on dhcp client (dhclient ...) and remove it when you don't need it. Basically, you set the dhcp client to have a static address or let the client get a lease from a dhcp server. I'm trying to reduce the amount of work I need to do when I show up and discover there is no dhcp server. Example locations: university, coffee shop, convention center, office meeting room. In all cases I am a guest for a few days. I'm pretty sure that all of those places provide dhcp services. Regardless of the client you are using, there is always a way to have a script/hook/... that will help you fallback to a static address. Why do you need dnsmasq into the mix? I don't - I am just working on client config. Don't forget that Dnsmasq is a server, that would be lovely if you could in future state clearly that your question is off topic (OT) in your subject line. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] client q: both static and dhcp
On 6/27/2021 9:17 AM, Carl Karsten wrote: On Sun, Jun 27, 2021 at 2:10 AM john doe wrote: On 6/27/2021 7:03 AM, Dominik wrote: Hey Carl, On Sat, 2021-06-26 at 19:16 -0500, Carl Karsten wrote: I'm looking for advice on haveing some boxes to have both dynamic and static IPs. Why use a static IP at all? We have often enough seen people use static addresses for the wrong reasons. As I understand it, the OP wants to use DHCP static leases. No. I need this for when move put a box on someone else's network. So I don't have any control over the dhcp server. Then set an fix IP on dhcp client (dhclient ...) and remove it when you don't need it. Basically, you set the dhcp client to have a static address or let the client get a lease from a dhcp server. Why do you need dnsmasq into the mix? -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] client q: both static and dhcp
On 6/27/2021 7:03 AM, Dominik wrote: Hey Carl, On Sat, 2021-06-26 at 19:16 -0500, Carl Karsten wrote: I'm looking for advice on haveing some boxes to have both dynamic and static IPs. Why use a static IP at all? We have often enough seen people use static addresses for the wrong reasons. As I understand it, the OP wants to use DHCP static leases. Consider using only DHCP and (a) use a hostname to access the device. In the end, memorizing some- service.lan is more reliable than 192.168.1.149. You may think Better to use '.home.arpa' (RFC 8375). With dinamic and static DHCP leases you could do: dhcp-range=192.168.23.2,192.168.23.253 dhcp-host=11:22:33:44:55::66,192.168.23.254 dnsmask will dish out dinamically IPv4 addresses from 192.168.23.2 to 192.168.23.253 and will asign 192.168.23.254 to host with MAC address "11:22:33:44:55:66'. Note that the IPs used in 'dhcp-host' don't need to be outside of the range. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH v8] Connection track mark based DNS query filtering.
On 6/16/2021 11:47 AM, Etan Kissling wrote: On 16 Jun 2021, at 10:45, john doe wrote: Where's the v1? Full history: v1: https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q1/014595.html v2: https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q1/014601.html v3: https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q1/014631.html v4: https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q1/014660.html v5: https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q1/014726.html v6: https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q2/015037.html v7: https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q2/015039.html v8: https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q2/015140.html Etan Personally, I would include those URLs in the commit message. with a short description for eatch reroll. This is I think the best way to have a clear understanding of the reasoning behind the rerolls when looking in what will be committed. As Simon is the only one with readand write access to the repo it is up to him. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH v8] Connection track mark based DNS query filtering.
I'm being pedantic here and that might not be what Simon desires. On 6/16/2021 8:34 AM, Etan Kissling wrote: This extends query filtering support beyond what is currently possible with the `--ipset` configuration option, by adding support for: 1) Specifying allowlists on a per-client basis, based on their associated Linux connection track mark. 2) Dynamic configuration of allowlists via Ubus. 3) Reporting when a DNS query resolves or is rejected via Ubus. 4) DNS name patterns containing wildcards. Disallowed queries are not forwarded; they are rejected with a REFUSED error code. Signed-off-by: Etan Kissling (addressed reviewer feedback) Signed-off-by: Etan Kissling --- Where's the v1? v2: Rebase to v2.83, and fix compilation when HAVE_UBUS not present. v3: Rebase to v2.84test2. v4: Rebase to v2.84rc2 (update copyright notice). v5: Correct logging of `ubus_notify` errors (also in existing code). Etan Kissling : v6: Integrate checks for weird queries into `extract_request`. Skip Ubus reporting when daemon->namebuff is not initialized. Fix options parsing for mark / mask with bit 31 set. Disable filtering for external queries (`auth_dns && !local_auth`). Report all CNAME RRs via Ubus instead of just a (potential) subset. Avoid redundant `is_valid_dns_name` evaluations. Unify DNS name pattern matching logic across transports (UDP / TCP). v7: Fix typos and adjust code style to project. v8: Rebase to v2.85 (update options numbers). My understanding is that, the first patch you sent is not a reroll but the second patch is reroll 1 (v1) the third patch reroll 2 (v2) and so on... So unless I'm missing something, by your version descriptions 8 rerolls has been sent to the list/created by 'git format-patch' but 9 refactorisations (initial patch and 8 rerolls (1 + 8 = 9) of the code has been performed. That having been said, this should not have any impact on a potential merging/reviewing of the code! -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Problem with TFTP in dnsmasq
On 6/9/2021 2:31 PM, Brown, Aaron M. wrote: I'll assume that you have an other DHCP serverdishing out IP addresses. I do and proxyDHCP is going to be my only option. If you want Dnsmasq to provide dhcp and PXE booting, you might want to remove 'proxy' from the above range. I mean, sure, but I'm not even to the point of worrying about PXE booting. I can't get a basic GET from the TFTP server which is the issue. If the TFTP server isn't working, then nothing else down the chain of PXE is going to work. I guess what I'm saying is, I'm not worried about configuring up dhcpProxy and PXE yet since TFTP isn't even operating correctly (and I don't know why). My understanding is that, in 'proxy' mode, dnsmasq will only provide PXE related stuff so tftp as such will never work. Can't you manage to find a way to test without 'proxy' to see how it goes? -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Problem with TFTP in dnsmasq
On 6/8/2021 10:54 PM, Brown, Aaron M. wrote: Hello all, I'm having trouble getting dnsmasq and tftp to work and I'm tearing my hair out. I'm hoping someone can potentially hit me with the clue by four and point out what dumb thing I'm missing. In the bigger scope, I'm trying to get PXE booting setup on a server, but at the moment before I even get to anything more complicated, I'm struggling just to get TFTP to work. I have set up my /etc/dnsmasq.conf file as the following: interface=bond0 port=0 enable-tftp tftp-root=/tftp log-dhcp dhcp-range=,proxy > From (1): "Dnsmasq supports PXE "proxy-DHCP", in this case another DHCP server on the network is responsible for allocating IP addresses, and dnsmasq simply provides the information given in --pxe-prompt and --pxe-service to allow netbooting. This mode is enabled using the proxy keyword in --dhcp-range." I'll assume that you have an other DHCP serverdishing out IP addresses. > dhcp-no-override > dnsmasq is up and running without errors. I put a simple file in /tftp called "test.txt". The /tftp directory has been set to 755 permissions. If you want Dnsmasq to provide dhcp and PXE booting, you might want to remove 'proxy' from the above range. HTH. 1) https://thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH 1/2] Add option to filter out A record requests
On 6/5/2021 5:38 PM, Geert Stappers via Dnsmasq-discuss wrote: From: treysis Intented for IPv6 only installations that have to deal with software that prefers IPv4 above IPv6. --- src/dnsmasq.h | 3 ++- src/option.c | 3 +++ src/rfc1035.c | 11 +++ 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/src/dnsmasq.h b/src/dnsmasq.h index 95dc8ae..7eae110 100644 --- a/src/dnsmasq.h +++ b/src/dnsmasq.h @@ -272,7 +272,8 @@ struct event_desc { #define OPT_LOG_DEBUG 62 #define OPT_UMBRELLA 63 #define OPT_UMBRELLA_DEVID 64 -#define OPT_LAST 65 +#define OPT_FILTER_A 65 +#define OPT_LAST 66 #define OPTION_BITS (sizeof(unsigned int)*8) #define OPTION_SIZE ( (OPT_LAST/OPTION_BITS)+((OPT_LAST%OPTION_BITS)!=0) ) diff --git a/src/option.c b/src/option.c index 23cf058..a81aa1f 100644 --- a/src/option.c +++ b/src/option.c @@ -171,6 +171,7 @@ struct myoption { #define LOPT_DYNHOST 362 #define LOPT_LOG_DEBUG 363 #define LOPT_UMBRELLA364 +#define LOPT_FILTER_A 365 #ifdef HAVE_GETOPT_LONG static const struct option opts[] = @@ -347,6 +348,7 @@ static const struct myoption opts[] = { "dynamic-host", 1, 0, LOPT_DYNHOST }, { "log-debug", 0, 0, LOPT_LOG_DEBUG }, { "umbrella", 2, 0, LOPT_UMBRELLA }, +{ "filter-a", 0, 0, LOPT_FILTER_A }, { NULL, 0, 0, 0 } }; @@ -530,6 +532,7 @@ static struct { { LOPT_DUMPMASK, ARG_ONE, "", gettext_noop("Mask which packets to dump"), NULL }, { LOPT_SCRIPT_TIME, OPT_LEASE_RENEW, NULL, gettext_noop("Call dhcp-script when lease expiry changes."), NULL }, { LOPT_UMBRELLA, ARG_ONE, "[=]", gettext_noop("Send Cisco Umbrella identifiers including remote IP."), NULL }, + { LOPT_FILTER_A, OPT_FILTER_A, NULL, gettext_noop("Filter all A requests."), NULL }, { 0, 0, NULL, NULL, NULL } }; diff --git a/src/rfc1035.c b/src/rfc1035.c index 5a961b8..a7f83f2 100644 --- a/src/rfc1035.c +++ b/src/rfc1035.c @@ -1895,6 +1895,17 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen, } } + /* filter a forwards */ + if (qtype == T_A && option_bool(OPT_FILTER_A)) + { + /* return a null reply */ + ans = 1; + if (!dryrun) + log_query(F_CONFIG | F_IPV6 | F_NEG, name, &addr, NULL); + break; + } + /* end of filtering a */ + if (!ans) return 0; /* failed to answer a question */ } At "Geert Stappers", please don't modify/touch patch that are not yours, this is bat practiss and undesirable/unwanted. At "Trey Sis", can you confirm that your original patch applies cleanly at the tip of the development branch? Note that the maintainer of the project is "Simon Kelley" and "Geert Stappers" is not affiliated in anyway with the project. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dnsmasq ipset like support for nftables
On 5/19/2021 9:37 PM, Kevin 'ldir' Darbyshire-Bryant wrote: On 19 May 2021, at 19:33, GopiKrishna Kodali wrote: 2nd attempt. Any information on this is greatly appreciated. Currently dnsmasq doesn’t speak nftables sets. IIRC there was a recent-ish patch submitted to add such functionality, it was not merged at that time and there have been significant codebase changes since so it may well not apply. I note that Simon (maintainer) would gladly accept some help on adding support for nftables into Dnsmasq. I would also say that support for iptables should not be deprecated. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH] Support Cisco Umbrella/OpenDNS Device ID & Remote IP
On 4/8/2021 1:32 AM, Brian Hartvigsen wrote: On Apr 7, 2021, at 15:48, Simon Kelley wrote: 1) the version field is set to zero, but https://docs.umbrella.com/umbrella-api/docs/identifying-dns-traffic says it should be one. Version 0 uses a 1-byte field for the sub option (organization id, device id, asset id). Version 1 uses an 2-byte (unsigned short) for the sub option. That's the only difference relevant to this code. I can update it to use version 1 just to match the current documentation if that is better for inclusion. 2) I don't like the umbrella_data[512] declaration. I know it can't overflow, but declaring the array to the exact maximum size (and defining the calculation for that in a comment) makes it less likely that future modifiers of the code will assume they can add stuff without checking. I'd go further and declare a struct with the fixed stuff (the magic number, flags and version and a char array of the size needed for the longest set of sub-options. I actually had this at first (as shown in the PR on GitHub) and took it out for reasons I can't remember (original code is a couple years old now.) I was wondering the same thing when I did the patch but really wanted to get it out there. I'll get to work on converting to a struct since it shouldn't be that much work. 3) Why is umbrella_device being converted from a text string to a byte array during packet-manipulation? That would surely be better done in option.c during option parsing, with some error checking for non-hex characters as well. Not for any good reason, because I didn't think to do that? I'll work on that too! 4) Your code starts each field with a single byte id, for instance 0x04 for UMBRELLA_ASSET, but https://docs.umbrella.com/umbrella-api/docs/identifying-dns-traffic says it should be two bytes, 0x00, 0x04 Same as #1 5) You are modifying queries with per-client data (addresses) so you need to set cacheable to zero in add_edns0_config() so that data which is valid for only one client doesn't get returned to another client from the cache. 6) Consider using the PUTLONG and PUTSHORT macros instead of memcpy() calls, to match the rest of the code. Will correct both of these, thank you! I really appreciate your feedback on this. One question, for purposes of submitting additional patches, is it okay to do a patch that applies on top of the current patch or is it preferred to send a patch that has all of my changes in it? The below is under the assumption that everything that is sent can be applied cleanly at the tip of the desired branch. It is preferable to send a 'reroll-count'. As all of this is code 'fixup', I would say that one patch is desirable! :) Note that I'm not a project maintainer, so that might not be what Simon desire. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Can I specify the DNS address returned by DHCP?
On 2/4/2021 4:25 PM, Vallevand, Mark K wrote: I don't want dnsmasq to do DNS. Nor do I want it to do any kind of forward or relay. I want to specify the address of my DNS to be returned as the giaddr in the DHCP offer. You would need to first disable Dnsmasq's DNS capability by setting '--port' to '0' ('--port=0'. Then using the dhcp-option (6) '--dhcp-option=dns-server:'. Substitute by the desired DNS IP server. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Website and Dnsmasq pages
On 2/3/2021 10:59 PM, - Neustradamus - wrote: Simon, do you have my emails? Thanks in advance. Simon might appriciate if you could provide the redirect rules that you suggest if you think that could improve the web site. The web server in question is 'Apache/2.4.38 (Debian) Server at thekelleys.org.uk Port 443'. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Can I tell dnsmasq not to use one isolated address in a DHCP range
The below assumes that a client can use a fix IP address even though it is configured on the DHCP server as DHCP static lease. On 12/26/2020 2:57 PM, Chris Green wrote: Is it possible to tell dnsmasq not to use one IP address in a dhcp-range assignment? I have a user on my LAN who has set 192.168.1.121 in their system as their IP address and it's in my dhcp-range=192.168.1.80,192.168.1.223,12h You could split your range in two smaller ranges living out the IP in question. (I think they originally used dnsmasq's DHCP to get 192.168.1.121 so it's unlikely to get re-assigned but better safe than sorry) You could also make Dnsmasq awair of this IP by having a fixed DHCP lease by using MAC addr/client ID. As a follow-up I guess that if I want dnsmasq to return a system name for 192.168.1.121 (which it hasn't assigned itself) I'll need to add it to /etc/hosts on the dnsmasq system. I would use 'dhcp-host' instead of the hosts file. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Using cname to alias dhcp-host IDs
On 12/23/2020 7:08 PM, Arthur Wiebe wrote: From reading the man page, and my understanding of the statement "Only one hostname can be given in a --dhcp-host option, but aliases are possible by using CNAMEs. (See --cname )" I've been attempting to implement this without any success so far. My goal is to have two names get assigned the same IP via DHCP. The purpose of this is transitioning IPSec IDs as I have strongswan using dnsmasq to assign static IPs to mobile clients. In this example I would like both DEVICE_V1 and DEVICE_V2 to get the same IP address 10.1.2.3 and my current attempted configuration is as follows. /etc/hosts contains: 10.1.2.3 DEVICE_V1 -- dnsmasq conf file contains: cname=DEVICE_V2,DEVICE_V1 dhcp-host=DEVICE_V1,10.1.2.3,infinite Couple of thoughts here and this assumes that DEVICE_V1 is having the correct IP before fiddling with cnames: - Does it help if you remove the line from /etc/hosts file and only use the 'dhcp-host' statement? With 'dhcp-host' as shown above, the client presenting the hostname 'DEVICE_V1' should get the fixed address shown above. The cname option that you have, will let DNS resolve 'DEVICEV1' or 'DEVICE_V2'. So 'host DEVICE_V1' or 'host DEVICE_V2' should show for both the IP of DEVICE_V1. - When Dnsmasq starts, is DEVICE_V1 present in the lease file? Cnames are only created if the hostname is known to Dnsmasq when starting. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Using FQDNs in dhcp-host options
On 12/11/2020 12:52 PM, Fabiano Sidler wrote: Hi folks! I' using the following dhcp-host directive: dhcp-host=00:50:56:bd:01:23,fullyqualified.domain.name,192.168.42.42 The IP address is properly assigned over DHCP, but when I query Dnsmasq: $ dig @192.168.42.1 fullyqualified.domain.name I get an NXDOMAIN answer. The question: is this intendet or should names in dhcp-host directives normally become available and I have a misconfiguration somewhere? The installation is an almost default one on Ubuntu 20.04. I'd be happy with not having to specify hostnames twice in /etc/hosts AND as a dhcp-host parameter. As far as I understand it, hostname should be used instead of FQDN. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] DNS refused when internet is down
On 11/25/2020 9:31 AM, Duncan Webb wrote: Dear all, When the internet is down for some external reason nslookup is returning "Connection to DNS 10.0.0.1 was refused" when looking up a host on the LAN that has its IP from DHCP. Both DHCP and DNS are provided by dnsmasq. Is this the expected behaviour or a misconfiguration? No, this is not the expected behavior. We can not say where the issue lies with the little information you have provided. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Resolving .local names
On 11/5/2020 11:33 AM, Mukuntha rajaa wrote: Hi, I am working on a legacy application, which uses ".local" format names. I have setup dnsmasq in my system. /usr/sbin/dnsmasq -k --bind-interfaces --listen-address=127.0.0.1,192.168.101.101 --dns-forward-max=1000 --cache-size=1 --server 10.58.112.113 If I run my application, which does getaddrinfo on ".local" as first step,I get "Name or service not known" Does dnsmasq not resolve ".local" names too ? How to resolve ".local" names ? All my resolutions are only within my machine. I am not entertaining any DNS resolution outside of my machine. Look in the man page (1) for '--domain' or '--local'. 1) http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] How to contact Simon Kelley
On 10/1/2020 9:59 AM, Riccardo Schirone wrote: On 09/28, Nudge wrote: On Mon, Sep 28, 2020 at 01:59:04PM +0200, Riccardo Schirone wrote: Hello, I'm trying to reach out to Simon Kelley about dnsmasq, however he is not answering direct emails and he has not been active on this list for few months now. Does anybody have a way to contact him or know anything about him? Could you ping him if you have other means to reach him apart from public email? Thank you, The why is left out ... We need to discuss some possible security issues. Is he the only one with commit-access to the upstream git repository? Is he the only one able to do a new release for the project? Yes, that is as far as I understand it. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] DNSMasq slow.
On 10/1/2020 3:41 AM, Ken D'Ambrosio wrote: Hi, all. I've got a RasPi 4, with 4 GB of mostly empty RAM, acting as my firewall/gateway, with DHCP and DNSMasq running. And performance of I'll assume that dnsmasq is providing DNS and DHCP. it is... odd. E.g., I have an entry in /etc/hosts on the Pi that I figured would be served nearly instantly, since no external lookup is required, and, out of ten lookups from the same host that sits on the common network, I range from about .2 seconds to 7. (Note that it seems to fluctuate throughout the lookups, not just faster after the first lookup fills the cache or anything.) Lookups for hosts not in /etc/hosts seem to be roughly as long as well. Not sure how to troubleshoot this. Any suggestions would be greatly appreciated. Is dnsmasq configure to cache DNS request (see (1) for an example). 1) https://www.raspberrypi.org/forums/viewtopic.php?t=46154 -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Possible lease matching/reuse bug
On 9/8/2020 9:19 AM, Jerome Vuarand wrote: Hi, I believe I'm triggering a bug where a static dhcp-host config does't seem to match the existing lease the second time that client connects. I'm running dnsmasq from a Raspberry Pi acting as a WiFi access point. I have a mixture of IoT devices connecting to it. I'd like most clients to get a dynamic IP address, but some to get a static one based on their name, so I use a combination of dhcp-range and dhcp-host. I have the following config: interface=ap0 dhcp-range=192.168.4.100,192.168.4.250,255.255.255.0,24h domain=example.com dhcp-script=/home/pi/my_web_ui/dnsmasq_script dhcp-leasefile=/var/run/dnsmasq.leases dhcp-host=target And I have an entry in /etc/hosts that associate target to 192.168.4.2, the dnsmasq server itself is 192.168.4.1. Are you seeing the same thing if you do: 'dhcp-host=target,192.168.4.2' The above assumes that the hosts file does not contain the Ip in question. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Is there a way to return an alias in preference to real host name?
On 8/2/2020 2:39 PM, Chris Green wrote: I have a couple of systems on my home LAN which have long, not very useful, names, e.g.:- DESKTOP-978VD5M - An MS Windows machine MC342-AE529C - An OKI printer I have added cname entries as follows in my dnsmasq.conf :- cname=ben,DESKTOP-978VD5M cname=oki,MC342-AE529C So I can refer to them as 'ben' and 'oki'. However it would be even better if the names 'ben' and 'oki' were returned when I use 'host', 'arp-scan' or similar commands. Is there a way of getting dnsmasq to do this (preferably without losing the ability to use the long, unmemorable, names as well)? The Host utility should say that 'oki' is an alias for 'MC342-AE529C' then show Ip(s) for the record. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Tag requests for a DHCP address from devices using a Locally Administered MAC address
On 7/27/2020 8:12 PM, d...@lutean.com wrote: Hi everyone, The following proposed patch includes my attempt at a man page change. It also includes Vladislav Grishenko's suggestion to tag LAA source addresses independently from multicast addresses. If these changes are acceptable, I propose the following commit message: DHCP requests from ethernet MAC addresses that have either the Locally Administered Address flag set or the multicast flag set automatically get tagged with "laa" and "multicast" respectively before further processing. Todd Sankey --- a/man/dnsmasq.8 +++ b/man/dnsmasq.8 @@ -2152,9 +2152,24 @@ include set:, including one from the .B --dhcp-range used to allocate the address, one from any matching .B --dhcp-host -(and "known" or "known-othernet" if a \fB--dhcp-host\fP matches) -The tag "bootp" is set for BOOTP requests, and a tag whose name is the -name of the interface on which the request arrived is also set. +In addition, several tags may be applied automatically. These are: +.PP +.B - "known" +if a \fB--dhcp-host\fP matches and it is being used +.PP +.B - "known-othernet" +if a \fB--dhcp-host\fP matches but it cannot be used because it does not apply on the network the request was received on +.PP +.B - "bootp" +if the request is a BOOTP request +.PP +.B - "laa" +if the request source MAC address is a Locally Administered Address +.PP +.B - "multicast" +if the request source MAC address is a multicast address +.PP +- the name of the interface on which the request arrived. Any configuration lines which include one or more tag: constructs will only be valid if all that tags are matched in the set derived diff --git a/src/rfc2131.c b/src/rfc2131.c index fc54aab..4358b52 100644 --- a/src/rfc2131.c +++ b/src/rfc2131.c @@ -93,7 +93,7 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index, unsigned char *agent_id = NULL, *uuid = NULL; unsigned char *emac = NULL; int vendor_class_len = 0, emac_len = 0; - struct dhcp_netid known_id, iface_id, cpewan_id; + struct dhcp_netid known_id, iface_id, cpewan_id, laa_id, multicast_id; struct dhcp_opt *o; unsigned char pxe_uuid[17]; unsigned char *oui = NULL, *serial = NULL; @@ -114,6 +114,30 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index, if (mess->htype == 0 && mess->hlen != 0) return 0; + /* Ethernet addresses have 2 special bits, the 2 LSbs of the first address byte. + Check those 2 special bytes and tag DHCP requests from devices for the unusual + cases of these 2 bits. */ + if (mess->htype == ARPHRD_ETHER && (mess->chaddr[0] & 3)) + { +/* Check if sender has a Locally-Administered ethernet Address and set a tag if so. */ +/* Locally Administered Addresses (LAA) have the 2nd LSb of the first address byte set */ +if ((mess->chaddr[0] & 2) == 2) +{ + laa_id.net = "laa"; + laa_id.next = netid; + netid = &laa_id; +} + +/* Check if sender has a multicast ethernet and set a tag if so. */ +/* Multicast addresses have the LSb of the first address by set. Set a tag it multicast. */ +if ((mess->chaddr[0] & 1) == 1) +{ + multicast_id.net = "multicast"; + multicast_id.next = netid; + netid = &multicast_id; +} + } + /* check for DHCP rather than BOOTP */ if ((opt = option_find(mess, sz, OPTION_MESSAGE_TYPE, 1))) { I think that it would be wise to wait for input from the maintainer of Dnsmasq (Simon Kelley ). -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Fwd: [PATCH] Makefile: make variables overridable
On 7/11/2020 4:17 PM, Geert Stappers wrote: On Sat, Jul 11, 2020 at 02:33:36PM +0200, betaboon wrote: Hello Simon, hello everyone. when cross-compiling dnsmasq for armv7 in nixos we ran into the Makefile not picking up the variables properly. for now we are maintaining the attached patch in our package-tree to get around this issue, but would love to upstream this to you. The issue in question can be found here: https://github.com/NixOS/nixpkgs/pull/91422 That "pull request" says the reason is https://github.com/NixOS/nixpkgs/pull/91418 The "#91418" mentions dbus.c:21:10: fatal error: dbus/dbus.h: No such file or directory 21 | #include | ^ >From 41d49b07a32625839f267a45379297066a7879ca Mon Sep 17 00:00:00 2001 From: betaboon Date: Tue, 30 Jun 2020 12:13:41 +0200 Subject: [PATCH] Makefile: make variables overridable --- Makefile | 38 +++--- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/Makefile b/Makefile index 78e25f0..8e44354 100644 --- a/Makefile +++ b/Makefile @@ -18,31 +18,31 @@ # Variables you may well want to override. -PREFIX= /usr/local -BINDIR= $(PREFIX)/sbin -MANDIR= $(PREFIX)/share/man -LOCALEDIR = $(PREFIX)/share/locale -BUILDDIR = $(SRC) -DESTDIR = -CFLAGS= -Wall -W -O2 -LDFLAGS = -COPTS = -RPM_OPT_FLAGS = -LIBS = +PREFIX?= /usr/local +BINDIR?= $(PREFIX)/sbin +MANDIR?= $(PREFIX)/share/man +LOCALEDIR ?= $(PREFIX)/share/locale +BUILDDIR ?= $(SRC) +DESTDIR ?= +CFLAGS?= -Wall -W -O2 +LDFLAGS ?= +COPTS ?= +RPM_OPT_FLAGS ?= +LIBS ?= # # Variables you might want to override. -PKG_CONFIG = pkg-config -INSTALL= install -MSGMERGE = msgmerge -MSGFMT = msgfmt -XGETTEXT = xgettext +PKG_CONFIG ?= pkg-config +INSTALL?= install +MSGMERGE ?= msgmerge +MSGFMT ?= msgfmt +XGETTEXT ?= xgettext -SRC = src -PO = po -MAN = man +SRC ?= src +PO ?= po +MAN ?= man # -- 2.27.0 So a single 'dbus.c:21:10: fatal error: dbus/dbus.h: No such file or directory' in the NixOS world, shows up here as request for, example given, -MANDIR= $(PREFIX)/share/man +MANDIR?= $(PREFIX)/share/man With whole commit message 'Makefile: make variables overridable'. Patch reviewed and rejected. Reviewed is one thing, but rejected by a non-maintainer of the project is out of line. 'Geert Stappers' is not in anyway a maintainer of the Dnsmasq project nor am I. While the patch might not be addressing the core of this issue, being able to overwrite variable is worth considering in anycase. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Static leases issues
Resending through the list. On 6/9/2020 7:51 PM, john doe wrote: On 6/9/2020 5:25 PM, Bruno BEAUFILS wrote: On Tue, Jun 09, 2020 at 11:13:19AM +0200, john doe wrote: Do we agree that to clean the leases the removal of the leases file when dnsmasq is stopped is sufficient? Correct, rereading your first e-mail, try to clear the lease on your dhcp client. OK I will try and I hope it will certainly work, but one should not have to modify the client so that the server behave correctly on this side. Am I right? Assuming that you have cleared your lease file and that more than 24 hours have passed, your client should have picked up the new lease. That is why I suggested looking at the misbehaving DHCP client. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Static leases issues
On 6/9/2020 10:17 AM, Bruno BEAUFILS wrote: On Mon, Jun 08, 2020 at 06:36:20PM +0200, john doe wrote: 2. remove the leases file Try clearing the lease for the host in question: $ systemctl stop dnsmasq Remove the file altogether or remove the desired lease in the lease file:. Lease file path: '/var/lib/misc/dnsmasq.leases' $ systemctl start dnsmasq As I wrote, it is already what I did. My lease file is under /var/lib/dnsmasq/dnsmasq.leases though. IN plain English, you need to clear the lease or you need to wait for the lease to expire. This is exactly what I hoped but what I observed not working. Do we agree that to clean the leases the removal of the leases file when dnsmasq is stopped is sufficient? Correct, rereading your first e-mail, try to clear the lease on your dhcp client. With dhclient something like 'dhclient -r '. Also your host definition has 'id:*', I would try to remove it. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Static leases issues
On 6/8/2020 6:18 PM, Bruno BEAUFILS wrote: Hello everyone, I have got a static leases issue with dnsmasq 2.80-1 installed as Debian Buster package. I search the man page and the mailing list archives without any success. Thus I try here. Here is short summary of what I have. I am on a simple LAN with a screenless host running dnsmasq. It is the only, and thus main, DHCP server on the network. I use the dhcp-authoritative option in dnsmasq configuration. It offers a dhcp-range looking like that... dhcp-range=192.168.0.200,192.168.0.250,12h ...and a bunch of static lease looking like something like that dhcp-host=xx:xx:xx:xx:xx:xx,id:*,192.168.0.2,somename I want to use a new USB-ethernet adpator on a new laptop. On the first connection the host get a IP from the open range (192.168.0.203) as it is visible in the logs: Jun 7 17:38:29 b3 dnsmasq-dhcp[12907]: DHCPDISCOVER(eth1) 12:34:56:78:9a:bc Jun 7 17:38:29 b3 dnsmasq-dhcp[12907]: DHCPOFFER(eth1) 192.168.0.203 12:34:56:78:9a:bc Jun 7 17:38:29 b3 dnsmasq-dhcp[12907]: DHCPDISCOVER(eth1) 12:34:56:78:9a:bc Jun 7 17:38:29 b3 dnsmasq-dhcp[12907]: DHCPOFFER(eth1) 192.168.0.203 12:34:56:78:9a:bc Jun 7 17:38:29 b3 dnsmasq-dhcp[12907]: DHCPREQUEST(eth1) 192.168.0.203 12:34:56:78:9a:bc Jun 7 17:38:29 b3 dnsmasq-dhcp[12907]: DHCPACK(eth1) 192.168.0.203 12:34:56:78:9a:bc mechra After the first connection I am able to log on the server and add a dhcp-host specific to that host. For that I did the following things in order : 1. stop the dnsmasq server 2. remove the leases file 3. modify the dnsmasq configuration in order to add the dhcp-host option dhcp-host=00:23:4d:df:a1:d1,id:*,192.168.0.15,somefancyname,24h 4. start the dnsmasq server After that I unplug the adaptor from the laptop and replug it in order for it to get the new IP from the static lease. Unfortunately I always get the same "old" adress (192.168.0.203), as the log shows (because the client asked it): juin 7 18:05:23 b3 dnsmasq-dhcp[29360]: DHCPREQUEST(eth1) 192.168.0.203 12:34:56:78:9a:bc juin 7 18:05:23 b3 dnsmasq-dhcp[29360]: DHCPACK(eth1) 192.168.0.203 12:34:56:78:9a:bc mechra I thought the dnsmasq should have refused the client request of using 192.168.0.203 (through a DHCPNAK for instance) and sent it a new OFFER with the correct static (192.168.0.15). Did I miss something (aka this is normal behavior but I misconfigured the whole stuff certainly because I did not understand the documentation well enough) or am I struggling with some kind of bug? Just in case it matters: all host used in the description are running Debian. Try clearing the lease for the host in question: $ systemctl stop dnsmasq Remove the file altogether or remove the desired lease in the lease file:. Lease file path: '/var/lib/misc/dnsmasq.leases' $ systemctl start dnsmasq IN plain English, you need to clear the lease or you need to wait for the lease to expire. HTH. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] How to use dnsmasq in a multi-wan environment??
On 6/3/2020 8:22 PM, John Knight wrote: Hi, I am trying to understand how dnsmasq works and is configured for use in a multi-wan environment, where there are two networks/interfaces, one for internet access (public) and one for a management network (private). In my router, the default route points to the data network. There is no static route to access the management network. What I want to do is establish a static route to the ACS server on the management network; all I have for the ACS Server is a URL. The ACS server would NOT be in the dns database on the data network side, but as I understand it would be in the dns database on the management network... this is done for security reasons. I need DNS to resolve the name in the URL to its IP Address. My question is how does dnsmasq locate the upstream dns servers on the two different wan interfaces?? How does it know which interfaces it should use? Is there some configuration I should have to tell dnsmasq to also use the management wan interface to find upstream dns? Since the default route points to the data network's wan interface, any upstream traffic sent by dnsmasq will go out the data network's wan interface by default... how would dnsmasq send to upstream dns server on management wan interface? How does the routing occur to the management wan interface? We have a working dnsmasq configuration for a single wan environment... what I am hoping to learn is what needs to be done to our configuration of dnsmasq to make it also work in multi-wan environment... and of course, if I can learn a little on how it works in this environment, I would be very grateful. Thanks in advance for your help with this, Unless I'm missing something, most of your questions are deeling with the DHCP client and not with Dnsmasq per say. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] DHCPv6 with IPv4 address in last 32 bits of IPv6 address: ideas?
On 4/22/2020 9:08 AM, William Edwards wrote: > >> Op 22 apr. 2020 om 08:41 heeft Olaf Hering het volgende >> geschreven: >> >> Am Tue, 21 Apr 2020 15:58:25 +0200 >> schrieb "William Edwards" : >> >>> Ideas are welcome. >> >> You did not say how hosts are identified, nor did you say why exactly >> addresses matter in your setup. >> If it is done based on their MAC addresses, just give each host a name. >> >> host-record=hostname,hostname.${dns_domain},${ipv4},${ipv6_prefix}::0323:45ff:feab:cdef >> dhcp-host=01:23:45:ab:cd:ef,set:hostname,hostname,216000 >> >> After all this project is called DNSmasq, not DHCPmasq... > > Your position is clear. What I’ll probably do is write a config file in > dnsmasq.d/ with dhcp-host directive from my dhcp-script, after handing out a > v4 lease and replacing . with :. > You could also use the corresponding directory option for dhcp-host. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Question
On 4/11/2020 1:43 AM, Michael wrote: > On 4/10/20 2:46 PM, Dave Harrison wrote: >> Greetings, >> >> I was attempting to post a question to your board. I'm not clear if I >> was successful in logging in or not. However, I will post the >> question to this email. Hopefully this will be a reasonable format >> for asking the question. >> >> The question: >> >> I have configured a Raspberry Pi 4 with a LAMP stack and a Wordpress >> website. Unfortunately after the site was successfully published, I >> realized that I was unable to access the website from the public >> side. I was able to view the website from within my local network. >> >> I set up Port Forwarding successfully and established a static IP >> address for Raspberry Pi. I am asking this question to determine if >> the dnsmasq application may help me solve this problem. I realize >> there are a number of "tunneling" solutions, however I am looking for >> a solution that will allow visitors to type in the public WWW url >> address and view the website. It is important that public visitors >> can access the website from the "normal" URL address. >> > > DNSmasq is primarily for providing DNS responses for hosts on your local > network. The DNS responses could be to help hosts on your network find > your LAMP stack or resolving DNS for things on the internet. Without > it, hosts on your local network likely can only find things on the > internet, but can't find things locally by name. > > > You are looking to have hosts out on the internet find a host that is on > your network which is basically the reverse problem. There are two ways > you might approach this problem. > > > 1) Register a domain with a registrar and have them host DNS records for > you. This is probably more complication than you want to take on today. > > 2) Sign up with a dynamic DNS company and use a client on your local > network or your router to regularly update the DNS record at the DDNS > provider. Then your LAMP stack could be found by others by doing to > @DDNS.com or something like that. Google DDNS provider and > you can find a bunch of companies that provide this service and many are > free. You might even see if your router directly supports one of these > providers making the integration and automatic updates easy. > > > You might also want to use split-DNS. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Regarding: space two point eighty one, take 2
On 3/8/2020 5:17 PM, Geert Stappers wrote: > > Hello John, > > > On Sun, Mar 08, 2020 at 01:35:11PM +0100, john doe wrote: >> On 3/8/2020 12:33 PM, Geert Stappers wrote: >>> On Sat, Mar 07, 2020 at 10:01:30PM +0100, Geert Stappers wrote: >>>> In-Reply-To: <1255b7ff-351f-46d7-f811-ac3373102...@thekelleys.org.uk> >>>> >>>> Now spliting previous change request into two parts: >>>> * Removing trailing white_space_only_lines >>> >>> Done, see >>> http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2020q1/013866.html >>> >>> Removed lines don't show up in `git blame`. >>> >>> >>>> * Emptying the empty lines >>> >>> Execute: >>> >>> sed --in-place -e 's/^[ \t]*$//' src/*.c src/*.h >>> >>> > ... >>> >>> >>> To prevent that 8% of the lines in future `git blame` >>> will distract us by reminding us on this clean-up. >>> >>> Execute: >>> >>> git commit -am "Removed useless white space" --author="Simon Kelley >>> " >>> >>> >>> >> >> Please use gitsend-email as you are known to be able to use it with the >> '--reroll-count=..' for a new reroll. > > Thanks for telling. I'll use it > in stead of the 'take 2' in the current subject. > Your git send-email command should also include '--in-reply-to' in addition to the '--reroll-count', see also (1) before using those options. When committing, don't forget to "sign-off" ('-s'). > >> So Simon knows which set of patches to consider. > > Looking forward on your help > with > http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2020q1/013864.html > See (2). 1) https://git-scm.com/docs/git-send-email 2) https://git-scm.com/book/en/v2/Git-Basics-Git-Aliases -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] space two point eighty one, take 2
On 3/8/2020 12:33 PM, Geert Stappers wrote: > On Sat, Mar 07, 2020 at 10:01:30PM +0100, Geert Stappers wrote: >> In-Reply-To: <1255b7ff-351f-46d7-f811-ac3373102...@thekelleys.org.uk> >> On Thu, Mar 05, 2020 at 10:34:29PM +, Simon Kelley wrote: >>> On 05/03/2020 21:05, Geert Stappers wrote: >>>> On Thu, Mar 05, 2020 at 09:46:21PM +0100, Geert Stappers wrote: >>>>> >>>>> I plea for removal of unneeded ' ' and ' '. >>>>> >>>>> That removal can be done with: >>>>> ... remove trailing white_space_only_lines ... >>>>> >>>>> ... empty lines: sed --in-place -e 's/^[ \t]*$//' src/*.c ... >>>> >>>> I love to see that in the 2.81 release of dnsmasq. >>>> >>> >>> The obvious problem with doing that is that for ever more, when I run >> } "git blame" N lines will have the source "Removed useless whitespace". >> >> That valid point shouldn't be a big issue. >> At least I think it can be mitigated. >> >> Now spliting previous change request into two parts: >> * Removing trailing white_space_only_lines > > Done, see > http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2020q1/013866.html > > Removed lines don't show up in `git blame`. > > >> * Emptying the empty lines > > Execute: > > sed --in-place -e 's/^[ \t]*$//' src/*.c src/*.h > > > > > $ git diff | wc > 21923 78016 607091 > $ git diff | grep ^+ | grep -c -v ^+++ > 3053 > $ wc -l src/*.c src/*.h | tail -n 1 > 39474 totaal > $ echo "3053 / 39474 * 100" | bc -l > 7.73420479302832244000 > > > To prevent that 8% of the lines in future `git blame` > will distract us by reminding us on this clean-up. > > Execute: > > git commit -am "Removed useless white space" --author="Simon Kelley > " > > > > $ git blame src/arp.c | sed --silent -e 60,80p > cc921df9 (Simon Kelley 2019-01-02 22:48:59 + 60) if > (!IN6_ARE_ADDR_EQUAL(&arp->addr.addr6, (struct in6_addr *)addrp)) > 11867dc2 (Simon Kelley 2015-12-23 16:15:58 + 61) continue; > 11867dc2 (Simon Kelley 2015-12-23 16:15:58 + 62) } > 11867dc2 (Simon Kelley 2015-12-23 16:15:58 + 63) > 33702ab1 (Simon Kelley 2015-12-28 23:17:15 + 64) if (arp->status > == ARP_EMPTY) > 11867dc2 (Simon Kelley 2015-12-23 16:15:58 + 65) { > 33702ab1 (Simon Kelley 2015-12-28 23:17:15 + 66) /* existing > address, was negative. */ > 11867dc2 (Simon Kelley 2015-12-23 16:15:58 + 67) arp->status = > ARP_NEW; > 11867dc2 (Simon Kelley 2015-12-23 16:15:58 + 68) arp->hwlen = > maclen; > 11867dc2 (Simon Kelley 2015-12-23 16:15:58 + 69) memcpy(arp->hwaddr, > mac, maclen); > 11867dc2 (Simon Kelley 2015-12-23 16:15:58 + 70) } > 33702ab1 (Simon Kelley 2015-12-28 23:17:15 + 71) else if > (arp->hwlen == maclen && memcmp(arp->hwaddr, mac, maclen) == 0) > 33702ab1 (Simon Kelley 2015-12-28 23:17:15 + 72) /* Existing > entry matches - confirm. */ > 33702ab1 (Simon Kelley 2015-12-28 23:17:15 + 73) arp->status = > ARP_FOUND; > 33702ab1 (Simon Kelley 2015-12-28 23:17:15 + 74) else > 33702ab1 (Simon Kelley 2015-12-28 23:17:15 + 75) continue; > ced2a733 (Simon Kelley 2020-03-08 12:17:53 +0100 76) > 11867dc2 (Simon Kelley 2015-12-23 16:15:58 + 77) break; > 11867dc2 (Simon Kelley 2015-12-23 16:15:58 + 78) } > 11867dc2 (Simon Kelley 2015-12-23 16:15:58 + 79) > 11867dc2 (Simon Kelley 2015-12-23 16:15:58 + 80) if (!arp) > > > Please use gitsend-email as you are known to be able to use it with the '--reroll-count=..' for a new reroll. So Simon knows which set of patches to consider. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] space two point eighty one
;> 16:15:58 + 12) 11867dc2 (Simon Kelley 2015-12-23 16:15:58 + >> 13)You should have received a copy of the GNU General Public >> License 11867dc2 (Simon Kelley 2015-12-23 16:15:58 + 14) >> along with this program. If not, see <http://www.gnu.org/licenses/>. >> 11867dc2 (Simon Kelley 2015-12-23 16:15:58 + 15) */ >> stappers@paddy:~/src/dnsmasq $ git blame src/arp.c | head -n 15 >> 2a8710ac (Simon Kelley 2020-01-05 16:40:06 + 1) /* dnsmasq is >> Copyright (c) 2000-2020 Simon Kelley 11867dc2 (Simon Kelley >> 2015-12-23 16:15:58 + 2) 11867dc2 (Simon Kelley 2015-12-23 >> 16:15:58 + 3)This program is free software; you can >> redistribute it and/or modify 11867dc2 (Simon Kelley 2015-12-23 >> 16:15:58 + 4)it under the terms of the GNU General Public >> License as published by 11867dc2 (Simon Kelley 2015-12-23 16:15:58 >> + 5)the Free Software Foundation; version 2 dated June, >> 1991, or 11867dc2 (Simon Kelley 2015-12-23 16:15:58 + 6) >> (at your option) version 3 dated 29 June, 2007. e0984534 (Geert >> Stappers 2020-03-06 23:12:53 +0100 7) 11867dc2 (Simon Kelley >> 2015-12-23 16:15:58 + 8)This program is distributed in the >> hope that it will be useful, 11867dc2 (Simon Kelley 2015-12-23 >> 16:15:58 + 9)but WITHOUT ANY WARRANTY; without even the >> implied warranty of 11867dc2 (Simon Kelley 2015-12-23 16:15:58 >> + 10)MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. >> See the 11867dc2 (Simon Kelley 2015-12-23 16:15:58 + 11) >> GNU General Public License for more details. e0984534 (Geert Stappers >> 2020-03-06 23:12:53 +0100 12) 11867dc2 (Simon Kelley 2015-12-23 >> 16:15:58 + 13)You should have received a copy of the GNU >> General Public License 11867dc2 (Simon Kelley 2015-12-23 16:15:58 >> + 14)along with this program. If not, see >> <http://www.gnu.org/licenses/>. 11867dc2 (Simon Kelley 2015-12-23 >> 16:15:58 + 15) */ stappers@paddy:~/src/dnsmasq $ >> >> >> Regards >> Geert Stappers > > Thanks. So lines 7 & 12 show the desired behaviour (ignoring > whitespace-only changes). > > AFAICS there is no mechanism to make this the default behaviour within > git. A shell alias? > I would go for Git alias. The realquestion is do we realy want this at all (whitespace correction)? -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] RFC 8735 and Dnsmasq
Any help on how I can comply to '4.4' would be appriciated. On 12/21/2019 9:12 AM, john doe wrote: > On 12/21/2019 7:41 AM, john doe wrote: >> Thank you, Simon for your answer. >> >> On 12/20/2019 6:36 PM, Simon Kelley wrote: >>> On 18/12/2019 11:19, john doe wrote: >>>> On 12/18/2019 11:29 AM, Kurt H Maier wrote: >>>>> On Wed, Dec 18, 2019 at 08:46:22AM +0100, john doe wrote: >>>>>> Hi, >>>>>> >>>>>> I was wondering what is the state of (1) with regard to Dnsmasq? >>>>>> >>>>>> Any help is appriciated. >>>>>> >>>>>> 1) https://tools.ietf.org/html/rfc8375 >>>>> >>>>> It works. >>>>> >>>>> Are you looking for something in particular? >>>>> >>>> >>>> As far as I understand it, HNCP will automatically manage IPv4/6 and I'm >>>> not sure how Dnsmasq will come into play? >>>> >>>> As the RFC suggest, for my home network I will change to '.home.arpa'. >>>> >>>> Thanks for confirming that Dnsmasq works with '.home.arpa'. >>>> >>>> -- >>> >>> >>> To comply with 4.4 requires some configuration >>> >>> local=/home.arpa/ >>> >>> and, for section C >>> >>> server=/home.arpa/ >>> >> >> Okay, I'm at a lost on how to get this straight and would appriciate any >> help. >> >> If I look at (1) : >> >> "-S, --local, >> --server=[/[]/[domain/]][[#][@|[#]]" >> >> I can group the above two lines as follow: >> >> local=/home.arpa/ >> >> Is that correct? >> >> >> >> I use dnsmasq on two different boxes, gateway is behind perimeterfirewall: >> - perimeterfirewall >> # Add local-only domains here, queries in these domains are answered >> # from /etc/dnsmasq-hosts.d or DHCP only. >> local=/london.home/ >> # Set the domain for dnsmasq >> domain=london.home >> # Set a different domain for a particular subnet >> domain=wired.london.home,172.19.100.0/24,local >> # Specify DHCP range with a tag >> dhcp-range=set:wired,172.19.100.200,static >> >> - gateway >> # Add local-only domains here, queries in these domains are answered >> # from /etc/dnsmasq-hosts.d or DHCP only. >> local=/vancouver.home/ >> # Set the domain for dnsmasq >> domain=vancouver.home >> # Set a different domain for a particular subnet >> domain=dmz.vancouver.home,172.19.150.0/24,local >> domain=wifi.vancouver.home,172.19.200.0/24,local >> # Specify DHCP range with a tag >> dhcp-range=set:dmz,172.19.150.200,172.19.150.253 >> dhcp-range=set:wifi,172.19.200.200,static >> >> >> With the exceptionof the above, both dnsmasq.conf files are identical. >> >> In your server line above, I don't understand what the '' >> should be? >> >> I would'd like to understand this before I go ahead with changing >> '.home' to '.home.arpa'. >> Upstream DNS is handled by systemd-resolvd and the resolvconf package. >> >> Any help is welcome. >> >> >> 1) http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html >> > > Also From above: > > "Also permitted is a -S flag which gives a domain but no IP address; > this tells dnsmasq that a domain is local and it may answer queries from > /etc/hosts or DHCP but should never forward queries on that domain to > any upstream servers. --local is a synonym for --server to make > configuration files clearer in this case." > > If I understand the above correctly, there is no difference between > '--local' and '--server' but '-S' makes dnsmasq treate the domain as > 'local' and thus is different. > > Are '-S' and '--local' realy diffrent? > > In other words, what are the differences between '--local', '--server' > and '-S'. > > -- > John Doe > > ___ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH] DHCPv6 - Multiple reservations for single host
On 1/7/2020 10:51 AM, Pali Rohár wrote: > Hi Harald! What are differences between your patch and mine which adds > support for it too (plus honor assignment based on MAC address)? > http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2019q4/013545.html > > On Tuesday 07 January 2020 10:01:59 Harald Jensås wrote: >> Reposting this, as it seems my e-mail client mangled the patch by >> inserting line-breaks etc. >> A good way to avoid this is to use git send-email. https://git-scm.com/docs/git-send-email -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Single-port mode for TFTP
On 12/30/2019 6:34 PM, kvaps wrote: > On Mon, Dec 30, 2019 at 2:42 PM john doe wrote: > >> Isn't the below flag what you want from (1): >> >> "--tftp-port-range=, >> A TFTP server listens on a well-known port (69) for connection >> initiation, but it also uses a dynamically-allocated port for each >> connection. Normally these are allocated by the OS, but this option >> specifies a range of ports for use by TFTP transfers. This can be useful >> when TFTP has to traverse a firewall. The start of the range cannot be >> lower than 1025 unless dnsmasq is running as root. The number of >> concurrent TFTP connections is limited by the size of the port range." >> >> >> 1) http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html >> >> -- >> John Doe >> > > Hi John, > > Unfrtunately it isn't working correctly: > > if I run dnsmasq with static port range: > > dnsmasq -d --enable-tftp --tftp-port-range=69,69 > > It reports an error: > > dnsmasq-tftp: unable to get free port for TFTP > > when I tries to download any file > You can not specify 69 here, with the current implimentation, you need to open an other port for TFTP transfer. Can't you open two ports? Have you considered using a TFTP helper in your Firewall? -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Single-port mode for TFTP
On 12/30/2019 12:51 PM, kvaps wrote: > Hi Simon, > > We're happy to use dnsmasq for organize network booting in Kubernetes, it > have everything need: DNS-, DHCP- and TFTP-servers. > > The only problem is that TFTP protocol in its reference implementation is > not working behind the NAT, because always sends reply packets from random > port. > > Note that Kubernetes uses NAT for external services, so it's not possible > to run TFTP-server for external clients there. There is one proposed > solution for that, it suggests moving away from the RFC and implement > --single-port option for always reply from the same port which was > requested by the client. > > In this way, the TFTP-packets can be simple NAT'ed back to the client side. > > Take a look on unique features for go-tftp implementation: > https://github.com/vcabbage/go-tftp#unique-features > > And its command line client: > https://github.com/kvaps/trivialt/ > Isn't the below flag what you want from (1): "--tftp-port-range=, A TFTP server listens on a well-known port (69) for connection initiation, but it also uses a dynamically-allocated port for each connection. Normally these are allocated by the OS, but this option specifies a range of ports for use by TFTP transfers. This can be useful when TFTP has to traverse a firewall. The start of the range cannot be lower than 1025 unless dnsmasq is running as root. The number of concurrent TFTP connections is limited by the size of the port range." 1) http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] RFC 8735 and Dnsmasq
On 12/21/2019 7:41 AM, john doe wrote: > Thank you, Simon for your answer. > > On 12/20/2019 6:36 PM, Simon Kelley wrote: >> On 18/12/2019 11:19, john doe wrote: >>> On 12/18/2019 11:29 AM, Kurt H Maier wrote: >>>> On Wed, Dec 18, 2019 at 08:46:22AM +0100, john doe wrote: >>>>> Hi, >>>>> >>>>> I was wondering what is the state of (1) with regard to Dnsmasq? >>>>> >>>>> Any help is appriciated. >>>>> >>>>> 1) https://tools.ietf.org/html/rfc8375 >>>> >>>> It works. >>>> >>>> Are you looking for something in particular? >>>> >>> >>> As far as I understand it, HNCP will automatically manage IPv4/6 and I'm >>> not sure how Dnsmasq will come into play? >>> >>> As the RFC suggest, for my home network I will change to '.home.arpa'. >>> >>> Thanks for confirming that Dnsmasq works with '.home.arpa'. >>> >>> -- >> >> >> To comply with 4.4 requires some configuration >> >> local=/home.arpa/ >> >> and, for section C >> >> server=/home.arpa/ >> > > Okay, I'm at a lost on how to get this straight and would appriciate any > help. > > If I look at (1) : > > "-S, --local, > --server=[/[]/[domain/]][[#][@|[#]]" > > I can group the above two lines as follow: > > local=/home.arpa/ > > Is that correct? > > > > I use dnsmasq on two different boxes, gateway is behind perimeterfirewall: > - perimeterfirewall > # Add local-only domains here, queries in these domains are answered > # from /etc/dnsmasq-hosts.d or DHCP only. > local=/london.home/ > # Set the domain for dnsmasq > domain=london.home > # Set a different domain for a particular subnet > domain=wired.london.home,172.19.100.0/24,local > # Specify DHCP range with a tag > dhcp-range=set:wired,172.19.100.200,static > > - gateway > # Add local-only domains here, queries in these domains are answered > # from /etc/dnsmasq-hosts.d or DHCP only. > local=/vancouver.home/ > # Set the domain for dnsmasq > domain=vancouver.home > # Set a different domain for a particular subnet > domain=dmz.vancouver.home,172.19.150.0/24,local > domain=wifi.vancouver.home,172.19.200.0/24,local > # Specify DHCP range with a tag > dhcp-range=set:dmz,172.19.150.200,172.19.150.253 > dhcp-range=set:wifi,172.19.200.200,static > > > With the exceptionof the above, both dnsmasq.conf files are identical. > > In your server line above, I don't understand what the '' > should be? > > I would'd like to understand this before I go ahead with changing > '.home' to '.home.arpa'. > Upstream DNS is handled by systemd-resolvd and the resolvconf package. > > Any help is welcome. > > > 1) http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html > Also From above: "Also permitted is a -S flag which gives a domain but no IP address; this tells dnsmasq that a domain is local and it may answer queries from /etc/hosts or DHCP but should never forward queries on that domain to any upstream servers. --local is a synonym for --server to make configuration files clearer in this case." If I understand the above correctly, there is no difference between '--local' and '--server' but '-S' makes dnsmasq treate the domain as 'local' and thus is different. Are '-S' and '--local' realy diffrent? In other words, what are the differences between '--local', '--server' and '-S'. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] RFC 8735 and Dnsmasq
Thank you, Simon for your answer. On 12/20/2019 6:36 PM, Simon Kelley wrote: > On 18/12/2019 11:19, john doe wrote: >> On 12/18/2019 11:29 AM, Kurt H Maier wrote: >>> On Wed, Dec 18, 2019 at 08:46:22AM +0100, john doe wrote: >>>> Hi, >>>> >>>> I was wondering what is the state of (1) with regard to Dnsmasq? >>>> >>>> Any help is appriciated. >>>> >>>> 1) https://tools.ietf.org/html/rfc8375 >>> >>> It works. >>> >>> Are you looking for something in particular? >>> >> >> As far as I understand it, HNCP will automatically manage IPv4/6 and I'm >> not sure how Dnsmasq will come into play? >> >> As the RFC suggest, for my home network I will change to '.home.arpa'. >> >> Thanks for confirming that Dnsmasq works with '.home.arpa'. >> >> -- > > > To comply with 4.4 requires some configuration > > local=/home.arpa/ > > and, for section C > > server=/home.arpa/ > Okay, I'm at a lost on how to get this straight and would appriciate any help. If I look at (1) : "-S, --local, --server=[/[]/[domain/]][[#][@|[#]]" I can group the above two lines as follow: local=/home.arpa/ Is that correct? I use dnsmasq on two different boxes, gateway is behind perimeterfirewall: - perimeterfirewall # Add local-only domains here, queries in these domains are answered # from /etc/dnsmasq-hosts.d or DHCP only. local=/london.home/ # Set the domain for dnsmasq domain=london.home # Set a different domain for a particular subnet domain=wired.london.home,172.19.100.0/24,local # Specify DHCP range with a tag dhcp-range=set:wired,172.19.100.200,static - gateway # Add local-only domains here, queries in these domains are answered # from /etc/dnsmasq-hosts.d or DHCP only. local=/vancouver.home/ # Set the domain for dnsmasq domain=vancouver.home # Set a different domain for a particular subnet domain=dmz.vancouver.home,172.19.150.0/24,local domain=wifi.vancouver.home,172.19.200.0/24,local # Specify DHCP range with a tag dhcp-range=set:dmz,172.19.150.200,172.19.150.253 dhcp-range=set:wifi,172.19.200.200,static With the exceptionof the above, both dnsmasq.conf files are identical. In your server line above, I don't understand what the '' should be? I would'd like to understand this before I go ahead with changing '.home' to '.home.arpa'. Upstream DNS is handled by systemd-resolvd and the resolvconf package. Any help is welcome. 1) http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] Multiple TLDs pointing to the same IP
Hi, I'm planning to implement RFC 8375 on my home network. For now I'm using '.home', I'm not sure how during the transition faze the use of '.home' and '.home.arpa' can be use at the same time? Assuming that it is possible, a general way to do it is prefered. In other words, how can I make dnsmasq resolve 'box.try.home' and 'box.try.home.arpa' to the same IP, that is, useing '.home' and '.home.arpa' interchangeably. Any help is appriciated. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] RFC 8735 and Dnsmasq
On 12/18/2019 11:29 AM, Kurt H Maier wrote: > On Wed, Dec 18, 2019 at 08:46:22AM +0100, john doe wrote: >> Hi, >> >> I was wondering what is the state of (1) with regard to Dnsmasq? >> >> Any help is appriciated. >> >> 1) https://tools.ietf.org/html/rfc8375 > > It works. > > Are you looking for something in particular? > As far as I understand it, HNCP will automatically manage IPv4/6 and I'm not sure how Dnsmasq will come into play? As the RFC suggest, for my home network I will change to '.home.arpa'. Thanks for confirming that Dnsmasq works with '.home.arpa'. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] RFC 8735 and Dnsmasq
Hi, I was wondering what is the state of (1) with regard to Dnsmasq? Any help is appriciated. 1) https://tools.ietf.org/html/rfc8375 -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Obtain IP from DHCP sever but set DNS servers statically with dnsmasq.
On 11/27/2019 11:26 AM, Hongyi Zhao wrote: > Hi, > > I use ubuntu 19.10, and the default network settings is using dhcp. > The info is as follows: > > $ nmcli > enp2s0: connected to Wired connection 1 > "Realtek RTL8111/8168/8411" > ethernet (r8169), 30:9C:23:2E:1A:E5, hw, mtu 1500 > ip4 default > inet4 172.16.0.157/24 > route4 0.0.0.0/0 > route4 172.16.0.0/24 > route4 169.254.0.0/16 > inet6 fe80::8eec:33ef:676e:e4d7/64 > route6 fe80::/64 > route6 ff00::/8 > > lo: unmanaged > "lo" > loopback (unknown), 00:00:00:00:00:00, sw, mtu 65536 > > DNS configuration: > servers: 172.16.0.1 > interface: enp2s0 > > > However, I want to set one locally dns server which listening on > 127.0.0.1:53, and at the same time using the dhcp method to obtain ip > for my case. > > How to do this job with dnsmasq? > As far as I understand your question, this looks to me like you should fiddle with your dhcp client and not with Dnsmasq. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] I've lost my ability to resolve local machine names without a domain suffix
On 10/20/2019 10:15 AM, Chris Green wrote: > On Sun, Oct 20, 2019 at 08:59:03AM +0200, Geert Stappers wrote: >> On Sat, Oct 19, 2019 at 10:21:26PM +0100, Chris Green wrote: >>> >>> So why does my laptop have *two* "search zbmc.eu" lines in >>> /etc/resolv.conf whereas other machines only have one? >> >> Yes, your laptop and your other machines in your network. >> > Only my laptop gets *two* "search zbmc.eu" lines, all the other > machines (well, all two of them that are actual accessible computers > running Linux) have only one "search zbmc.eu" which seems more > reasonable. > > >> >>> Also, how does this line get added to /etc/resolv.conf? >> >> Welcome to the wonderful world of the server-client-concept. >> >> The DHCP client does a "DHCP request", DHCP server (Dnsmasq) answers. >> In the reply are >> https://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol#Client_configuration_parameters >> >> such as code 15 (domain) and code 119 (domain search). >> Client uses the recieved configuration parameters (where it seems fit). >> > OK, yes, I supposed that must be the way it happens. I guess for some > reason my laptop is doing something odd/wrong. In fact I've just had > a thought, it maybe connects using WiFi sometimes and using a wired > connection at other times. It could well be that it sends out a DHCP > broadcast request for both wired and WiFi connections. > > >> Check in the manual page of Dnsmasq the section "--domain". It starts >> with: "Specifies DNS domains for the DHCP server." and contains >> | In addition, when a suffix is set then hostnames without a domain part >> | have the suffix added as an optional domain part. Eg on my network I >> | can set --domain=thekelleys.org.uk and have a machine whose DHCP >> | hostname is "laptop". The IP address for that machine is available >> | from dnsmasq both as "laptop" and "laptop.thekelleys.org.uk". >> That gives some information about _server_ side. >> > I don't add any command line options to dnsmasq, my changes to the > defaults in /etc/dnsmasq.conf are as follows:- > > domain-needed > bogus-priv > expand-hosts > domain=zbmc.eu > dhcp-range=192.168.1.80,192.168.1.127,12h > dhcp-option=3,192.168.1.1 > dhcp-authoritative > local=/zbmc.eu/ > cname=bbb,beaglebone > cname=mx201,maxine-X201 > cname=ben,DESKTOP-978VD5M > cname=oki,MC342-AE529C > dhcp-host=00:BB:3A:E9:A3:15,maxineKindle > dhcp-host=00:09:B0:C9:CE:81,onkyoTx-nr616 > dhcp-host=28:EF:01:2D:EB:07,chrisKindle > dhcp-host=08:EB:74:9D:47:53,humaxFreeview > dhcp-host=2C:08:8C:CC:9A:9E,humaxYouview > dhcp-host=00:1F:E2:4E:8F:CA,maxineStudy > dhcp-host=AC:AE:19:2C:3F:5A,roku > dhcp-host=10:FE:ED:63:29:74,TL-WA7210 > dhcp-host=00:25:36:AE:52:9C,192.168.1.50 > > So I have a domain= like you. > >> What happens at _client_ side, actually happens at _client_ side. >> > Yes, of course, and it seems to be all OK now after restarting > everything (but no other changes) so *something* had got out of kilter > so that unqualified names weren't working but was fixed by the reboots. > It may well be that upgrades (that don't usually require restarts on > Linux) had got some systemd bits in a tangle which a restart sorted out. > >> >>> ... and why doesn't a local name only work on the machine running dnsmasq? >> >> Sorry, can't parse that question. If the question was >> } ... and why does a local name only work on the machine running dnsmasq? >> or >>> ... and why doesn't a local name work on the machine running dnsmasq? >> say so. Yes, do put effort in asking a question.[1] >> > Asking for the address of an unqualified name on the machine running > dnsmasq fails:- > > chris@newdns$ host esprimo > Host esprimo not found: 3(NXDOMAIN) > chris@newdns$ host esprimo.zbmc.eu > esprimo.zbmc.eu has address 192.168.1.3 > chris@newdns$ > > Is there any way to fix this? It's not incredibly impoprtant because > I only rarely do anything (as in log in and run programs) on that > machine but it would be nice if it worked the same as the other > machines on the LAN. > > It's presumably down to the order in which it runs its client DHCP > requests versus when dnsmasq starts so that it can answer itself. > You are not using 'dhcp-fqdn' (1)? 1) http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dnsmasq won't run on Debian 10.1 buster
Last call, I won't bother answering you if you don't post through the list. On 10/14/2019 10:04 AM, Guillaume B. wrote: > Hi John, > > Yes I have looked at syslog when the connection is not working, that's how > I knew I received a DHCPNAK instead of a DHCPACK. Also it seems like IPV6 > addresses are called for some reason I don't understand. In that case that > all IPV6 on my computer. > This does not make sense, please share those messages with us. I would remove the listen directive and use 'bind-interfaces' instead . Note that the lo interface refers to IPv4 and IPv6, so in your case I would try to use exclusively the following directives > In my config I set interface=lo, listen_address=127.0.0.1 and > no-dhcp-interface=lo to make extra sure, but even then the problem > persists, I have tried both with a configed file and a virgin file, both > did not work. > > I would I go about disabling the internal DHCP server on Debian 10.1 ? > The above directive does take care of that. > By sorting things out without NM do you mean taking out the dns=dnsmasq out > of NetworkManager.conf and only uncomment the prepend domain-name-servers > 127.0.0.1 option in /etc/dhcp/dhclient.conf or getting rid of > NetworkManager and trying to connect without it ? > What I'm implying here is to remove/disable Networkmanager altogether. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dnsmasq won't run on Debian 10.1 buster
On 10/14/2019 7:33 AM, john doe wrote: > Please post through the list. > > On 10/13/2019 10:17 PM, Guillaume B. wrote: >> Hi John, >> >> Sorry for the late reply I got caught up with multiple reinstals of Debian >> images. >> >> I need dnsmasq for its min-cache-ttl option and other options like >> clear-on-reload, stop-dns-rebind and dns-loop-detect, that can't be >> configured with solely dnsmasq-base. >> >> I tried installing resolvconf and kept it virgin but it didn't change the >> fact that with dnsmasq installed I still couldn't get a DHCP lease from my >> router. Maybe you have some configuration options for resolvconf to suggest >> me for it to work. >> >> Same as number one, I want to use dnsmasq for its extra options. >> > > I don't see how I can help you further other then: > - Have you looked in the log when it is not working > - The internet (the one connected to your upstream dhcp server) > interface is 'excluded' ('except-interface=') > > If my understanding is correct you only need the DNS capability of > dnsmasq, consider disabling the internal DHCP server. > > > If I may, I would sort things out without NM then I would bring it back > into the mix! :) > > P.S. > > Posting on 'debian-user' maling list might be useful because it does > look to me like it is a Dnsmasq issue. > Should be 'does not'. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dnsmasq won't run on Debian 10.1 buster
Please post through the list. On 10/13/2019 10:17 PM, Guillaume B. wrote: > Hi John, > > Sorry for the late reply I got caught up with multiple reinstals of Debian > images. > > I need dnsmasq for its min-cache-ttl option and other options like > clear-on-reload, stop-dns-rebind and dns-loop-detect, that can't be > configured with solely dnsmasq-base. > > I tried installing resolvconf and kept it virgin but it didn't change the > fact that with dnsmasq installed I still couldn't get a DHCP lease from my > router. Maybe you have some configuration options for resolvconf to suggest > me for it to work. > > Same as number one, I want to use dnsmasq for its extra options. > I don't see how I can help you further other then: - Have you looked in the log when it is not working - The internet (the one connected to your upstream dhcp server) interface is 'excluded' ('except-interface=') If my understanding is correct you only need the DNS capability of dnsmasq, consider disabling the internal DHCP server. If I may, I would sort things out without NM then I would bring it back into the mix! :) P.S. Posting on 'debian-user' maling list might be useful because it does look to me like it is a Dnsmasq issue. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dnsmasq won't run on Debian 10.1 buster
On 10/11/2019 5:09 PM, Guillaume B. wrote: > Hello, > > First time subscriber here. > > I have issues with dnsmasq not working in Debian 10.1 buster. dnsmasq-base > works fine with "dns=dnsmasq" set in NetworkManager.conf (that is I can > query the upstream server and cache the dns addresses locally) but as soon > as I install dnsmasq, the network won't work. It seems like I cannot get a > DHCP lease from my router and I only receive a DHCPNAK reply instead of the > normal DHCPACK which allows me to connect to the internet. > Looks like your are mixing the dhcp/dns server 'dnsmasq' with 'dhcp client', the dhcp client will get a lease from the upstream server and dnsmasq will take care of ip addressing and dns for the hosts that are behind dnsmasq server. On Debian the dhcp client is per default 'dhclient'. > I have tried different options set in dnsmasq.conf but even a virgin list > won't work, the network connection simply does not happen and > NetworkManager won't even register any addresses in /etc/resolv.conf, it > just leaves it blank (even when I manually set the local dns to 127.0.0.1 > and the upstream to my router's address it won't work). > - Why do you need dnsmasq and not simply 'dnsmasq-base'? - Did you install the 'resolvconf' package (NM/resolvconf is handling '/etc/resolv.conf')? - Why do you want to use dnsmasq on a host where networkmanager is installed? -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] 1 IP for all requests
On 10/4/2019 1:25 AM, Geert Stappers wrote: > On Thu, Oct 03, 2019 at 06:01:17PM -0500, Carl Karsten wrote: >> On Thu, Oct 3, 2019 at 4:54 PM Geert Stappers wrote: >>> On Thu, Oct 03, 2019 at 03:52:35PM -0500, Carl Karsten wrote: >>>> I want to know if this is in spec, or needs out of spec hacks: >>>> >>>> For any dhcp client request, server gives the same IP. >>>> >>>> The use case: dnsmasq is serving on 1 interface, and a client will be >>>> directly connected to that interface - no hub/switch/vlan etc. So there can >>>> only be 1 device ever connected, and I want that device to have 10.1.2.3 >>>> - even if I yank it and plug in a 2nd device with a different mac etc. >>>> The device should get 10.1.2.3. >>>> >>>> Even if the previous lease has not expired.which is where I suspect >>>> this gets sketchy. But maybe the spec has a prevision for this. >>>> >>> >>> Quoting manual page of dnsmasq >>> >>> >>> --dhcp-range=[tag:[,tag:],][set:,][,|][,[,]][,>> time>] >>> >>> >>>> I want to know if this is in spec, or needs out of spec hacks: >>> >>> Please let us, the mailinglist archive, know if >>> >>> dhcp-range=10.1.2.3,10.1.2.3,255.255.255.248 >>> >>> serves the request. >> >> What I don't know is how the lease comes into play >> when the 2nd machine comes on line. > To always get the same Ip address regardless of the device you connect to the server you could try the following (untested): dhcp-range=192.168.1.4,192.168.1.4,1m -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] upstream dns referral?
On 10/3/2019 8:41 PM, bjh wrote: > Hi John, > > Thanks for the quick response. > > >> On the Dnsmasq server what gives the following command: >> >> $ host google.com >> >> > > > > pi@RPi4:/etc/dnsmasq.d $ host google.com > ;; connection timed out; no servers could be reached > pi@RPi4:/etc/dnsmasq.d $ > > Please keep it through the list so others can learn as well! :) Looks like the issue is DNS related and not Dnsmasq related. So you need to understand why DNS is not working on your Dnsmasq server. Try renewing the client lease on the Dnsmasq server with what ever DHCP client the pie uses: $ dhclient -r && dhclient -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] upstream dns referral?
On 10/3/2019 7:15 PM, bjh wrote: > Hi, > > I have a dnsmasq installation, running on a dedicated raspberry pi, that > has served me well for almost exactly one year now, until midday > yesterday when it apparently stopped referring queries to upstream DNS > servers. I have been relying on this dnsmasq setup to do dhcp and dns > for my home lan of about 20 clients since Oct 2018. As I said, it has > worked flawlessly until yesterday. I have of course done restarts and > power cycles to the pi and dnsmasq service but to no avail. > > DHCP and local DNS queries still seem to work on this dnsmasq installation. > > I haven't made any changes to my network or this pi lately, so I am > rather mystified as to what has caused dnsmasq to behave differently all > of a sudden. As a workaround, I have had to go to important client > machines on my lan and set them up with OPENDNS DNS addresses so they > can continue to function while I fix this. > > As a complete dnsmasq newbie, I set the dnsmasq up in Oct 2018, with the > help of an internet article that I can no longer find. It recommended > leaving /etc/dnsmasq.conf alone and putting all site specific config > data into /etc/dnsmasq.d/home.dns. This is what I did, see attached. > File /etc/dnsmasq.conf remains unchanged from how the installer program > left it, with most if not all features commented out. > > The /etc/dnsmasq.d/home.dns file is pretty simple but it doesn't > explicitly set up any referrals to upstream dns servers. > > Quite frankly, I never really understood how dnsmasq knew where to send > queries it couldn't resolve by itself. It was working, till now, though, > so I went on to other things and forgot about it. > > My question now is this: > > What do I need to add to home.dns to explicitly tell dnsmasq the ip > addresses of upstream DNS server(s) and authorize it to refer locally > unresolvable queries to it/them? > > Other thoughts or observations germane to this mystery would also be of > interest. > On the Dnsmasq server what gives the following command: $ host google.com To answer your question: You will need to use the 'server' directive', something like: server= Is there all there is in your home.dns file? If so, I would suggest you to get rid of it and start fresh by modifying '/etc/dnsmasq.conf'. My guess is that Dnsmasq is not the issue here,, but the file '/etc/resolv.conf' is not properly populated. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [patch] empty empty lines
On 9/30/2019 4:50 PM, Simon Kelley wrote: > To be clear, I have no objection to this sort of patch/suggestion. > > It should be fairly clear, however, that my available time to work on > dnsmasq at the moment is limited, and stuff like this is not a priority, > and likely to be pushed to the back of the queue, possibly so far that > it never emerges again. > > If we're going to do this, the first stage is probably to add hooks to > git to run expand (for tabs) and this filter on all NEW commits. Then > we won't ever have to do that again. > > As that filter will make massive updates to existing code, we'll have > to take a one-time commit across the codebase to get everything fixed > once. Otherwise the filters will adding lots of extra formatting changes > to other commits as they touch files, which is not good. > > So, let's come to a consensus if a one-time clean up commit across the > codebase is a price worth paying to fix the formatting issues, and if it > is, work out how to add automatic filters to git to keep things clean > afterwards. If anyone has experience of that, I'd like to hear. > The way I see things which is up for debate: - Everyone that is committing to the project would need to use a Git hook that would avoid committing if the code is not conform to the standard used by the project The pre-commit hook '.git/hooks/pre-commit' would need to be modified to fit the coding stile required by the project which means that patch that does not comply to the coding stile will be rejected. The above is only for new code that would be added, now to the question of modifying code already pushed: If we choose to reformat old pushed code, one commit should be created including all the formatting issues then testing will need to be done to verify that the commit in question does not introduce regression, reformatting old code is questionable to say the lease. As an aside: It looks like tag are not gpg signed -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [patch] empty empty lines
Botom-posting. On 9/30/2019 2:11 PM, Petr Mensik wrote: > Hi John, > > dnsmasq is quite interesting piece of software. It is used by lot > different kind of projects. I think noone objected dnsmasq isn't useful > or Simon does not work on it. > > But as with everything, there is always some space for improvements. > There is no reason why Simon should stop working on project just because > we have seen some issues. > > Though Simon has specific code style that is unusual on different > project. It is his decision, okay with that. Just keep the codebase > consistent. > > When I am against forced reformatting like someone here suggested, I > think some easy checks might be done before commiting changes. For > example, git diff would show in red whitespaces on lines without > anything else or after code before end of line. These are not nice and I > would like them removed. > > I think we all understand this is open source project. We are just > trying to make code more readable and nicer. We also offer helping hands. > > Are you sure we should stop that? > > Cheers, > Petr > > On 9/15/19 6:32 PM, john doe wrote: >> On 9/15/2019 5:45 PM, Geert Stappers wrote: >>> On Sun, Sep 08, 2019 at 02:25:18PM +0200, Geert Stappers wrote: >>>> On Sun, Sep 08, 2019 at 02:17:23PM +0200, Geert Stappers wrote: >>>>> Made empty lines that had only spaces or tabs truely empty >>>>> with `sed --in-place -e 's/^[ \t]*$//' src/*.c` >>>> >>>> | $ sed --in-place -e 's/^[ \t]*$//' src/*.c >>>> | $ git diff | wc >>>> | 21648 76730 597015 >>>> >>>> 597015 is to big for the current settings of the mailing list. >>>> >>>> >>>> So please use the previous posting as commit message. >>>> >>> >>> Or "copy and paste" this >>> >>> sed --in-place -e 's/^[ \t]*$//' src/*.c >>> git add src/*.c >>> git commit --author "Geert Stappers " -m "empty empty >>> lines >>> >>> Made empty lines that had only spaces or tabs truely empty >>> with \`sed --in-place -e 's/^[ \t]*$//' src/*.c\`." >>> >>> ___ >> >> Please do stop, has Simon and other has pointed out, there are no >> reasons for Simon to change his way of working especially given the >> outstanding work he is doing with the project. >> >> -- >> John Doe >> >> ___ I have no argument with what you said above, if Simon is willing to use 'git diff --check' or using the 'pre-commit' hook that would be awsome. The above 'sed' snippet code was to modify code already pushed and not to help Simon improving the code consistency in the future! :) -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] DHCP: Allocate from different IP pools depending on MAC address
On 9/27/2019 3:04 PM, Olivier wrote: > Hello, > > I've got several Debian hosts using ISC DHCP server. > > In those, I'm currently using the following feature: > "when a requesting host MAC address ends with 00, use group 0 > when a requesting host MAC address ends with 01, use group 1 > when a requesting host MAC address ends with 02, use group 0 > when a requesting host MAC address ends with 03 use group 1 > ... > when a requesting host MAC address ends with ff, use group 1 > for hosts from group 0, allocate from pool 192.168.1.1-50 > for hosts from group 1, allocate from pool 192.168.1.101-150" > > In dhcpd.configuration, this translates to > class "guest0" { >match suffix(hardware, 1); > } > > class "guest1" { >match suffix(hardware, 1); > } > > subclass "guest0" 00; > subclass "guest1" 01; > subclass "guest0" 02; > subclass "guest1" 03; > ... > pool { > allow members of "guest0"; > range 192.168.1.1-50 192.168.1.50; > } > pool { > allow members of "guest1"; > range 192.168.1.101 192.168.1.150; > } > > As you may guess, requesting devices are unknown when DHCP server is > configured and using two different IP pools allows rough dispatching > devices among available WAN links. > > Is it something that can be reproduced with Dnsmasq ? > Suggestions ? > I guess a conbination of tags and wildcard in 'dhcp-host' option should do what you want. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dnsmasq coding style
On 9/26/2019 7:47 PM, Maarten de Vries wrote: > > On 26-09-2019 18:03, Kurt H Maier wrote: >> On Thu, Sep 26, 2019 at 03:10:00PM +0300, Ariel Miculas wrote: >>> What about the issue regarding trailing whitespaces? There are empty >>> lines >>> which have random tabs/spaces, also there are spaces before newline >>> characters. >>> What is the rationale against removing trailing whitespaces? >> This stuff only matters if your tooling is broken. >> >> khm > > Which is my it matters for open source projects. There will be people > with broken tooling that commit trailing whitespace. > That is the issue, simply use a hook to avoied that 'pre-commit' in this case. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dnsmasq coding style
On 9/26/2019 12:23 PM, kingarley . wrote: > Hello, > > As I'm reading through dnsmasq's codebase, something that bothers me is the > mix of tabs and spaces and also the trailing whitespace. > There are tools that make it easy to adhere to a coding style, so this > issue can be fixed quite easily. > For example, http://astyle.sourceforge.net/ could be used, picking a coding > style and sticking to it. This topick was recently discust on this very mailing list, please have a look in the mailing list archive. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [patch] empty empty lines
On 9/15/2019 5:45 PM, Geert Stappers wrote: > On Sun, Sep 08, 2019 at 02:25:18PM +0200, Geert Stappers wrote: >> On Sun, Sep 08, 2019 at 02:17:23PM +0200, Geert Stappers wrote: >>> Made empty lines that had only spaces or tabs truely empty >>> with `sed --in-place -e 's/^[ \t]*$//' src/*.c` >> >> | $ sed --in-place -e 's/^[ \t]*$//' src/*.c >> | $ git diff | wc >> | 21648 76730 597015 >> >> 597015 is to big for the current settings of the mailing list. >> >> >> So please use the previous posting as commit message. >> > > Or "copy and paste" this > > sed --in-place -e 's/^[ \t]*$//' src/*.c > git add src/*.c > git commit --author "Geert Stappers " -m "empty empty > lines > > Made empty lines that had only spaces or tabs truely empty > with \`sed --in-place -e 's/^[ \t]*$//' src/*.c\`." > > ___ Please do stop, has Simon and other has pointed out, there are no reasons for Simon to change his way of working especially given the outstanding work he is doing with the project. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] code style
On 9/7/2019 6:25 PM, Shota Hino wrote: > Whatever the width of the tab is, converting all tabs to whitespaces (or > the other way around) would be better. > If code formatting was forced at the time of each commit, there would be no > need for anybody to set the tab width on their editor. > Consistent coding style will help more developers in the future. > > > I agree, consistent code is best, clear guideline could be usefull for new code. Simon Kelley, the belligerent dictator of the Dnsmasq project will need to way in on such changes though. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] How to force release/renew IP from dnsmasq
On 8/14/2019 3:41 AM, dnsmasqyq@neverbox.com wrote: > I need my local machine to obtain a new/correct IP from dnsmasq. > > Basically I've given all my local machines static IPs from the dnsmasq server. > > However, some obtained dynamic IPs prior to I giving them static IPs, > but now I have no way to have them changed to the new given static > IPs. > > I've stopped then started local NetworkManager, and according to > > https://www.linuxquestions.org/questions/linux-newbie-8/dnsmasq-force-release-renew-of-dhcp-clients-how-933535/ > https://serverfault.com/questions/739022/how-do-i-manually-release-a-dhcp-lease-on-the-dhcp-server-itself > > I've stopped then started the dnsmasq server itself, and clear the > dnsmasq.leases file in between as well. > > But still, nothing worked. > > This is what I am at now: > > $ systemctl status dnsmasq | tail -1 > Aug 13 21:23:14 maroon dnsmasq-dhcp[17588]: not giving name coral to > the DHCP lease of 192.168.0.89 because the name exists in > /etc/dnsmasq.hosts with address 192.168.0.102 > > yet: > > $ cat /var/lib/misc/dnsmasq.leases > 1566177794 90:b1:...:1f 192.168.0.89 coral * > > and `192.168.0.89` is the IP I got at coral. > > PS. the coral lease has been the following before, prior to I clear > the dnsmasq.leases file: > > 1566176399 90:b1:...:1f 192.168.0.89 coral 01:90:...:1f > > Moreover, I've try to run the following `dhcp_release` command at the > dnsmasq server before all these: > > dhcp_release eth0 192.168.0.89 90:b1:...:1f '*' > Idealy you would release the lease on the client or wait untill the lease expire on the client. This question was asked befor on the list and some other answers are in the list archive. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Dnsmasq-discuss Digest, Vol 171, Issue 12
On 8/8/2019 5:19 PM, Robert Shelton (NexusNet) wrote: > > Yes Bind is an option, but I've used dnsmasq successfully for years now > and it has served my network well. OpenWRT GUI is an interesting > approach. I'm just looking for an efficient web alternative to short-cut > the ssh / sudo / nano steps. Sure, manual works, but everything else on > my SDN is managed by GUI. Unfortunately the SDN vendor's software, while > offering dnsmasq as a dns/dhcp option, provides no supporting GUI > either. Also doesn't provide for redundant dns servers. So I've been > running dnsmasq in a VM, and am planning to sort out fail-over in the > good old fashioned way! :) > If that is all that you want, why not simply using on the server 'dhcp-hostdir' (1) directive and pushing your modified file when necessary. If you use a VM, what you could do is to use the dnsmasq capability of OpenWrt/OMV (2) to handle DHCP and DNS on your network. To clarify an earlier point, with (3, 'Text Editor') you could modify '/etc/dnsmasq.conf' from within Webmin. 1) http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html 2) http://omv-extras.org/joomla/index.php/omv-plugins-4 3) http://www.webmin.com/cgi-bin/search_third.cgi?modules=1 P.S. I brought up Bind only because it is supported in Webmin. The same is also true for 'isc-dhcp-server'. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Web interface for DNSmasq
On 8/7/2019 11:29 PM, Robert Shelton (NexusNet) wrote: > I am looking for a web interface for DNSmasq. I found and successfully > installed webmin only to discover that the DNSmasq module appears to be > old and currently unavailable. Can anyone point me to a solution - need > not be webmin, although that looks like a nice/useful admin tool that > I'd be happy to use for DNS admin. > The following URLs are untested: https://github.com/SloCompTech/dnsmasq-gui https://github.com/TimJuni/webdnsmasq OpenWrt uses Dnsmasq and can be configured using the GUI. An other approach is to edit, for example, '/etc/dnsmasq.conf' manually but you still need to remember the command to put in the file. You can do that in Webmin by editing the file directly even if there is no support for Dnsmasq. P.S. If you insist on using the GUI, you might consider Bind. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] OT: Configuring my network interface
On 8/5/2019 4:02 PM, dnsmasqyq@neverbox.com wrote: > Thanks *every one of you* who replied / helped. > > So it turns out to be a no-issue, just I didn't understand the proper > way to use `dig`. > > On Mon, Aug 5, 2019 at 6:22 AM john doe wrote: >> >> On 8/5/2019 9:05 AM, Geert Stappers wrote: > >>>>>>>> >>>>>>> So how do I make sure that the domain name always gets added, in my >>>>>>> DHCP/DNS server configuration? >>>>>> >>>>>> Wrong question. Probably due jumping to conclusions. >>>>>> >>>>>> Show us, this mailinglist, the content of /etc/resolv.conf >>>>>> Output of `dig foo`, `dig foo.my.domain.tld` and `ping -c 3 foo`. >>>>>> Where 'foo' is host known at the local DNS. >>>>> >>>>> - - - - - - >>>>> $ cat /etc/resolv.conf >>>>> # Dynamic resolv.conf(5) file for glibc resolver(3) generated by >>>>> resolvconf(8) >>>>> # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN >>>>> # 127.0.0.53 is the systemd-resolved stub resolver. >>>>> # run "systemd-resolve --status" to see details about the actual >>>>> nameservers. >>>>> nameserver 127.0.0.53 >>>>> search my.domain.tld >>>>> >> >> Based on the above: >> >> how are your interfaces configured (NetworkManager, systemd-network, >> /etc/network/interfaces, ...)? > > Good question, I do remember that I configured my network interface > (eth0) via NetworkManager *on the server side*, but I don't recall > doing anything on the client side. Maybe I'm taking everything by > default? How can I confirm that? > > - my "/etc/network/interfaces" is not touched, still contains nothing > but comments > - I do have a "/etc/NetworkManager/system-connections/Wired\ > connection\ 1" file, but I have no recollection whether I created it > or system created it for me. > - I do remember, when things "didn't work out", I installed the > 'resolvconf' package again -- previously I always remove it without > seeing much side effects. > >> Normally, 'systemd-resolved' is only to be used when 'systemd-networkd' >> is used. > > So my "/etc/resolv.conf" is controlled by 'systemd-resolved', but I > have no idea what/how 'systemd-networkd' is/works. hmm > >> So, assuming that you only configured your interfaces using NM, you need >> to look at NM and the 'resolvconf' package. >> That is, stay with systemd or NM, or /etc/network/interfaces but avoid >> mixing them if possible. > > This is the fist time I am hearing this! as the content on the > Internet will tell you to add this or add that, without telling you > why. So if I want to keep my *client* system clean, without mixing > them and not having extra packages, what shall I do? Would staying > with systemd (not NM) work? (for normal cases like taking my Laptop > around). > Assuming that your laptop uses Gnome or Mate or other DE, a reasonable approach would be to understand what the GUI used to manage your interfaces and stick to it. In most cases, a CLI version is also available. > Further on that, seems to me previously Ubuntu use > NetworkManager+dnsmasq.base for local DNS caching, but now it is > moving to pure systemd based as well, for local DNS caching, right? > I don't use ubuntu, sorry. That having been said, googling doesn't look to corroborate that fact (where are you seeing that (URL?)). > All in all, what's the recommended way to configured my network > interface of my client system with modern Ubuntu/Debian? > Sadly, there is none! :) As a rule of thum I try to keep in mind the following: - Desktop environment (Gnome,Mate,...) = using GUI or CLI to configure interfaces - '/etc/systemd/network' = 'systemd-networkd' and maybe 'systemd-resolved' - '/etc/network/interfaces' = "Old way" to manage interfaces in combination with a dhcp client There are multiple ways to configure an interface, the one that you will use depens on the pkgs you install on the host. When I install a host I need to understand how dhcp client works, that way, I know how the dhcp client lease and dns are configured. Also, the 'resolvconf' package might also come into play. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Local dnsmasq server not utilized by Ubuntu
On 8/5/2019 9:05 AM, Geert Stappers wrote: > On Sun, Aug 04, 2019 at 11:19:22PM -0500, Andrew Miskell wrote: >> On Aug 4, 2019, at 10:13 PM, dnsmasqyq@neverbox.com wrote: >>> On Sun, Aug 4, 2019 at 7:10 PM Geert Stappers wrote: >>>> On Aug 4, 2019, dnsmasqyq@neverbox.com wrote: >>>>>> >>>>>> }} . "problem" mostly being calling it a problem >>>>>> }} . "got foo, was expecting bar, why" for the next time >>>>>> >>>>> So how do I make sure that the domain name always gets added, in my >>>>> DHCP/DNS server configuration? >>>> >>>> Wrong question. Probably due jumping to conclusions. >>>> >>>> Show us, this mailinglist, the content of /etc/resolv.conf >>>> Output of `dig foo`, `dig foo.my.domain.tld` and `ping -c 3 foo`. >>>> Where 'foo' is host known at the local DNS. >>> >>> - - - - - - >>> $ cat /etc/resolv.conf >>> # Dynamic resolv.conf(5) file for glibc resolver(3) generated by >>> resolvconf(8) >>> # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN >>> # 127.0.0.53 is the systemd-resolved stub resolver. >>> # run "systemd-resolve --status" to see details about the actual >>> nameservers. >>> nameserver 127.0.0.53 >>> search my.domain.tld >>> Based on the above: how are your interfaces configured (NetworkManager, systemd-network, /etc/network/interfaces, ...)? Normally, 'systemd-resolved' is only to be used when 'systemd-networkd' is used. So, assuming that you only configured your interfaces using NM, you need to look at NM and the 'resolvconf' package. That is, stay with systemd or NM, or /etc/network/interfaces but avoid mixing them if possible. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Local dnsmasq server not utilized by Ubuntu
On 8/4/2019 9:04 PM, dnsmasqyq@neverbox.com wrote: > Hi, > > Thanks a lot for all your replies. > > Sorry I wasn't very clear first as I don't know if anyone would > read/reply. Here is my reply to you one by one, but at this single > place. > > On Sun, Aug 4, 2019 at 1:36 PM Daniel Huhardeaux wrote: >> >>> Hi, >>> >>> I know this is not a dnsmasq issue per se, but all my machines are >>> Ubuntu based and they all can't utilized the local dnsmasq server that >>> I setup for my LAN, which literally making my local dnsmasq server >>> useless. > >> systemd-resolve is irrelevant to the OP's question, it provides local > 'on the machine' DNS caching. What the OP wants is 'local on his LAN' DNS... > > Sorry I wasn't very clear in my OP -- I've setup my local dnsmasq > server (DHCP/DNS) correctly. All my Ubuntu machines are picking up IPs > from my dnsmasq DHCP server. Just they don't use my dnsmasq DNS > server. > >>> The problem is that the NetworkManager that Ubuntu uses insists to use >>> its own DNS server, which is 127.0.0.53, not the DHCP/DNS server I >>> setup for my LAN. > >> Most likely you are looking at `systemd-resolved`. Consider > that "local DNS". It still needs an upstream DNS. > > Yes, I believe so. the 127.0.0.53 is used, and I can confirm that > whether the `resolvconf` is installed or not. The problem is that, > `systemd-resolved`'s upstream DNS is suppose to be my LAN dnsmasq > server (DHCP/DNS), at least I hope so, but it is not somehow, and this > is the exact problem I'm trying to solve/figure out why. > > Why I say the upstream DNS is not my LAN dnsmasq DNS server? Because > when I `dig` for my local machine names, including the LAN dnsmasq > server itself, I get nothing in the `ANSWER SECTION` section, unless I > manually switch the `nameserver` entry in /etc/resolv.conf in *my > clients machines* to my LAN dnsmasq server. Then everything works. > >>> I'm wondering how you guys solved such problems, since you are using >>> dnsmasq server just fine. I had been asking such questions at the >>> Ubuntu and NetworkManager side multiple times at multiple places, but >>> have never been able to get a straight/working answer. >> >> Hello. >> >> It's not a NetworkManager nor an Ubuntu problem: you have >> systemd-resolve installed on your machine (guess Ubuntu 18.04) which >> uses 127.0.0.53 as IP for DNS. You have to go in /etc/systemd and adapt >> the resolved.conf file to put your dnsmasq IP server as DNS. > > Yes, exactly I'm using Ubuntu 18.04, thus systemd-resolve. So, > > How to adapt the resolved.conf file so that my modification survive > reboot, and not hard-coding anything as when I take my laptop else > where, I don't want it still pointing to my home LAN dnsmasq server? > Lookat the 'resolvconf' package if it is installed. Basically, look at the top of /etc/resolv.conf to see what is handeling it. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss