Re: [Dnsmasq-discuss] Dnsmaq giving default gateway address as dns server on DHCP offer

[richardvo...@gmail.com]

If it doesn't work when started at boot, but does if you started it
manually, the most likely reason is that the boot scripts are passing
command-line options such as a different config file.  If you edited the
default config file, when you start dnsmasq by hand, that's the one it
finds.

The command line arguments of the auto-launched dnsmasq instance should
give further information (the 'ps' command should show the command lines of
running processes)

On Sun, Aug 6, 2017 at 1:07 PM, Anoop Ravi  wrote:

> That seems to be correct. That may be the reason why it is working
> when i give dhcp-option 6.
>
> Do you have any guess what could be going wrong? Is there any flag
> which I need to enable to make dnsmasq work as dns server as well?
>
> I have seen a strage behavior as well. Resolution wont work on bootup.
> But when I restart dnsmasq(killing PID and starting commandline) it
> works. Do you have any clue?
>
> Any help is much appreciated.
>
> Thanks,
> Anoop
>
> On 8/6/17, richardvo...@gmail.com  wrote:
> > One clear difference is that the query that succeeded is for a different
> > name than the one that failed.
> >
> > But the bigger problem is that the reply is somehow going straight to the
> > client.  When dnsmasq is acting as a caching proxy, these steps happen:
> >
> > 1. the client sends a query to dnsmasq
> > 2. dnsmasq checks its cache and doesn't find a match
> > 3. dnsmasq sends a query to the upstream server
> > 4. the upstream server sends a reply to dnsmasq
> > 5. dnsmasq adds the information to its cache
> > 6. dnsmasq sends a reply to the client
> >
> > In your capture, #4 isn't happening -- the reply destination address is
> > wrong.
> >
> >
> >
> > On Sun, Aug 6, 2017 at 12:47 PM, Anoop Ravi 
> wrote:
> >
> >> Hi Richard,
> >>
> >> I dont want to use dhcp-option 6 to override nameservers. I took a
> >> packet capture on both local lan interface and the interface which
> >> talks to outside world. I could see that in both scenarios (working
> >> and nonworking), names are getting resolved at the outer interface.
> >> But somehow query is getting refused at the local interface. Do you
> >> have any clue why this is happening?
> >>
> >> Attaching screenshot of comparison on local interface packet capture.
> >>
> >> Thanks,
> >> Anoop
> >>
> >
>
>
> --
> Anoop.
>
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Dnsmaq giving default gateway address as dns server on DHCP offer

[richardvo...@gmail.com]

The default configuration of dnsmasq is to act as a caching proxy server
(this behavior of dnsmasq has existed before dhcp support).  There are a
few reasons the proxying could fail, chief among them being firewall
rules.  If that isn't the problem, increasing the logging detail may give
further clues.

If you want to use dnsmasq only as a DHCP server and not a DNS cache, then
configuring dhcp-option 6 is the right approach.  Note that in this case
you won't be able to look up computers by their dhcp hostname.

A quick summary of nameserver settings:

Lookups from other software on the dnsmasq server: uses /etc/resolv.conf
Lookups from dnsmasq (proxy on behalf of clients): defaults to using
/etc/resolv.conf, can be overridden via --server and/or --resolv-file
options
option "DNS server" sent to DHCP clients: defaults to the IP address of the
dnsmasq server that's in the same block as the address given out, can be
overridden with --dhcp-option 6




On Sun, Aug 6, 2017 at 1:43 AM, Anoop Ravi  wrote:

> Hi,
>
> Richard,
> As you said, I was under an impression that dnsmasq will provide all the
> nameserver entries in resolv.conf to the clients. Thank you for correcting
> me.
>
> But, my clients are not resoving the names with this configuration. It is
> getting correct domain name and server ip as dns server. If I manually add
> resolv.conf entries into dnsmasq.conf using dhcp-option 6, then it will
> start resolving. I can see clients getting nameserver ip at this time.
>
> What could be the reason for this behaviour?
>
> Thanks
>
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Dnsmaq giving default gateway address as dns server on DHCP offer

[Anoop Ravi]

Hi,

Richard,
As you said, I was under an impression that dnsmasq will provide all the 
nameserver entries in resolv.conf to the clients. Thank you for correcting me. 

But, my clients are not resoving the names with this configuration. It is 
getting correct domain name and server ip as dns server. If I manually add 
resolv.conf entries into dnsmasq.conf using dhcp-option 6, then it will start 
resolving. I can see clients getting nameserver ip at this time.

What could be the reason for this behaviour?

Thanks

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Dnsmaq giving default gateway address as dns server on DHCP offer

[richardvo...@gmail.com]

dnsmasq is capable of being the first DNS for clients and determining which
requests should go to the AD controller and which to external DNS.  Or, the
configuration you describe is also possible.


Where Ravi appears to have gone wrong is in thinking that /etc/resolv.conf
addresses would be sent to client.  dnsmasq never does that.

On Sat, Aug 5, 2017 at 12:35 PM,  wrote:

> On 08/05/2017 11:43 AM, /dev/rob0 wrote:
>
>> Yes, there is an option you can use in dnsmasq.conf to change the
>> nameserver[s] given to DHCP clients, but why do you want that?  See the
>> dnsmasq(8) manual for details.
>>
>
> one possibility is on an AD network where all device DNS lookups go
> through the AD controller... the AD controller then talks to dnsmasq
> running on the perimeter firewall and handles the lookups to outside DNS
> servers... everything inside the AD network being restricted to the AD
> network so no individual devices can make lookups outside... they can only
> talk to the AD controller for DNS and the AD controller can only talk to
> dnsmasq for DNS... the AD controller is not the perimeter device for
> traffic headed outside of the AD network... the perimeter firewall running
> dnsmasq is, though...
>
>
> --
>  NOTE: No off-list assistance is given without prior approval.
>*Please keep mailing list traffic on the list unless*
>*a signed and pre-paid contract is in effect with us.*
>
>
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Dnsmaq giving default gateway address as dns server on DHCP offer

[wkitty42]

On 08/05/2017 11:43 AM, /dev/rob0 wrote:
Yes, there is an option you can use in dnsmasq.conf to change the 
nameserver[s] given to DHCP clients, but why do you want that?  See the

dnsmasq(8) manual for details.


one possibility is on an AD network where all device DNS lookups go through the 
AD controller... the AD controller then talks to dnsmasq running on the 
perimeter firewall and handles the lookups to outside DNS servers... everything 
inside the AD network being restricted to the AD network so no individual 
devices can make lookups outside... they can only talk to the AD controller for 
DNS and the AD controller can only talk to dnsmasq for DNS... the AD controller 
is not the perimeter device for traffic headed outside of the AD network... the 
perimeter firewall running dnsmasq is, though...



--
 NOTE: No off-list assistance is given without prior approval.
   *Please keep mailing list traffic on the list unless*
   *a signed and pre-paid contract is in effect with us.*

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Dnsmaq giving default gateway address as dns server on DHCP offer

[/dev/rob0]

On Fri, Aug 04, 2017 at 09:53:52PM -0700, Anoop Ravi wrote:
> I am using dnsmasq as dns and dhcp server on my device. Somehow 
> dnsmasq is not giving correct dns server address to my clients. 
> Instead it is giving default gateway ip. I have correct dns servers 
> listed in resolv.conf and my dnsmasq.conf is pointing to correct 
> resolv file using "resolv-file" parameter. I am running dnsmasq as 
> below.
> 
> dnsmasq -u nobody -q --dhcp-authoritative -C /var/dnsmasq.conf
> 
> From the logs,I could see that it is reading resolv.conf
> 
> reading /etc/resolv.conf
> using nameserver xx.xx.xx.xx#53
> using nameserver xx.xx.xx.xx#53
> using nameserver xx.xx.xx.xx#53
> 
> While client connects, I can see that dnsmasq offering default 
> gateway address as dns-server ip.
> 
> sent size:   4 option:  6 dns-server  x.x.x.x
> 
> Is there anything wrong in my parameters? why is not giving
> correct dns servers?

Nothing in your post indicates why you think that's incorrect; 
dnsmasq IS a DNS server.  Typically that's what you want, for all 
local DHCP clients to use dnsmasq as DNS server.  The point being: to 
have local name resolution and to have one central cache for external 
names.

Yes, there is an option you can use in dnsmasq.conf to change the
nameserver[s] given to DHCP clients, but why do you want that?  See 
the dnsmasq(8) manual for details.
-- 
  http://rob0.nodns4.us/
  Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss