Re: [Dnsmasq-discuss] How do I disable the RDNS in the RA without disabling the DNS itself?

2020-12-05 Thread Hamish Moffatt
On 6/12/20 9:47 am, Kristof Mattei wrote: PS: Due to Docker’s inability to get link-local addresses on a macvlan (I cannot set a fixed, public prefix, as mine changes) I cannot assign an IPv6 address to pi-hole. Otherwise I’d do that. Could you set up an IPv6 ULA instead? Hamish __

Re: [Dnsmasq-discuss] The strange dns query error observed for fiber optic modem bridge mode.

2021-01-12 Thread Hamish Moffatt
On 13/1/21 2:11 pm, Hongyi Zhao wrote: I'm very confused on the above problem. Any hints/comments/suggestions will be highly appreciated. I think that something is intercepting your UDP DNS requests and replying with the 192.168.1.1 result, probably to block you from www.baidu.com. But they f

[Dnsmasq-discuss] override DNS server for particular hosts on IPv6

2021-03-25 Thread Hamish Moffatt
I'm attempting to override the DNS server for a few hosts on both IPv4 and IPv6. I've tagged the hosts and applied dhcp-option to that tag and it's working correctly for IPv4, but I'm not having much luck with IPv6. I'll admit right now that I don't fully understand the use of DHCPv6 and how D

Re: [Dnsmasq-discuss] override DNS server for particular hosts on IPv6

2021-03-25 Thread Hamish Moffatt
On 25/3/21 7:50 pm, Hamish Moffatt wrote: How is Android always learning of the dnsmasq server itself as the DNS server, and can I fix it? Forgot to add, my dnsmasq is provided by OpenWRT (latest release 19.07.7): Dnsmasq version 2.80  Copyright (c) 2000-2018 Simon Kelley Compile time

Re: [Dnsmasq-discuss] override DNS server for particular hosts on IPv6

2021-03-25 Thread Hamish Moffatt
each requests. It should help you checking selected hosts got assigned adblock tag to whatever rule you have used. And then just set common options for the tag. On 3/25/21 9:50 AM, Hamish Moffatt wrote: I'm attempting to override the DNS server for a few hosts on both IPv4 and IPv6. I

Re: [Dnsmasq-discuss] override DNS server for particular hosts on IPv6

2021-03-25 Thread Hamish Moffatt
On 26/3/21 2:52 am, M. Buecher wrote: Android to my knowledge does not support DHCPv6, therefore it only retrieves DNS servers via RDNSS of RAs. RAs are generic and not per client, therefore assigning different DNS servers via RDNSS/RA is not possible. Even if dnsmasq could disable RDNSS for

Re: [Dnsmasq-discuss] unittests

2021-10-05 Thread Hamish Moffatt
On 6/10/21 09:11, Petr Menšík wrote: On 10/5/21 20:28, john doe wrote: Those tools are not standards, for instance on OpenWRT. dig is quite standard thing for troubleshooting DNS. If it is not available for OpenWRT, it should be fixed. I am bind9 maintainer too, it might get surprising to me. F

Re: [Dnsmasq-discuss] filter-AAAA is breaking dnsmasq

2021-10-10 Thread Hamish Moffatt
On 11/10/21 14:33, E wrote: # dnsmasq --conf-file=/etc/dnsmasq.conf dnsmasq: unsupported option at line 12 of /etc/dnsmasq.conf What does "where dnsmasq" say? Are you actually running the binary you just built? W T F Why so rude? Hamish ___

Re: [Dnsmasq-discuss] filter-AAAA is breaking dnsmasq

2021-10-11 Thread Hamish Moffatt
On 11/10/21 17:58, E wrote: --- --- --- --- --- interface=lo listen-address=127.0.0.1 bind-interfaces ## testver server=1.2.3.4#53 server=1.2.3.4#53 server=1.2.3.4#53 server=1.2.3.4#53 rev-server=1.2.3.4/24,1.2.3.4 bogus-priv cache-size=1337 dnssec-check-unsigned=no dnssec-no-timecheck domain

[Dnsmasq-discuss] same DHCP client on multiple interfaces

2022-08-29 Thread Hamish Moffatt
I've got dnsmasq listening on multiple interfaces (two VLANs), and at least one client that is also on both VLANs at once. The client has the same MAC address on both VLANs. I'd like to assign an IP address on each VLAN via DHCP. I have the following in my config: dhcp-host=38:C9:86:40:86:37,

Re: [Dnsmasq-discuss] same DHCP client on multiple interfaces

2022-09-07 Thread Hamish Moffatt
On 5/9/22 10:57, hamish@moffatt.email wrote: On 29/8/22 18:43, Hamish Moffatt wrote: I've got dnsmasq listening on multiple interfaces (two VLANs), and at least one client that is also on both VLANs at once. The client has the same MAC address on both VLANs. I'd like to assign an

[Dnsmasq-discuss] Ignoring query from non-local network

2023-01-11 Thread Hamish Moffatt
Hi, I'm running dnsmasq 2.86 on OpenWRT (22.03.3). I have a single dnsmasq providing DNS and DHCP on 3 interfaces succesfully. Now I've added a 4th which will be DNS only, so it isn't explicitly mentioned in the configuration file at all. When I make a DNS query from that interface, dnsmasq

[Dnsmasq-discuss] DNSSEC failure after some time

2017-06-27 Thread Hamish Moffatt
I've recently enabled DNSSEC on dnsmasq, and signed a zone that I work with a lot. It works for a while (dig shows the AD (authentic data) flag on signed zones), but after about a week, I start getting lookup failures for that zone until I restart dnsmasq. Then it works for another week. The D

Re: [Dnsmasq-discuss] DNSSEC failure after some time

2017-06-28 Thread Hamish Moffatt
On 29/06/17 07:05, Simon Kelley wrote: Your text says 2.75, but the log says 2.76. There's a significant difference between the two in DNSSEC code. First thing to do is to turn on --log-queries and arrange for the (quite large) logs to go somewhere safe, if the router has limited storage. That s

Re: [Dnsmasq-discuss] DNSSEC failure after some time

2017-07-03 Thread Hamish Moffatt
On 29/06/17 09:42, Hamish Moffatt wrote: On 29/06/17 07:05, Simon Kelley wrote: Your text says 2.75, but the log says 2.76. There's a significant difference between the two in DNSSEC code. First thing to do is to turn on --log-queries and arrange for the (quite large) logs to go somewhere

Re: [Dnsmasq-discuss] DNSSEC failure after some time

2017-07-04 Thread Hamish Moffatt
On 03/07/17 18:35, Hamish Moffatt wrote: Jul 3 16:58:38 router daemon.info dnsmasq[11219]: validation foo2.foo.com is ABANDONED Now I have this again 24 hours later, and I also have some saying validation foo2.foo.com is BOGUS Hamish

[Dnsmasq-discuss] DNSSEC validation failing on Cloudflare test domain

2019-07-16 Thread Hamish Moffatt
Hi, I'm trying to enable DNSSEC validation in dnsmasq 2.80, on my OpenWRT router. For upstream, I'm using 1.1.1.1. With DNSSEC validation on, when I visit the Cloudflare test site https://www.cloudflare.com/ssl/encrypted-sni/ , it says it can't determine if I have secure DNS enabled. It's

Re: [Dnsmasq-discuss] DNSSEC validation failing on Cloudflare test domain

2019-07-17 Thread Hamish Moffatt
looks, at least superficially, similar. It might be worth turning on DNS logging and seeing if the similarity goes deeper. Cheers, Simon. Simon.On 17/07/2019 06:41, Hamish Moffatt wrote: Hi, I'm trying to enable DNSSEC validation in dnsmasq 2.80, on my OpenWRT router. For upstream, I&#

Re: [Dnsmasq-discuss] Why does dnsmasq append .home to a plain hostname?

2019-10-22 Thread Hamish Moffatt
On 23/10/19 8:04 am, Sean Warner wrote: Hello, Thank you for answering Uwe. Your response gave me some good pointers. I don’t think a “default domain” entry is coming from my Windows laptop. It’s Windows 7 Home Premium and that version knows nothing about domains. I googled that and also to