Re: [Dnsmasq-discuss] Struggling with multiple nameservers
On Sun, Jan 12, 2020 at 08:48:53PM +0100, Dominik wrote: > On Sun, 2020-01-12 at 16:40 +0100, Geert Stappers wrote: > > On Thu, Jan 09, 2020 at 10:33:43PM +0100, Geert Stappers wrote: > > > On Wed, Jan 08, 2020 at 04:37:32PM +, Harry Moyes wrote: > > > > On 08/01/2020 14:47, wkitt...@gmail.com wrote: > > > > > ... > > > > > > > > I've already mentioned this to the developers. > > > > > > Any prove of that? > > > > > > > > > > The change is apparently intentional. > > > > > > Assumed or documented? > > > > > > > My questions from above are indeed terse. > > > > Let me elaborate > > > > > I've already mentioned this to the developers. > > > > > > > > Any prove of that? > > > > That question was written in the hope of getting an URL or email > > where can be read what was mentioned to the pihole developers. > > > > I still hope such email or URL pops up. The idea is to ask, > > differently as previously, to regain the lost functionality. > > > > > Hey all, > > I may speak up as the main developer of Pi-hole's dnsmasq fork. We > embed dnsmasq into our daemon. The "dnsmasq -v" functionality is not > "gone", it just moved one step away as dnsmasq is only contained and > not the main application in our setup. > > So this statement is simply not true. > > The pihole derivative has lost that rather useful feature, so > exactly what options it has been complied with is hard to tell. > > Use > pihole-FTL -v > to get the version of our daemon. > > Use > pihole-FTL -- -v > to get the version of the embedded dnsmasq. > > I can already tell you that it will bring up > > Dnsmasq version pi-hole-2.80 Copyright (c) 2000-2018 Simon Kelley > > Compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP > > DHCPv6 no-Lua TFTP no-conntrack ipset auth DNSSEC loop-detect > > inotify dumpfile > > This issue has been extensively discussed here as well: > https://discourse.pi-hole.net/t/struggling-with-pihole-ftl/26473 > and I have to admit that it's still not clear what was/is the error but > it looks like a user induced one. Also because the problem just > "disappeared" after some config changes that, apparently, cannot be > isolated any more. OK > I also already mentioned how to obtain the embedded dnsmasq's version > here on Jan 1st, 2020: > https://discourse.pi-hole.net/t/struggling-with-pihole-ftl/26473/39?u=dl6er > which was one week before the original poster claimed that we removed > this intentionally ... interesting to see how perspectives can differ. Yes, perspectives differ. It becomes hard when the focal point isn't the same. Regards Geert Stappers -- Leven en laten leven ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Struggling with multiple nameservers
On Sun, Jan 12, 2020 at 10:20:40PM +, Harry Moyes wrote: > On 12/01/2020 15:40, Geert Stappers wrote: > > On Thu, Jan 09, 2020 at 10:33:43PM +0100, Geert Stappers wrote: > > > On Wed, Jan 08, 2020 at 04:37:32PM +, Harry Moyes wrote: > > > > > > > > > > > > > I've already mentioned this to the developers. > > > > > > Any prove of that? > > > > > > > > > > The change is apparently intentional. > > > Assumed or documented? > > > > > > > My questions from above are indeed terse. > > > > Let me elaborate > > |> > I've already mentioned this to the developers. > > |> > > |> Any prove of that? > > > > That question was written in the hope of getting an URL or email > > where can be read what was mentioned to the pihole developers. > > > > I still hope such email or URL pops up. The idea is to ask, > > differently as previously, to regain the lost functionality. > > > > Unless it has gone missing somewhere I have already replied to the question. > > I misunderstood the response I got from the pihole-FTL developers. > > pihole-FTL -v does not respond as dnsmasq does. Intentionally. > > However if you submit the request as > > pihole-FTL -- -v > > you get exactly the same response as from dnsmasq including the compiled > options. > > The subtly of the extra "--" passed me by initially. > > As I said in my previous post, if I had understood the reply I got better, > I'd have saved myself a load of pain. > > Other than possibly making that subtlety more obvious to the slower on the > uptake among us, like me, there is nothing else required here. Acknowledge Regards Geert Stappers -- Yes, the right question is real challenge ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Struggling with multiple nameservers
On 12/01/2020 15:40, Geert Stappers wrote: On Thu, Jan 09, 2020 at 10:33:43PM +0100, Geert Stappers wrote: On Wed, Jan 08, 2020 at 04:37:32PM +, Harry Moyes wrote: On 08/01/2020 14:47, wkitt...@gmail.com wrote: On 1/7/20 2:10 PM, Harry Moyes wrote: dnsmasq very usefully reports the compiled in options with the -v flag. The pihole derivative has lost that rather useful feature, so exactly what options it has been complied with is hard to tell. personally speaking, i'd see what it would take to regain that functionality by contacting the pihole devs and bringing this defect to their attention and possibly use your situation as an example... I've already mentioned this to the developers. Any prove of that? The change is apparently intentional. Assumed or documented? My questions from above are indeed terse. Let me elaborate |> > I've already mentioned this to the developers. |> |> Any prove of that? That question was written in the hope of getting an URL or email where can be read what was mentioned to the pihole developers. I still hope such email or URL pops up. The idea is to ask, differently as previously, to regain the lost functionality. Groeten Geert Stappers Unless it has gone missing somewhere I have already replied to the question. I misunderstood the response I got from the pihole-FTL developers. pihole-FTL -v does not respond as dnsmasq does. Intentionally. However if you submit the request as pihole-FTL -- -v you get exactly the same response as from dnsmasq including the compiled options. The subtly of the extra "--" passed me by initially. As I said in my previous post, if I had understood the reply I got better, I'd have saved myself a load of pain. Other than possibly making that subtlety more obvious to the slower on the uptake among us, like me, there is nothing else required here. Harry ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Struggling with multiple nameservers
Hey all, I may speak up as the main developer of Pi-hole's dnsmasq fork. We embed dnsmasq into our daemon. The "dnsmasq -v" functionality is not "gone", it just moved one step away as dnsmasq is only contained and not the main application in our setup. So this statement is simply not true. > The pihole derivative has lost that rather useful feature, so exactly what options it has been complied with is hard to tell. Use pihole-FTL -v to get the version of our daemon. Use pihole-FTL -- -v to get the version of the embedded dnsmasq. I can already tell you that it will bring up > Dnsmasq version pi-hole-2.80 Copyright (c) 2000-2018 Simon Kelley > Compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth DNSSEC loop-detect inotify dumpfile This issue has been extensively discussed here as well: https://discourse.pi-hole.net/t/struggling-with-pihole-ftl/26473 and I have to admit that it's still not clear what was/is the error but it looks like a user induced one. Also because the problem just "disappeared" after some config changes that, apparently, cannot be isolated any more. I also already mentioned how to obtain the embedded dnsmasq's version here on Jan 1st, 2020: https://discourse.pi-hole.net/t/struggling-with-pihole-ftl/26473/39?u=dl6er which was one week before the original poster claimed that we removed this intentionally ... interesting to see how perspectives can differ. Best regards, Dominik On Sun, 2020-01-12 at 16:40 +0100, Geert Stappers wrote: > On Thu, Jan 09, 2020 at 10:33:43PM +0100, Geert Stappers wrote: > > On Wed, Jan 08, 2020 at 04:37:32PM +, Harry Moyes wrote: > > > On 08/01/2020 14:47, wkitt...@gmail.com wrote: > > > > On 1/7/20 2:10 PM, Harry Moyes wrote: > > > > > dnsmasq very usefully reports the compiled in options with > > > > > the -v flag. > > > > > > > > > > The pihole derivative has lost that rather useful feature, so > > > > > exactly what options it has been complied with is hard to > > > > > tell. > > > > > > > > personally speaking, i'd see what it would take to regain that > > > > functionality by contacting the pihole devs and bringing this > > > > defect to > > > > their attention and possibly use your situation as an > > > > example... > > > > > > > > > > I've already mentioned this to the developers. > > > > Any prove of that? > > > > > > > The change is apparently intentional. > > > > Assumed or documented? > > > > My questions from above are indeed terse. > > Let me elaborate > > > > I've already mentioned this to the developers. > > > > > > Any prove of that? > > That question was written in the hope of getting an URL or email > where can be read what was mentioned to the pihole developers. > > I still hope such email or URL pops up. The idea is to ask, > differently as previously, to regain the lost functionality. > > > Groeten > Geert Stappers ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Struggling with multiple nameservers
On Thu, Jan 09, 2020 at 10:33:43PM +0100, Geert Stappers wrote: > On Wed, Jan 08, 2020 at 04:37:32PM +, Harry Moyes wrote: > > On 08/01/2020 14:47, wkitt...@gmail.com wrote: > > > On 1/7/20 2:10 PM, Harry Moyes wrote: > > > > dnsmasq very usefully reports the compiled in options with the -v flag. > > > > > > > > The pihole derivative has lost that rather useful feature, so > > > > exactly what options it has been complied with is hard to tell. > > > > > > > > > personally speaking, i'd see what it would take to regain that > > > functionality by contacting the pihole devs and bringing this defect to > > > their attention and possibly use your situation as an example... > > > > > > > I've already mentioned this to the developers. > > Any prove of that? > > > > The change is apparently intentional. > > Assumed or documented? > My questions from above are indeed terse. Let me elaborate |> > I've already mentioned this to the developers. |> |> Any prove of that? That question was written in the hope of getting an URL or email where can be read what was mentioned to the pihole developers. I still hope such email or URL pops up. The idea is to ask, differently as previously, to regain the lost functionality. Groeten Geert Stappers -- Leven en laten leven ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Struggling with multiple nameservers
On Wed, Jan 08, 2020 at 04:37:32PM +, Harry Moyes wrote: > On 08/01/2020 14:47, wkitt...@gmail.com wrote: > > On 1/7/20 2:10 PM, Harry Moyes wrote: > > > dnsmasq very usefully reports the compiled in options with the -v flag. > > > > > > The pihole derivative has lost that rather useful feature, so > > > exactly what options it has been complied with is hard to tell. > > > > > > personally speaking, i'd see what it would take to regain that > > functionality by contacting the pihole devs and bringing this defect to > > their attention and possibly use your situation as an example... > > > > I've already mentioned this to the developers. Any prove of that? > The change is apparently intentional. Assumed or documented? Groeten Geert Stappers -- Leven en laten leven ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] Struggling with multiple nameservers
whoops posted this reply from the wrong account. trying again. I've already mentioned this to the developers. The change is apparently intentional. On 08/01/2020 14:47, wkitt...@gmail.com wrote: On 1/7/20 2:10 PM, Harry Moyes wrote: dnsmasq very usefully reports the compiled in options with the -v flag. The pihole derivative has lost that rather useful feature, so exactly what options it has been complied with is hard to tell. personally speaking, i'd see what it would take to regain that functionality by contacting the pihole devs and bringing this defect to their attention and possibly use your situation as an example... [/two cents from peanut gallery] ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Struggling with multiple nameservers
On 1/7/20 2:10 PM, Harry Moyes wrote: dnsmasq very usefully reports the compiled in options with the -v flag. The pihole derivative has lost that rather useful feature, so exactly what options it has been complied with is hard to tell. personally speaking, i'd see what it would take to regain that functionality by contacting the pihole devs and bringing this defect to their attention and possibly use your situation as an example... [/two cents from peanut gallery] -- NOTE: No off-list assistance is given without prior approval. *Please keep mailing list traffic on the list unless* *a signed and pre-paid contract is in effect with us.* ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Struggling with multiple nameservers
I now have a functional set up. Exactly what was the issue with the pihole derivative of dnsmasq, is still not not entirely clear. I suspect that the compiled in options used in the pihole derivative differ from the set compiled into the Debian/raspbian version of dnsmasq, that I matched when I compiled the version of dnsmasq2.80. dnsmasq very usefully reports the compiled in options with the -v flag. The pihole derivative has lost that rather useful feature, so exactly what options it has been complied with is hard to tell. The config we have eventually arrived at gives correct behaviour for both versions of dnsmasq and the pihole derivative. However what is also clear is that the issue was not related to dnsmasq in any way, so sorry for disturbing the list. Harry On 01/01/2020 21:54, Harry Moyes wrote: On 01/01/2020 16:30, Geert Stappers wrote: On Wed, Jan 01, 2020 at 03:36:33PM +, Harry Moyes wrote: I have a Raspberry Pi configured with two dummy interfaces in addition to the default Ethernet interface. I have a workable configuration on the pi with unbound and NSD on the two virtual interfaces, and dnsmasq on the Ethernet and loopback interfaces. Workable that is with this package loaded. (present default raspbian default install) dnsmasq/stable,now2.76-5+rpt1+deb9u1 all[installed] dnsmasq- base/stable,now2.76-5+rpt1+deb9u1 armhf [installed,automatic] and this config fragment: Why only a fragment? Brevity ? netadmin@namepi:/etc/dnsmasq.d $ ls 01-pihole.conf 02-pihole.conf README netadmin@namepi: This config is the standard config installed by pihole-FTL netadmin@namepi:/etc/dnsmasq.d $ cat 01-pihole.conf # Pi-hole: A black hole for Internet advertisements # (c) 2017 Pi-hole, LLC (https://pi-hole.net) # Network-wide ad blocking via your own hardware. # # Dnsmasq config for Pi-hole's FTLDNS # # This file is copyright under the latest version of the EUPL. # Please see LICENSE file for your rights under this license. ### # FILE AUTOMATICALLY POPULATED BY PI-HOLE INSTALL/UPDATE PROCEDURE. # # ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE # # # # IF YOU WISH TO CHANGE THE UPSTREAM SERVERS, CHANGE THEM IN: # # /etc/pihole/setupVars.conf # # # # ANY OTHER CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE # # WITHIN /etc/dnsmasq.d/yourname.conf # ### addn-hosts=/etc/pihole/gravity.list addn-hosts=/etc/pihole/black.list addn-hosts=/etc/pihole/local.list localise-queries no-resolv cache-size=1 log-queries log-facility=/var/log/pihole.log local-ttl=2 log-async netadmin@namepi: netadmin@namepi:/etc/dnsmasq.d $ cat 02-pihole.conf # Pi-hole: A black hole for Internet advertisements # (c) 2017 Pi-hole, LLC (https://pi-hole.net) # Network-wide ad blocking via your own hardware. # # Dnsmasq config for Pi-hole's FTLDNS # # This file is copyright under the latest version of the EUPL. # Please see LICENSE file for your rights under this license. ### # This file contains additional directives for pihole-FTL # # to integrate with the unbound and NSD nameservers also active on this Pi # # # # IF YOU WISH TO CHANGE THE UPSTREAM SERVERS, CHANGE THEM IN: # # /etc/pihole/setupVars.conf # ### bind-interfaces listen-address=172.25.25.146 listen-address=127.0.0.1 server=192.168.55.9 no-dhcp-interface=eth0 no-dhcp-interface=dummy0 no-dhcp-interface=dummy1 netadmin@namepi: This config works with the standard raspbian package. netadmin@namepi:/etc/dnsmasq.d $ dnsmasq -v Dnsmasq version 2.76 Copyright (c) 2000-2016 Simon Kelley Compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth DNSSEC loop-detect inotify This software comes with ABSOLUTELY NO WARRANTY. Dnsmasq is free software, and you are welcome to redistribute it under the terms of the GNU General Public License, version 2 or 3. netadmin@namepi:/etc/dnsmasq.d $ It allows three nameservers to co-exist in the same Pi on three separate interfaces. Nameserving functions correctly. My problem is that pihole-FTL does not work with this configuration. even though the interface and port are free, it errors out and refuses to bind. In effect it's ignoring the bind-interfaces directive, trying to bind port 53 on all interfaces, and erroring out, even though the interface and port it is assigned to is available. I'm trying to establish if this change in behaviour has occurred in mainline dnsmasq, or in the pihole-FTL fork. bind-interfaces listen-address=172.25.25.146 }
[Dnsmasq-discuss] Struggling with multiple nameservers
I have a Raspberry Pi configured with two dummy interfaces in addition to the default Ethernet interface. I have a workable configuration on the pi with unbound and NSD on the two virtual interfaces, and dnsmasq on the Ethernet and loopback interfaces. Workable that is with this package loaded. (present default raspbian default install) dnsmasq/stable,now2.76-5+rpt1+deb9u1 all[installed] dnsmasq- base/stable,now2.76-5+rpt1+deb9u1 armhf [installed,automatic] and this config fragment: bind-interfaces listen-address=172.25.25.146listen-address=127.0.0.1server=192.168.55.9 no-dhcp-interface=eth0 no-dhcp-interface=dummy0 no-dhcp-interface=dummy1 This setup is fully functional and does all I ask. **However** I'm actually trying to run pihole-FTL on the Pi, rather than dnsmasq directly, which I'm told, includes a locally derived version of dnsmasq 2.8. That derivative version appears to ignore the bind-interfaces directive, and thus fails to bind the name server ports, even though the specified interfaces are free. The developers of that derivative are convinced that functionally their derivative imports 2.8 in its entirety,simply adds additional monitoring hooks. I'm obviously not expecting assistance with the pihole-FTP but I'd really appreciate any hints of changes intentional or otherwise, that may affect the behaviour of "mainline" dnsmasq with respect its behaviour binding the wildcard interface, that may have taken place between 2.76 and 2.8 to try to understand where the change in behaviour comes from. I'm pretty much convinced I need to build and test a mainline version of dnsmasq 2.8 from source, to localise where the issue is coming from, but I thought I'd respectfully ask here in case someone here can point me in the right direction. Harry ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss