Re: [Dnsmasq-discuss] dnsmasq.service: Control process exited, code=exited, status=127/n/a

2023-07-10 Thread Andrew Miskell via Dnsmasq-discuss 


> On Jul 10, 2023, at 3:34 PM, dnsmasqyq@neverbox.com wrote:
> 
> It's my own problem.
> 
> On Mon, Jul 10, 2023 at 3:57 PM Tong Sun wrote:
> 
>> Sure, but I'd like to rule out that it's because of my own *unusual* use
>> case, that my network device is not eth0 but br0 instead.
>> 
>> And it turns out to be exactly the root cause --
>> 
>> reverting from br0 to eth0 & reboot, then do the following
>> 
>> sudo apt install -y --reinstall dnsmasq-base dnsmasq
>> 
>> and it finished without any issue, while previously it was just impossible.
>> 
>> Ref, switching my network device from eth0 to br0 is done via following
>> https://linuxconfig.org/how-to-use-bridged-networking-with-libvirt-and-kvm
> 
> Hmm... redid my steps in a clean VM and it works just fine. So,
> 
>> I'm now more inclined to think it is dnsmasq's problem, not Debian
>> packaging's problem. Comments?
> 
> It's my own problem.
> 
> Sorry about the noise.
> 
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Were you using a migrated configuration file or a fresh configuration file on 
the original VM? You might have had a configuration line which was telling 
dnsmasq to bind to a specific interface and that interface wasn’t available on 
the system.

I think by default, the configuration file in most packages don’t specify an 
interface to bind to, so dnsmasq will bind to all available interfaces.
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] dnsmasq reverse auth zone transfers

2023-03-31 Thread Andrew Miskell via Dnsmasq-discuss 
You technically don’t need a zone transfer, you can use a conditional forwarder 
on the Active Directory DNS. Setup a conditional forwarder for casa.lan and 
point it to the IP of your router where dnsmasq is running. After that, when AD 
DNS receives a query for anything in the casa.lan domain, it’ll forward the 
query to dnsmasq and it’ll respond with the appropriate IP address.

More details: 
https://www.interfacett.com/blogs/windows-server-how-to-configure-a-conditional-forwarder-in-dns/

> On Mar 31, 2023, at 10:25 AM, Juanca  wrote:
> 
> 
> 
> El vie, 31 mar 2023 a las 2:45, Andrew Miskell ( <mailto:andrewmisk...@mac.com>>) escribió:
>> What exactly are you trying to accomplish? Your windows clients to be able 
>> to resolve the clients on your router’s domain (casa.lan) via DNS?
>> Yes, this is what I need, but I'm unable to list the clients from the 
>> dominio.lab windows server machine.
>> 
>> 
>> 
>> Sent from my iPhone
>> 
>>> On Mar 30, 2023, at 18:45, Juanca >> <mailto:emaildejua...@gmail.com>> wrote:
>>> 
>>> 
>>> I appreciate these tips
>>> 
>>> Do you think that I should write a new post?
>>> 
>>> 
>>> Thanks!!
>>> 
>>> 
>>> Regards
>>> 
>>> El vie, 31 mar 2023 a las 1:11, Geert Stappers (>> <mailto:stapp...@stappers.nl>>) escribió:
>>>> On Wed, Mar 29, 2023 at 06:25:25PM +0200, Juanca wrote:
>>>> > Hi,
>>>> > 
>>>> > I'm using dnsmasq in muy tomato router (mips arch). This is the main dns
>>>> > sever for my home (casa.lan). Also, I've a windows server lab, with a
>>>> > domain and it's own dns server as well (dominio.lab). I need the windows
>>>> > server to be able to get all the dns clients from main dns server in my
>>>> > router, so I'm trying to make a transfer zone from router to windows dns
>>>> > server. I'm facing some issues, and I've just read that dnsmasq does not
>>>> > provide reverse zone transfer. I've also just found a fork that says toi 
>>>> > be
>>>> > able to make it possible (basezen/dnsmasq: Fork of Simon Kelley's dnsmasq
>>>> > to add IPv6 zone transfer. Proposed patch (github.com 
>>>> > <http://github.com/>)
>>>> > <https://github.com/basezen/dnsmasq>), but it seems quite complicated for
>>>> > me to compile and make it work in my router.
>>>> > 
>>>> > As you can see, I'm not an expert in dns stuff, so it's being difficult 
>>>> > to
>>>> > me to understand all options, and the way I should be configuring it.
>>>> > 
>>>> > What I really need is to make my windows server be able to "get and see"
>>>> > all my dnsmasq router's dns clients (for example, in case my router shuts
>>>> > down, and my windows server's clients should be able to resolve router's
>>>> > dns clients). Also, I'd need the very same, but viceversa, so in case of 
>>>> > my
>>>> > windows server fails, my dnsmasq router's dns server is able to resolve 
>>>> > my
>>>> > windows server's dns clients.
>>>> > 
>>>> > My question is.. 
>>>> > is it able for me to get it working without needing any patch?
>>>> 
>>>> > I'd love to have some tips from you guys.
>>>> 
>>>> Tips:
>>>>  - Do not ask others what your limits should be ( "able for me" )
>>>>  - Drop restrictions   ( "without needing any ..." )
>>>>  - Use open questions  (avoid "get it working [yes/no]" questions)
>>>> 
>>>> 
>>>> > Please, let me know if I should give you any other information
>>>> 
>>>> Tell your audience what they might be missing.
>>>> Explain them the cool thing that you want, aim for common interrest.
>>>> 
>>>> 
>>>> > Thanks a lot in advance
>>>> 
>>>> No, not accepted.
>>>> Express "thanks" when you get something usefull.
>>>> 
>>>> 
>>>> > Regards
>>>> > Juanca
>>>> 
>>>> 
>>>> 
>>>> Groeten
>>>> Geert Stappers
>>>> -- 
>>>> Silence is hard to parse
>>>> 
>>>> ___
>>>> Dnsmasq-discuss mailing list
>>>> Dnsmasq-discuss@lists.thekelleys.org.uk 
>>>> <mailto:Dnsmasq-discuss@lists.thekelleys.org.uk>
>>>> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
>>> ___
>>> Dnsmasq-discuss mailing list
>>> Dnsmasq-discuss@lists.thekelleys.org.uk 
>>> <mailto:Dnsmasq-discuss@lists.thekelleys.org.uk>
>>> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] dnsmasq reverse auth zone transfers

2023-03-30 Thread Andrew Miskell via Dnsmasq-discuss 
What exactly are you trying to accomplish? Your windows clients to be able to resolve the clients on your router’s domain (casa.lan) via DNS?Sent from my iPhoneOn Mar 30, 2023, at 18:45, Juanca  wrote:I appreciate these tipsDo you think that I should write a new post?Thanks!!RegardsEl vie, 31 mar 2023 a las 1:11, Geert Stappers () escribió:On Wed, Mar 29, 2023 at 06:25:25PM +0200, Juanca wrote:
> Hi,
> 
> I'm using dnsmasq in muy tomato router (mips arch). This is the main dns
> sever for my home (casa.lan). Also, I've a windows server lab, with a
> domain and it's own dns server as well (dominio.lab). I need the windows
> server to be able to get all the dns clients from main dns server in my
> router, so I'm trying to make a transfer zone from router to windows dns
> server. I'm facing some issues, and I've just read that dnsmasq does not
> provide reverse zone transfer. I've also just found a fork that says toi be
> able to make it possible (basezen/dnsmasq: Fork of Simon Kelley's dnsmasq
> to add IPv6 zone transfer. Proposed patch (github.com)
> ), but it seems quite complicated for
> me to compile and make it work in my router.
> 
> As you can see, I'm not an expert in dns stuff, so it's being difficult to
> me to understand all options, and the way I should be configuring it.
> 
> What I really need is to make my windows server be able to "get and see"
> all my dnsmasq router's dns clients (for example, in case my router shuts
> down, and my windows server's clients should be able to resolve router's
> dns clients). Also, I'd need the very same, but viceversa, so in case of my
> windows server fails, my dnsmasq router's dns server is able to resolve my
> windows server's dns clients.
> 
> My question is.. 
> is it able for me to get it working without needing any patch?

> I'd love to have some tips from you guys.

Tips:
 - Do not ask others what your limits should be ( "able for me" )
 - Drop restrictions   ( "without needing any ..." )
 - Use open questions  (avoid "get it working [yes/no]" questions)


> Please, let me know if I should give you any other information

Tell your audience what they might be missing.
Explain them the cool thing that you want, aim for common interrest.


> Thanks a lot in advance

No, not accepted.
Express "thanks" when you get something usefull.


> Regards
> Juanca



Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

___Dnsmasq-discuss mailing listDnsmasq-discuss@lists.thekelleys.org.ukhttps://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Feature request = block-conf

2022-02-06 Thread Andrew Miskell via Dnsmasq-discuss 


> On Feb 6, 2022, at 15:55, Ercolino de Spiacico  
> wrote:
> 
> From what version is this --conf-script made available?
> 
> root@router:/tmp# dnsmasq -v
> Dnsmasq version 2.86  Copyright (c) 2000-2021 Simon Kelley
> Compile time options: IPv6 GNU-getopt no-RTC no-DBus no-UBus no-i18n no-IDN 
> DHCP DHCPv6 no-Lua TFTP no-conntrack ipset Tomato-helper auth cryptohash 
> DNSSEC no-ID loop-detect inotify no-dumpfile
> 
> This software comes with ABSOLUTELY NO WARRANTY.
> Dnsmasq is free software, and you are welcome to redistribute it
> under the terms of the GNU General Public License, version 2 or 3.
> root@router:/tmp# dnsmasq --help | grep conf-script
> root@router:/tmp#
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

I don’t think it is actually available. I believe they were discussing the idea 
of such a feature.  
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] filter-AAAA is breaking dnsmasq

2021-10-10 Thread Andrew Miskell via Dnsmasq-discuss 
Did you verify that systemctl isn’t trying to start the old dnsmasq? What’s the 
systemd unit file for dnsmasq look like?

Sent from my iPhone

> On Oct 10, 2021, at 21:51, E  wrote:
> 
> Thanks for your reply!
> 
>> dnsmasq --help | grep -i filter to see if the option exists.
> 
> # dnsmasq --help | grep -i filter
> -f, --filterwin2k  Don't forward
> spurious DNS requests from Windows hosts.
>--filter-A Don't include
> IPv4 addresses in DNS answers.
>--filter-  Don't include
> IPv6 addresses in DNS answers.
>--stop-dns-rebind  Stop DNS
> rebinding. Filter private IP ranges when resolving.
>--connmark-allowlist-enable[=]   Enable filtering
> of DNS queries with connection-track marks
> 
> It does exist (and it should be - I pulled git & make & make install it)
> 
> # which dnsmasq
> /usr/local/sbin/dnsmasq
> 
> # dnsmasq --version
> Dnsmasq version 2.87test4-1-g37a70d3
> 
> # dnsmasq
> dnsmasq: unsupported option at line 12 of /etc/dnsmasq.conf
> 
> # service dnsmasq restart
> Job for dnsmasq.service failed because the control process exited with
> error code
> 
> # systemctl status dnsmasq.service
> ]: bad option at line 24 of /etc/dnsmasq.conf
> 
> 
> :'(
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Is it possible to merge host names on two Dnsmasq instances?

2021-09-28 Thread Andrew Miskell via Dnsmasq-discuss 


> On Sep 28, 2021, at 9:16 PM, Glen Huang  wrote:
> 
> Hi,
> 
> I have a router and a dump AP that are connected with a wire. The router has 
> two interfaces, one is for LAN (192.168.1.1/24) and the other for WAN. The AP 
> also has two interfaces, one is for LAN (192.168.1.2/24), the other for guest 
> WiFi (192.168.2.1/24). (It actually also has a LAN WiFi, but it shouldn’t be 
> relevant in this case.)
> 
> Dnsmasq runs both on the router and the AP. On the router, it provides DHCP 
> and DNS, combined, for LAN. On the AP, only DHCP is enabled for the guest 
> WiFi interface to provide 192.168.2.0/24 for clients.
> 
> My question is that with this setup, LAN clients won’t be able to resolve 
> host names on the guest WiFi, since the router Dnsmasq is not cognizant of 
> them, and it seems impossible for the router to take over guest WiFi’s DHCP, 
> since it’s based on AP’s interfaces, so is there a way to automatically 
> “merge" the host names on both Dnsmasq instances? If not, what would be an 
> elegant setup to make it work?
> 
> Regards,
> Glen
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Assuming that the guest WiFi names are using a different domain name, e.g. 
guests.home.net  then the main LAN, e.g. home.net 
. 

On the router DNSMasq create an entry that tells it to send requests for 
anything in guest.home.net  to the DNSMasq instance on 
the AP. You can also do the reverse AP DNSMasq instance to allow guests to 
lookup names in the home.net  domain.___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] NXDOMAIN is sent instead of NODATA when querying for non-existent AAAA records

2021-08-05 Thread Andrew Miskell via Dnsmasq-discuss 

> On Aug 5, 2021, at 2:45 PM, Simon Kelley  wrote:
> 
> 
> 
> On 05/08/2021 19:24, Wojtek Swiatek wrote:
>> 
>> 
>> Le jeu. 5 août 2021 à 19:41, Simon Kelley > > a écrit :
>> 
>>OK. The problem is here: using local addresses only for domain
>>swtk.info 
>> 
>>That's an easy spot because I just fixed this particular combination.
>> 
>>I guess you have something like
>> 
>>local=/swtk.info/ 
>> 
>>and dnsmasq is using this to return NXDOMAIN without checking that it
>>has more specific data for the query in other  types.
>> 
>>As a workaround, removing that configuration should make things work, at
>>the expense of extra trips to the upstream servers.
>> 
>> 
>> Thank you. The problem is that swtk.info  is also
>> declared on .info so (if I understand local= correctly), it would
>> attempt to resolve mqtt.swtk.info  on Internet.
>> Which would fail.
> 
> That's fine. mqtt.swtk.info resolves to NXDOMAIN (at least it does here)
> and when dnsmasq gets that answer back, it will change it into NODATA.
> because it has an A record for mqtt.swtk.info derived from a DHCP
> record. That should be functional in 2.78.
>> 
>> The local=/swtk.info/  and
>> address=/swtk.info/192.168.10.2  combo
>> fixes this.
>>  
>> 
>> 
>>This should already be fixed in the development code: if it's possible
>>for you to run
>>https://thekelleys.org.uk/dnsmasq/test-releases/dnsmasq-2.86test6.tar.gz
>>
>>that should fix things, and doing so would be a useful test for me.
>> 
>> 
>> Unfortunately, since the dnsmasq binary I use is part of a router, I
>> have no way to use another version. Which, as I realize now, will be a
>> major problem anyway since the issue is not a matter of configuration.
>>  
> 
> This is a major defect in the state of the world. Routers should be
> updated as often and as easily as desktops and laptops, but frequently
> aren't and can't be.
> 
> Cheers,
> 
> Simon.
> 
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

UI updates the EdgeRouter firmware quite often, but on the EdgeMAX line of 
devices they tend to be more conservative about updating the underlying 
components (due to being billed as carrier grade devices). e.g. they released 
v2.0.9-hotfix.2 in June and back ported the fixes for DNSMasq for CVE-2021-3448.

UI is much more aggressive on the UniFi (consumer) side of the house, they’ve 
upgraded dnsmasq in their firmware much more often and usually to the latest 
version available (latest firmware on the UDM platform run 2.85).

Just depends on their update strategy for the underlying components. Same with 
operating systems like RHEL, they tend to favor back porting security fixes to 
a specific version instead of upgrading to a whole new release of the component.___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] OT client q: both static and dhcp

2021-06-28 Thread Andrew Miskell via Dnsmasq-discuss 


> On Jun 28, 2021, at 7:42 AM, Carl Karsten  wrote:
> 
> 
> 
> On Sun, Jun 27, 2021 at 12:17 PM Andrew Miskell  <mailto:andrewmisk...@mac.com>> wrote:
> 
> 
>> On Jun 27, 2021, at 12:02, Carl Karsten > <mailto:c...@nextdayvideo.com>> wrote:
>> 
>> 
>> 
>> 
>> On Sun, Jun 27, 2021 at 10:49 AM Andrew Miskell > <mailto:andrewmisk...@mac.com>> wrote:
>> 
>> 
>>> On Jun 27, 2021, at 09:30, Carl Karsten >> <mailto:c...@nextdayvideo.com>> wrote:
>>> 
>>> 
>>> 
>>> 
>>> On Sun, Jun 27, 2021 at 7:56 AM john doe >> <mailto:johndoe65...@mail.com>> wrote:
>>> On 6/27/2021 9:17 AM, Carl Karsten wrote:
>>> > On Sun, Jun 27, 2021 at 2:10 AM john doe >> > <mailto:johndoe65...@mail.com>> wrote:
>>> >
>>> >> On 6/27/2021 7:03 AM, Dominik wrote:
>>> >>> Hey Carl,
>>> >>>
>>> >>> On Sat, 2021-06-26 at 19:16 -0500, Carl Karsten wrote:
>>> >>>> I'm looking for advice on haveing some boxes to have both dynamic and
>>> >>>> static IPs.
>>> >>>
>>> >>> Why use a static IP at all? We have often enough seen people use static
>>> >>> addresses for the wrong reasons.
>>> >>>
>>> >>
>>> >> As I understand it, the OP wants to use DHCP static leases.
>>> >>
>>> >
>>> > No.
>>> >
>>> > I need this for when move put a box on someone else's network.
>>> > So I don't have any control over the dhcp server.
>>> >
>>> 
>>> Then set an fix IP on dhcp client (dhclient ...) and remove it when you
>>> don't need it.
>>> 
>>> Basically, you set the dhcp client to have a static address or let the
>>> client get a lease from a dhcp server.
>>> 
>>> I'm trying to reduce the amount of work I need to do when I show up and 
>>> discover there is no dhcp server.
>>> 
>>> Example locations: university, coffee shop, convention center, office 
>>> meeting room.   In all cases I am a guest for a few days.  
>>> 
>>>  
>>> 
>>> Why do you need dnsmasq into the mix?
>>> 
>>> I don't - I am just working on client config.
>>> 
>>>  
>>> 
>>> --
>>> John Doe
>>> 
>>> ___
>>> Dnsmasq-discuss mailing list
>>> Dnsmasq-discuss@lists.thekelleys.org.uk 
>>> <mailto:Dnsmasq-discuss@lists.thekelleys.org.uk>
>>> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss 
>>> <https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss>
>>> 
>>> 
>>> -- 
>>> Carl K
>>> ___
>>> Dnsmasq-discuss mailing list
>>> Dnsmasq-discuss@lists.thekelleys.org.uk 
>>> <mailto:Dnsmasq-discuss@lists.thekelleys.org.uk>
>>> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss 
>>> <https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss>
>> 
>> A couple things. It might help to state what the client device is running 
>> (Windows, Linux and what distribution/version). 
>> 
>> 
>> Opsis PC: Ubuntu 20.04.2 LTS 
>> Voctomix:  Debian GNU/Linux 11 
>> 
>>  
>> dnsmasq is a DNS/DHCP server not a client, so I’m unsure what the role of 
>> dnsmasq would be here. 
>> 
>> 
>> This is a bit OT (Off Topic) as in it is not a dnsmasq server question.  
>> I am asking about client config.
>> to a group qualified to know about such things. 
>> if there is a better place to ask such questions, let me know. 
>> 
>>  
>> Most of the places you listed would already have a DHCP server available to 
>> hand out IP addresses (and associated network information) on its own. 
>> Otherwise, there’s no easy way to connect to the internet without knowing 
>> all that particular networks details (e.g. gateway address, subnet mask, 
>> etc, etc) which defeats the point of providing network access in a number of 
>> the locations you listed. 
>> 
>> If I could always plug a wire into a jack and get to a dhcp server, I would 
>> not have a problem.
>> I do not want to route 400mbs video traffic though the coffee shop wifi.  
>> Which isn't a problem as my devices don't have wifi.  So

Re: [Dnsmasq-discuss] OT client q: both static and dhcp

2021-06-27 Thread Andrew Miskell via Dnsmasq-discuss 


> On Jun 27, 2021, at 12:02, Carl Karsten  wrote:
> 
> 
> 
> 
>> On Sun, Jun 27, 2021 at 10:49 AM Andrew Miskell  
>> wrote:
>> 
>> 
>>>> On Jun 27, 2021, at 09:30, Carl Karsten  wrote:
>>>> 
>>> 
>>> 
>>> 
>>>> On Sun, Jun 27, 2021 at 7:56 AM john doe  wrote:
>>>> On 6/27/2021 9:17 AM, Carl Karsten wrote:
>>>> > On Sun, Jun 27, 2021 at 2:10 AM john doe  wrote:
>>>> >
>>>> >> On 6/27/2021 7:03 AM, Dominik wrote:
>>>> >>> Hey Carl,
>>>> >>>
>>>> >>> On Sat, 2021-06-26 at 19:16 -0500, Carl Karsten wrote:
>>>> >>>> I'm looking for advice on haveing some boxes to have both dynamic and
>>>> >>>> static IPs.
>>>> >>>
>>>> >>> Why use a static IP at all? We have often enough seen people use static
>>>> >>> addresses for the wrong reasons.
>>>> >>>
>>>> >>
>>>> >> As I understand it, the OP wants to use DHCP static leases.
>>>> >>
>>>> >
>>>> > No.
>>>> >
>>>> > I need this for when move put a box on someone else's network.
>>>> > So I don't have any control over the dhcp server.
>>>> >
>>>> 
>>>> Then set an fix IP on dhcp client (dhclient ...) and remove it when you
>>>> don't need it.
>>>> 
>>>> Basically, you set the dhcp client to have a static address or let the
>>>> client get a lease from a dhcp server.
>>> 
>>> I'm trying to reduce the amount of work I need to do when I show up and 
>>> discover there is no dhcp server.
>>> 
>>> Example locations: university, coffee shop, convention center, office 
>>> meeting room.   In all cases I am a guest for a few days.  
>>> 
>>>  
>>>> 
>>>> Why do you need dnsmasq into the mix?
>>> 
>>> I don't - I am just working on client config.
>>> 
>>>  
>>>> 
>>>> --
>>>> John Doe
>>>> 
>>>> ___
>>>> Dnsmasq-discuss mailing list
>>>> Dnsmasq-discuss@lists.thekelleys.org.uk
>>>> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
>>> 
>>> 
>>> -- 
>>> Carl K
>>> ___
>>> Dnsmasq-discuss mailing list
>>> Dnsmasq-discuss@lists.thekelleys.org.uk
>>> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
>> 
>> A couple things. It might help to state what the client device is running 
>> (Windows, Linux and what distribution/version). 
>> 
> 
> Opsis PC: Ubuntu 20.04.2 LTS 
> Voctomix:  Debian GNU/Linux 11 
> 
>  
>> dnsmasq is a DNS/DHCP server not a client, so I’m unsure what the role of 
>> dnsmasq would be here. 
>> 
> 
> This is a bit OT (Off Topic) as in it is not a dnsmasq server question.  
> I am asking about client config.
> to a group qualified to know about such things. 
> if there is a better place to ask such questions, let me know.
> 
>  
>> Most of the places you listed would already have a DHCP server available to 
>> hand out IP addresses (and associated network information) on its own. 
>> Otherwise, there’s no easy way to connect to the internet without knowing 
>> all that particular networks details (e.g. gateway address, subnet mask, 
>> etc, etc) which defeats the point of providing network access in a number of 
>> the locations you listed. 
> 
> 
> If I could always plug a wire into a jack and get to a dhcp server, I would 
> not have a problem.
> I do not want to route 400mbs video traffic though the coffee shop wifi.  
> Which isn't a problem as my devices don't have wifi.  So yes the coffee shop 
> does have a dhcp server, I may not want to use it.
> 
> If I do not have access to the venue network, then my networking needs are 
> just my 2 devices.  This is the  case I am trying to provide for, without 
> having to edit 
> a config file.  the Opsis PC is often headless,  so editing is done via ssh 
> from the voctomix pc, which is hard if the 2 don't have networking setup. 
> 
> -- 
> Carl K

If you are using NetworkManager for configuring your interfaces on those linux 
machines, you can have two profiles bound to the same interface with the dhcp 
profile having a higher priority over the static profile. So if DHCP fails, the 
static profile takes over. 

Ubuntu switched to NetPlan sometime back and I’m not sure if it has the same 
options, you’d have the check netplan’s documentation. ___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] client q: both static and dhcp

2021-06-27 Thread Andrew Miskell via Dnsmasq-discuss 


> On Jun 27, 2021, at 09:30, Carl Karsten  wrote:
> 
> 
> 
> 
>> On Sun, Jun 27, 2021 at 7:56 AM john doe  wrote:
>> On 6/27/2021 9:17 AM, Carl Karsten wrote:
>> > On Sun, Jun 27, 2021 at 2:10 AM john doe  wrote:
>> >
>> >> On 6/27/2021 7:03 AM, Dominik wrote:
>> >>> Hey Carl,
>> >>>
>> >>> On Sat, 2021-06-26 at 19:16 -0500, Carl Karsten wrote:
>>  I'm looking for advice on haveing some boxes to have both dynamic and
>>  static IPs.
>> >>>
>> >>> Why use a static IP at all? We have often enough seen people use static
>> >>> addresses for the wrong reasons.
>> >>>
>> >>
>> >> As I understand it, the OP wants to use DHCP static leases.
>> >>
>> >
>> > No.
>> >
>> > I need this for when move put a box on someone else's network.
>> > So I don't have any control over the dhcp server.
>> >
>> 
>> Then set an fix IP on dhcp client (dhclient ...) and remove it when you
>> don't need it.
>> 
>> Basically, you set the dhcp client to have a static address or let the
>> client get a lease from a dhcp server.
> 
> I'm trying to reduce the amount of work I need to do when I show up and 
> discover there is no dhcp server.
> 
> Example locations: university, coffee shop, convention center, office meeting 
> room.   In all cases I am a guest for a few days.  
> 
>  
>> 
>> Why do you need dnsmasq into the mix?
> 
> I don't - I am just working on client config.
> 
>  
>> 
>> --
>> John Doe
>> 
>> ___
>> Dnsmasq-discuss mailing list
>> Dnsmasq-discuss@lists.thekelleys.org.uk
>> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
> 
> 
> -- 
> Carl K
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

A couple things. It might help to state what the client device is running 
(Windows, Linux and what distribution/version). 

dnsmasq is a DNS/DHCP server not a client, so I’m unsure what the role of 
dnsmasq would be here. 

Most of the places you listed would already have a DHCP server available to 
hand out IP addresses (and associated network information) on its own. 
Otherwise, there’s no easy way to connect to the internet without knowing all 
that particular networks details (e.g. gateway address, subnet mask, etc, etc) 
which defeats the point of providing network access in a number of the 
locations you listed. ___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] dhcp-host precedence request due multiple matches

2021-06-21 Thread Andrew Miskell via Dnsmasq-discuss 
Virtual machines usually generate their own MAC addresses for their virtual 
network cards in bridge mode. So the MAC would be the identifier. They don’t 
share a MAC address with the host itself. 

Sent from my iPhone

> On Jun 21, 2021, at 09:02, Jesus M Diaz  wrote:
> 
> 
> so, if I have two virtual computers running over the same hardware, what 
> should be used as identifier for dnsmasq? the physical mac-address (just one, 
> as it is just one physical card)? the dhcp-client-id or hostname 
> (configurable as per logical device level)?
> 
> That's exactly my point, that there might be where more than one dhcp-host 
> entry match the DHCP request.
> 
> Thanks
> 
>> On Mon, 21 Jun 2021 at 13:23,  wrote:
>> On 6/21/21 3:05 AM, Jesus M Diaz wrote:
>> > - *My point of view:   Each computer has a (dnsmasq) DNS entry, the entry 
>> > gets 
>> > in DNS by DHCP of dnsmasq*. What a computer is? the physical instance or 
>> > the 
>> > virtual one? the hardware or the software? This is the key to my scenario. 
>> > And I 
>> > totally agree with you: each computer should have one entry, the problem 
>> > is the 
>> > definition of 'each computer'.
>> 
>> computers are devices and devices are computers... virtual or otherwise... 
>> it is 
>> not so hard a definition ;)
>> 
>> -- 
>>   NOTE: No off-list assistance is given without prior approval.
>> *Please keep mailing list traffic on the list unless*
>> *a signed and pre-paid contract is in effect with us.*
>> 
>> ___
>> Dnsmasq-discuss mailing list
>> Dnsmasq-discuss@lists.thekelleys.org.uk
>> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Can't get DHCP part to work

2021-02-21 Thread Andrew Miskell 
Do you have a IP configuration output from a client l, to verify it has all the 
right settings?

Sent from my iPhone

> On Feb 21, 2021, at 01:22, Wolfgang Paul Rauchholz  
> wrote:
> 
> 
> Exactly, the client does not have internet access. So I set the following 
> option  in the .conf file: dhcp-option = option:router, 10.5.2.1.
> It still doesn’t work. No error message.
> The setup of my home server is as follows:
> Acts as modem router
> enp5sP/ppp0 is WAN NIC 
> enp3s0 is LAN NIC
> Currently named and dhcpd are enabled and working fine.
> Packet forwarding is enabled.
> 
> Thx for the help
> 
> 
>> On Sat, 20 Feb 2021 at 15:45, Andrew Miskell  wrote:
>> Do you mean that client machines don’t have internet access? If so, it 
>> doesn’t look like your specifying a gateway in your dhcp configuration so 
>> the clients don’t know where to send internet bound traffic. 
>> 
>> 
>> Sent from my iPhone
>> 
>>>> On Feb 20, 2021, at 08:27, Wolfgang Paul Rauchholz 
>>>>  wrote:
>>>> 
>>> 
>> 
>>> I run a home server under Oracle Linux 8 and want to replace named/dhcpd 
>>> with dnsmasq.
>>> maimed/dhcpd run just fine.
>>> When rebooting I don't have internet access from the LAN. 
>>> 
>>> My config is as follows. 
>>> /etc/resolv.conf
>>> search 
>>> nameserver 127.0.0.1
>>> 
>>> /etc/NetworkManager/conf.d/dns.conf
>>> [main]
>>> dns=dnsmasq
>>> 
>>> /etc/dnsmasq.conf
>>> server=80.58.61.250
>>> server=80.58.61.254
>>> address=//127.0.0.1 
>>> address=//10.5.2.1
>>> user=dnsmasq
>>> group=dnsmasq
>>> listen-address=::1,127.0.0.1,10.5.2.1
>>> domain=
>>> dhcp-range=10.5.2.75,10.5.2.150,12h
>>> dhcp-host=18:e8:29:c3:18:2d,10.5.2.2,amplifi
>>> dhcp-host=6C:02:E0:9F:8B:64,10.5.2.10,HP9F8B64
>>> dhcp-host=2C:59:E5:EF:93:07,10.5.2.11,HP3199D7
>>> dhcp-leasefile=/var/lib/dnsmasq/dnsmasq.leases
>>> dhcp-authoritative
>>> 
>>> Thanks for your help.
>>> 
>>> Wolfgang Rauchholz
>>> +34 627 994 977
>>> https://www.linkedin.com/in/wolfgangrauchholz/
>>> 
>> 
>>> ___
>>> Dnsmasq-discuss mailing list
>>> Dnsmasq-discuss@lists.thekelleys.org.uk
>>> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> -- 
> Wolfgang Rauchholz
> +34 627 994 977
> https://www.linkedin.com/in/wolfgangrauchholz/
> 
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Can't get DHCP part to work

2021-02-20 Thread Andrew Miskell 
Do you mean that client machines don’t have internet access? If so, it doesn’t 
look like your specifying a gateway in your dhcp configuration so the clients 
don’t know where to send internet bound traffic. 


Sent from my iPhone

> On Feb 20, 2021, at 08:27, Wolfgang Paul Rauchholz  
> wrote:
> 
> 
> I run a home server under Oracle Linux 8 and want to replace named/dhcpd with 
> dnsmasq.
> maimed/dhcpd run just fine.
> When rebooting I don't have internet access from the LAN. 
> 
> My config is as follows. 
> /etc/resolv.conf
> search 
> nameserver 127.0.0.1
> 
> /etc/NetworkManager/conf.d/dns.conf
> [main]
> dns=dnsmasq
> 
> /etc/dnsmasq.conf
> server=80.58.61.250
> server=80.58.61.254
> address=//127.0.0.1 
> address=//10.5.2.1
> user=dnsmasq
> group=dnsmasq
> listen-address=::1,127.0.0.1,10.5.2.1
> domain=
> dhcp-range=10.5.2.75,10.5.2.150,12h
> dhcp-host=18:e8:29:c3:18:2d,10.5.2.2,amplifi
> dhcp-host=6C:02:E0:9F:8B:64,10.5.2.10,HP9F8B64
> dhcp-host=2C:59:E5:EF:93:07,10.5.2.11,HP3199D7
> dhcp-leasefile=/var/lib/dnsmasq/dnsmasq.leases
> dhcp-authoritative
> 
> Thanks for your help.
> 
> Wolfgang Rauchholz
> +34 627 994 977
> https://www.linkedin.com/in/wolfgangrauchholz/
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Debian Buster Security Update?

2021-02-01 Thread Andrew Miskell 
That’s really up to the maintainer of the debian packages. I suspect they’ll 
fix it at some point. 

Sent from my iPhone

> On Feb 1, 2021, at 20:16, mailinglistno...@abwesend.de wrote:
> 
> Hello,
> will a Debian update for Buster still be released in the future?
> https://security-tracker.debian.org/tracker/source-package/dnsmasq
> 
> Currently the status is vulnerable.
> 
> Best Regards
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Disabling IPv6 at compile time no longer working

2020-10-30 Thread Andrew Miskell 
Massimo,

Simon’s reasoning for removing support is stated in the git commit. It was the 
source of a large number of ifdefs in the code, primarily for handling old 
embedded libc versions.

Removing the flags allowed him to remove all the ifdefs and make the code more 
maintainable overall. 

I’d actually probably also go as far as to assert that most of your arguments 
listed aren’t really that valid in the grand scheme of things.

> On Oct 30, 2020, at 7:10 AM, SALA MASSIMO  wrote:
> 
> Hi Chris, Petr
> 
> I agree with Chris: I wish we could disable IPv6 support.
> 
> There are scenarios - like usage in intranet LANs,  IPv4 only - this feature 
> is useless.
> 
> For best practice, unwanted features should be disabled:
> 1) avoid any possibility of hitting bugs in code paths that implemet this 
> functionality;
> 2) reduce the surface of possible attacks;
> 3) IMHO you cannot force the users to be unaware testers of unused features.
> 
> 
> > It was intentionally removed in commit ee8750451b4[1], removed in 2.81 
> > release.
> 
> I don't understand why this commit was approved.
> Which are the benefits for the developers?
> 
> Best regards, Massimo Sala
> 
> 
> 
> 
> Le informazioni contenute in questo messaggio e nei suoi allegati sono ad 
> esclusivo beneficio del corretto destinatario e sono da considerarsi 
> confidenziali e riservate. Qualora abbiate ricevuto il messaggio per errore, 
> siete pregati di darne immediata notizia al mittente e di provvedere alla sua 
> cancellazione. La rivelazione del contenuto di corrispondenza destinata ad 
> altri e ricevuta per errore è perseguibile penalmente e può costituire un 
> trattamento illecito di dati personali. 
> 
> This e-mail and any attachment is confidential and only for use of the 
> intended recipient. If you are not the intended recipient, you are hereby 
> notified that any disclosure of this communication is strictly prohibited. If 
> you have received this communication in error, please notify the sender, and 
> then delete this message from your system.
> 
> Prima di stampare, pensa all’ambiente. 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk 
> 
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss 
> 
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Block dhcp from serving to specific device

2020-10-16 Thread Andrew Miskell 
Family Sharing allows the parent account to monitor the children accounts 
rather easily. 

Reference https://support.apple.com/en-us/HT208982 
 

Using the provided tools by Apple is still probably the best answer here.

> On Oct 16, 2020, at 4:04 PM, Jeff Boyce  wrote:
> 
> 

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Block dhcp from serving to specific device

2020-10-16 Thread Andrew Miskell 
David has the right answer, there’s two way to resolve it.

1. Disable keychain sync to iCloud on the kid’s device, however, the kids can 
re-enable it at any time without your intervention. Plus this has a downside of 
the kids having a copy of every stored password you may have saved to your 
iCloud account.

2. Create an iCloud account for the kids and link them to your iCloud account 
via Family Sharing (https://www.apple.com/family-sharing/ 
). It keeps your passwords and WiFi 
networks off the children’s devices but still allows you to do things like 
share purchases, track child devices, etc, etc. 

Denying an IP address when connected to the parent’s SSID wouldn’t normally 
force the device to the other SSID. It’ll likely just make the phone assign an 
APIPA (169.254.x.x) address and then complain about being connected to a 
network with no internet access. You’d have to then manually switch to the 
children’s SSID in order to get network access. This is because the parent’s 
WiFi network would have higher priority so the phone will want to stay 
connected to that SSID.

Using Family Sharing would be the appropriate solution in this scenario. 

> On Oct 16, 2020, at 2:44 PM, David Kerr  wrote:
> 
> Have you tried disabling keychain sync to iCloud on the kids iPhones?  WiFi 
> passwords are stored in there and if you sync keychain across devices then 
> that is why the kids iPhones are picking up your WiFi passwords.
> 
> They will also be getting all your saved userids and passwords... Do you 
> really want your kids having your bank account credentials?
> 
> It would be best for your kids to have their own Apple IDs -- unless they are 
> still too young for that.
> 
> David.
> 
> -- Forwarded message -
> From: Jeff Boyce mailto:jbo...@meridianenv.com>>
> Subject: [Dnsmasq-discuss] Block dhcp from serving to specific device
> Date: October 16, 2020 at 11:39:31 AM CDT
> To: DNSmasq Mailing List  >
> 
> Greetings -
> 
> I am having an issue on my home network with Apple devices getting 
> assigned addresses to vlans that are not desired.  Not sure of if dnsmasq 
> will be helpful in resolving the issue, but thought I would inquire here as I 
> am exploring many options.  I am running dnsmasq as part of my pfSense 
> gateway device, but if dnsmasq can solve this then I am sure I can get it 
> implemented in the pfSense interface.
> 
> The issue is that I have two iPhones on my home wireless network, and 
> have two vlans for my wireless network.  One vlan is for setup for the 
> parents, while the other vlan is setup for kids and guests with different 
> firewall and access restrictions between the two vlans.  All known devices 
> are assigned static IP's via dnsmasq, with guest devices assigned dynamic IP 
> addresses.  The parent iPhone is configured to use the parent wireless vlan.  
> The kid iPhone only has the ssid and password for the kid wireless vlan 
> remembered on the phone, and has not been given the password for the parent 
> wireless vlan.
> 
> The issue occurs when occasionally I find the kid iPhone being assigned a 
> dynamic IP address on the parent wireless vlan.  When this happens I tell the 
> kid iPhone to forget that network, and it goes back to the kid wireless vlan. 
>  I am certain that the kid is not the one making the change to the parent 
> wireless network.
> 
> I have tracked the issue to an Apple feature, that synchronizes wireless 
> access point information between phones on the same account.  The kids iPhone 
> happens to be under the same Apple account as the iPhone of one of the 
> parents, so when Apple synchronizes all iPhones on the account the kids phone 
> gets the information for the ssid and password of the parent wireless vlan.  
> The kids iPhone will connect to the parent wireless vlan when dhcp is renewed 
> if the parent wireless vlan happens to have a stronger signal than the kid 
> wireless vlan (my assumption on signal strength being the determining factor, 
> it may be the the reply comes back quicker from the parent wireless vlan).  
> When this happens the kids iPhone gets assigned a dynamic IP address from the 
> parents wireless vlan.  I have gone through all the options with Apple to try 
> and resolve this, and nothing works because it is an intended feature that is 
> supposed to not be broken.
> 
> So I am wondering if there is a configuration setting that I can add to 
> my dhcp server that would refuse a specific device from connecting to a 
> specific vlan.  If possible, then I would be able to block the kids iPhone 
> from connecting to the parent wireless vlan, thus forcing it back to the kids 
> wireless vlan.  Thanks.
> 
> Jeff
> 
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk 
> 
>

Re: [Dnsmasq-discuss] Mac Darwin confusion

2020-08-03 Thread Andrew Miskell 


> On Aug 3, 2020, at 3:06 PM, Geert Stappers  wrote:
> 
> On Mon, Aug 03, 2020 at 07:04:47PM +0200, No Yes No Questions wrote:
>> On Mon, Aug 03, 2020 at 10:44:07PM +0700, Bernd Prager wrote:
>>> Hi all,
>>> 
>>> I got something I can't wrap my head around. I have a QNAP NAS that I
>>> thought would be nice for hosting a DNSMASQ service for DNS and DHCP. Setup
>>> went smooth and all my Linux clients behave wonderfully, except my Mac
>>> client:
>>> 
>>> Querying a host from Linux goes perfect:
>>> 
>>> -=[22:29:35][bernd@hoenir ~]=-
>>>  dig @qnap freyja
>>> 
>>> ; <<>> DiG 9.11.3-1ubuntu1.12-Ubuntu <<>> @qnap freyja
>>> ;; Got answer:
>>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24213
>>> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
>>> 
>>> ;; QUESTION SECTION:
>>> ;freyja.IN  A
>>> 
>>> ;; ANSWER SECTION:
>>> freyja. 0   IN  A 192.168.1.7
>>> 
>>> ;; Query time: 0 msec
>>> ;; SERVER: 192.168.1.5#53(192.168.1.5)
>> 
>> .5
>> 
>> 
>>> ;; WHEN: Mon Aug 03 22:29:37 +07 2020
>>> ;; MSG SIZE  rcvd: 51
>>> 
>>> -=[22:29:37][bernd@hoenir ~]=-
>>>  ping -c 1 freyja
>>> PING freyja.prager.homeip.net (192.168.1.7) 56(84) bytes of data.
>>> 64 bytes from freyja.prager.homeip.net (192.168.1.7): icmp_seq=1 ttl=64
>>> time=131 ms
>>> 
>>> --- freyja.prager.homeip.net ping statistics ---
>>> 1 packets transmitted, 1 received, 0% packet loss, time 0ms
>>> rtt min/avg/max/mdev = 131.374/131.374/131.374/0.000 ms
>>> 
>>> Now the same query from my Mac sees the host but still can't connect to it:
>>> 
>>> [bernd@loki ~$ dig @qnap freyja
>>> 
>>> ; <<>> DiG 9.10.6 <<>> @qnap freyja
>>> ;; Got answer:
>>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54217
>>> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
>>> 
>>> ;; QUESTION SECTION:
>>> ;freyja.INA
>>> 
>>> ;; ANSWER SECTION:
>>> freyja.0INA192.168.1.7
>>> 
>>> ;; Query time: 7 msec
>>> ;; SERVER: 192.168.1.5#53(192.168.1.5)
>> 
>> The same .5
>> 
>> 
>>> ;; WHEN: Mon Aug 03 22:29:25 +07 2020
>>> ;; MSG SIZE  rcvd: 51
>>> 
>>> [bernd@loki ~$ ping -c 1 freyja
>>> ping: cannot resolve freyja: Unknown host
>>> 
>>> Does anybody have an idea what I am missing?
>> 
>> Yes
>> 
> 
> DNS query tool `dig` at the Linux system does add domain name to the request.
> 
> `dig` at the MacOS system doesn't add a domain name, which is correct 
> behaviour.
> 
> 
> For `ping` is it OK to add a domainname. It seems the Mac is not aware
> of domain name.
> 
> Find a way to tell the Mac about the .prager.homeip.net domain name.
> 
> 
> Groeten
> Geert Stappers
> -- 
> Silence is hard to parse
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

macOS will know about the domain if it’s told by the DNS server via DHCP.

However, macOS will cache information and sometimes will need a forced reset to 
pick things up. Using "dscacheutil -flushcache;sudo killall -HUP mDNSResponder” 
should reset the DNS cache on macOS.


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] OT: DNSMasq as a docker container

2019-08-05 Thread Andrew Miskell 
Every service is it’s own docker container, that’s the point of docker. It 
isolates services from each other and they run in their own little operating 
environment independently of the host OS.

Docker containers are extremely small by nature, only large enough for the 
operating environment (minimum OS type required for the application) and then 
the application itself.

> On Aug 5, 2019, at 10:24 AM, dnsmasqyq@neverbox.com wrote:
> 
> On Sun, Aug 4, 2019 at 7:27 AM Andrew Miskell wrote:
> 
>> Depends on use case I suppose. I run DNSMasq as a docker container (I ran 
>> pretty much all services as docker containers), so it’s easier just to keep 
>> everything in the configuration files for DNSMasq and have a single thing to 
>> backup.
> 
> Hi Andrew,
> 
> Would you explain, blog somewhere, or point me to somewhere that
> explains how you done it please?
> 
> Moreover, when you put all services into docker containers, would you
> put each services into a separated container or all in one? I.e.,
> would separated containers have redundant-space issue, do you think?
> 
> THX!
> 
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Local dnsmasq server not utilized by Ubuntu

2019-08-04 Thread Andrew Miskell 
Iirc, the behavior you are seeing in dig is by design. By default, dig will not 
use the search domain defined in /etc/resolv.conf unless you use the +search 
option on dig.

That’s why utilities like host and ping, etc work just fine but dig returns a 
blank record.

Try using dig +search maroon and it should resolve properly by appending the 
search domain to the query.

> On Aug 4, 2019, at 10:13 PM, dnsmasqyq@neverbox.com wrote:
> 
> On Sun, Aug 4, 2019 at 7:10 PM Geert Stappers wrote:
> 
>> 
>> 
>>> So what else I can use beside `resolvectl`?
>>> 
>>> | Basically, look at the top of /etc/resolv.conf to see what is handeling 
>>> it.
>>> 
>>> Ah, thank!
>>> 
>>> $ systemd-resolve --status | tail -11
>>> Link 2 (eth0)
>>>  Current Scopes: DNS
>>>   LLMNR setting: yes
>>> MulticastDNS setting: no
>>>  DNSSEC setting: no
>>>DNSSEC supported: no
>>> DNS Servers: 192.168.0.100
>>>  192.168.0.10
>>>  2607:f798:18:10:0:640:7125:
>>>  2607:f798:18:10:0:640:7125:
>>>  DNS Domain: my.own.domain.tld
>>> 
>>> | Somehow I do read "`dig host` expecting `dig host.domain.tld`"
>>> | because I have been bitten by assuming that domain name always
>>> | gets added.
>>> 
>>> Bingo! That's exactly the problem!!
>>> 
>>> | Recheck the configuration of your DHCP server ...
>>> 
>>> For DHCP server configuration, I'm following this almost word for word:
>>> https://sfxpt.wordpress.com/2013/11/30/dnsmasq-installation-configuration-5/
>>> 
>>> So how do I make sure that the domain name always gets added, in my
>>> DHCP/DNS server configuration?
>> 
>> Wrong question. Probably due jumping to conclusions.
>> 
>> Show us, this mailinglist, the content of  /etc/resolv.conf
>> Output of `dig foo`, `dig foo.my.own.domain.tld` and `ping -c 3 foo`.
>> Where 'foo' is host known at the local DNS.
> 
> - - - - - -
> $ cat /etc/resolv.conf
> # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
> # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
> # 127.0.0.53 is the systemd-resolved stub resolver.
> # run "systemd-resolve --status" to see details about the actual nameservers.
> nameserver 127.0.0.53
> search my.domain.tld
> 
> $ dig maroon
> 
> ; <<>> DiG 9.11.3-1ubuntu1-Ubuntu <<>> maroon
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 40527
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 65494
> ;; QUESTION SECTION:
> ;maroon.IN  A
> 
> ;; Query time: 0 msec
> ;; SERVER: 127.0.0.53#53(127.0.0.53)
> ;; WHEN: Sun Aug 04 23:04:25 EDT 2019
> ;; MSG SIZE  rcvd: 35
> 
> $ dig maroon.my.domain.tld
> 
> ; <<>> DiG 9.11.3-1ubuntu1-Ubuntu <<>> maroon.my.domain.tld
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7401
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 65494
> ;; QUESTION SECTION:
> ;maroon.my.domain.tld.  IN  A
> 
> ;; ANSWER SECTION:
> maroon.my.domain.tld.   0   IN  A   192.168.0.101
> 
> ;; Query time: 0 msec
> ;; SERVER: 127.0.0.53#53(127.0.0.53)
> ;; WHEN: Sun Aug 04 23:04:35 EDT 2019
> ;; MSG SIZE  rcvd: 61
> 
> $ ping -c 3 maroon
> PING maroon.my.domain.tld (192.168.0.101) 56(84) bytes of data.
> 64 bytes from wpad (192.168.0.101): icmp_seq=1 ttl=64 time=0.201 ms
> 64 bytes from wpad (192.168.0.101): icmp_seq=2 ttl=64 time=0.381 ms
> 64 bytes from wpad (192.168.0.101): icmp_seq=3 ttl=64 time=0.377 ms
> 
> --- maroon.my.domain.tld ping statistics ---
> 3 packets transmitted, 3 received, 0% packet loss, time 2025ms
> rtt min/avg/max/mdev = 0.201/0.319/0.381/0.086 ms
> - - - - - -
> 
>> Groeten
>> Geert Stappers
>> Who thinks that OP has a working configuration ...
> 
> Thanks
> 
>> ___
>> Dnsmasq-discuss mailing list
>> Dnsmasq-discuss@lists.thekelleys.org.uk
>> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>> 
> 
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Local dnsmasq server not utilized by Ubuntu

2019-08-04 Thread Andrew Miskell 
> 
>> So what else I can use beside `resolvectl`?
>> 
>> | Basically, look at the top of /etc/resolv.conf to see what is handeling it.
>> 
>> Ah, thank!
>> 
>> $ systemd-resolve --status | tail -11
>> Link 2 (eth0)
>>  Current Scopes: DNS
>>   LLMNR setting: yes
>> MulticastDNS setting: no
>>  DNSSEC setting: no
>>DNSSEC supported: no
>> DNS Servers: 192.168.0.100
>>  192.168.0.10
>>  2607:f798:18:10:0:640:7125:
>>  2607:f798:18:10:0:640:7125:
>>  DNS Domain: my.own.domain.tld
>> 
>> | Somehow I do read "`dig host` expecting `dig host.domain.tld`"
>> | because I have been bitten by assuming that domain name always
>> | gets added.
>> 
>> Bingo! That's exactly the problem!!
>> 
>> | Recheck the configuration of your DHCP server ...
>> 
>> For DHCP server configuration, I'm following this almost word for word:
>> https://sfxpt.wordpress.com/2013/11/30/dnsmasq-installation-configuration-5/
>> 
>> So how do I make sure that the domain name always gets added, in my
>> DHCP/DNS server configuration?
> 

Are you expecting a reply when you dig for hostA to be for hostA.domain.tld? 

Because your DNS domain in systemd-resolve is my.own.domain.tld, so when you 
dig for hostA it’s going to query for hostA.my.own.domain.tld, NOT 
hostA.domain.tld, and would fail to get a proper response.

If this is the case, you need to adjust your DNS domain to be domain.tld or add 
domain.tld as an additional search domain to the nameserver options in your 
netplan.io configuration (Ubuntu should be using Netplan.io 
 for network configuration). 

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Local dnsmasq server not utilized by Ubuntu

2019-08-04 Thread Andrew Miskell 
Actually, run resolvectl status on the Ubuntu box, find your interface name and 
see what the DNS servers say they are configured as. They should be your local 
DNS server IP.

If not, then something isn’t getting the DNS servers from DHCP. If you’re using 
NetPlan (which is the default) check the Netplan configuration for the network 
card.

> On Aug 4, 2019, at 2:53 PM, john doe  wrote:
> 
> On 8/4/2019 9:04 PM, dnsmasqyq@neverbox.com 
>  wrote:
>> Hi,
>> 
>> Thanks a lot for all your replies.
>> 
>> Sorry I wasn't very clear first as I don't know if anyone would
>> read/reply. Here is my reply to you one by one, but at this single
>> place.
>> 
>> On Sun, Aug 4, 2019 at 1:36 PM Daniel Huhardeaux wrote:
>>> 
 Hi,
 
 I know this is not a dnsmasq issue per se, but all my machines are
 Ubuntu based and they all can't utilized the local dnsmasq server that
 I setup for my LAN, which literally making my local dnsmasq server
 useless.
>> 
>>> systemd-resolve is irrelevant to the OP's question, it provides local
>> 'on the machine' DNS caching.  What the OP wants is 'local on his LAN' DNS...
>> 
>> Sorry I wasn't very clear in my OP -- I've setup my local dnsmasq
>> server (DHCP/DNS) correctly. All my Ubuntu machines are picking up IPs
>> from my dnsmasq DHCP server. Just they don't use my dnsmasq DNS
>> server.
>> 
 The problem is that the NetworkManager that Ubuntu uses insists to use
 its own DNS server, which is 127.0.0.53, not the DHCP/DNS server I
 setup for my LAN.
>> 
>>> Most likely you are looking at `systemd-resolved`. Consider
>> that "local DNS".  It still needs an upstream DNS.
>> 
>> Yes, I believe so. the 127.0.0.53 is used, and I can confirm that
>> whether the `resolvconf` is installed or not. The problem is that,
>> `systemd-resolved`'s upstream DNS is suppose to be my LAN dnsmasq
>> server (DHCP/DNS), at least I hope so, but it is not somehow, and this
>> is the exact problem I'm trying to solve/figure out why.
>> 
>> Why I say the upstream DNS is not my LAN dnsmasq DNS server? Because
>> when I `dig` for my local machine names, including the LAN dnsmasq
>> server itself, I get nothing in the `ANSWER SECTION` section, unless I
>> manually switch the `nameserver` entry in /etc/resolv.conf in *my
>> clients machines* to my LAN dnsmasq server. Then everything works.
>> 
 I'm wondering how you guys solved such problems, since you are using
 dnsmasq server just fine. I had been asking such questions at the
 Ubuntu and NetworkManager side multiple times at multiple places, but
 have never been able to get a straight/working answer.
>>> 
>>> Hello.
>>> 
>>> It's not a NetworkManager nor an Ubuntu problem: you have
>>> systemd-resolve installed on your machine (guess Ubuntu 18.04) which
>>> uses 127.0.0.53 as IP for DNS. You have to go in /etc/systemd and adapt
>>> the resolved.conf file to put your dnsmasq IP server as DNS.
>> 
>> Yes, exactly I'm using Ubuntu 18.04, thus systemd-resolve. So,
>> 
>> How to adapt the resolved.conf file so that my modification survive
>> reboot, and not hard-coding anything as when I take my laptop else
>> where, I don't want it still pointing to my home LAN dnsmasq server?
>> 
> 
> Lookat the 'resolvconf' package if it is installed.
> Basically, look at the top of /etc/resolv.conf to see what is handeling it.
> 
> --
> John Doe
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk 
> 
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss 
> 
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Local dnsmasq server not utilized by Ubuntu

2019-08-04 Thread Andrew Miskell 
What version of Ubuntu? By default they operate a stub resolver but it should 
follow the dhcp settings for the network card. It just locally caches dns 
queries to speed things up. 

Sent from my iPhone

> On Aug 4, 2019, at 09:51, john doe  wrote:
> 
>> On 8/4/2019 3:57 PM, dnsmasqyq@neverbox.com wrote:
>> Hi,
>> 
>> I know this is not a dnsmasq issue per se, but all my machines are
>> Ubuntu based and they all can't utilized the local dnsmasq server that
>> I setup for my LAN, which literally making my local dnsmasq server
>> useless.
>> 
>> The problem is that the NetworkManager that Ubuntu uses insists to use
>> its own DNS server, which is 127.0.0.53, not the DHCP/DNS server I
>> setup for my LAN.
>> 
>> I'm wondering how you guys solved such problems, since you are using
>> dnsmasq server just fine. I had been asking such questions at the
>> Ubuntu and NetworkManager side multiple times at multiple places, but
>> have never been able to get a straight/working answer.
>> 
> 
> https://askubuntu.com/questions/2321/what-is-the-proper-way-to-change-the-dns-ip
> 
> --
> John Doe
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Some MAC addresses recognised, others not, in dhcp lines

2019-08-04 Thread Andrew Miskell 

> On Aug 4, 2019, at 5:37 AM, Geert Stappers  wrote:
> 
> I would go for entries in /etc/hosts because that
> doesn't require reloading of dnsmasq.
> 

Depends on use case I suppose. I run DNSMasq as a docker container (I ran 
pretty much all services as docker containers), so it’s easier just to keep 
everything in the configuration files for DNSMasq and have a single thing to 
backup.

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Some MAC addresses recognised, others not, in dhcp lines

2019-08-03 Thread Andrew Miskell 
Or use address directives to map a hostname to an IP address.

i.e.

address=/hosta/192.168.1.1

Will map hosta to 192.168.1.1 for DNS lookups.

> On Aug 3, 2019, at 3:50 PM, Chris Green  wrote:
> 
> I'm running dnsmasq version 2.76 on a raspberry pi to provide DNS and
> DHCP services on my LAN.
> 
> I have some dhcp-host lines in my configuration file to give names to
> systems that don't give their names, e.g.:-
> 
>dhcp-host=00:09:B0:C9:CE:81,onkyoTx-nr616
>dhcp-host=28:EF:01:2D:EB:07,chrisKindle
>dhcp-host=08:EB:74:9D:47:53,humaxFreeview
>dhcp-host=2C:08:8C:CC:9A:9E,humaxYouview
>dhcp-host=00:1F:E2:4E:8F:CA,maxineStudy
>dhcp-host=1C:1B:0D:60:9A:E1,ben
>dhcp-host=AC:AE:19:2C:3F:5A,roku
>dhcp-host=10:FE:ED:63:29:74,TP-Link_TL-WA7210
> 
> Most of these work but a couple don't work ..and I think I have
> just realised why they don't work.  Systems which don't request their
> IP address from dnsmasq don't provide dnsmasq with their MAC address
> and thus dnsmasq doesn't give them a name.
> 
> Presumably these static IPs must be put into /etc/hosts on the dnsmasq
> system, is this the only way of handling this?
> 
> 
> -- 
> Chris Green
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] dnsmaq on OpenWRT, configuration question

2019-07-27 Thread Andrew Miskell 
What do the devices say their DNS server is? If it’s the .1 address this would 
expected behavior because that’s the dnsmasq dns address. 

Sent from my iPhone

> On Jul 27, 2019, at 12:28, Art Greenberg  wrote:
> 
>> On Sat, Jul 27, 2019, at 12:42, john doe wrote:
>> 
>> Not strictly an answer, but don't forget that Dnsmasq is normaly
>> configured using OpenWRT.
>> So, if you were able to get everything working previously, there is no
>> reason why you can't do it here.
>> 
>> 
>> In other words, OpenWrt might be the culprit and not Dnsmasq.
>> 
>> --
>> John Doe
> 
> Well, yes and no. OpenWRT is "just" a Linux distro. The maintainers have 
> adopted a very clever configuration scheme that unifies (almost) all of the 
> configuration and makes configuration possible entirely through a web-based 
> interface.
> 
> But ... I wrested control of dnsmasq from that schema. I have a very 
> conventional dnsmasq setup with my own config files just like I had 
> previously on CentOS.
> 
> I think its more that all DNS request now pass through dnsmasq, while 
> previously I could arrange for some not to. And I'm not clever enough to 
> figure out how to tell dnsmasq how to not respond to DNS requests from 
> certain hosts on my network without resorting to running multiple instances 
> of dnsmasq.
> 
> -- 
> Art Greenberg
> a...@artg.tv
> 
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] DHCP Clients not being registered in DNS

2018-11-16 Thread Andrew Miskell 
Hi,

I’m trying to setup a dnsmasq server (version 2.79 on Ubuntu 18.10) for DNS and 
DHCP to replace the horrible DNS/DHCP service built into the AT Fiber 
gateways. I've gotten everything configured and I have a client pulling a DHCP 
address but I’m not able to resolve it’s name in DNS using dnsmasq as the name 
server. I can resolve entries in the /etc/hosts file without any issues.

From what I can tell, the DHCP client name is being passed successfully from 
the client to the server (as it’s visible in the dnsmasq.leases file).

I’ve included my current configuration below, am I missing some configuration 
option that enables DHCP clients to register themselves into dnsmasq ’s DNS?

root@ubuntu:/etc/dnsmasq.d# grep -v '#' amiskell.net | sed '/^\s*$/d'
domain-needed
bogus-priv
strict-order
server=1.1.1.1
expand-hosts
domain=amiskell.net
dhcp-range=192.168.1.50,192.168.1.60,12h
dhcp-option=option:router,192.168.1.254
dhcp-option=option:dns-server,192.168.1.1
dhcp-option=option:netmask,255.255.255.0
dhcp-lease-max=150
dhcp-leasefile=/var/lib/misc/dnsmasq.leases
root@ubuntu:/etc/dnsmasq.d# cat /var/lib/misc/dnsmasq.leases 
1542425553 70:88:6b:83:XX:XX 192.168.1.57 A17062407 01:70:88:6b:83:XX:XX___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss