Re: [Dnsmasq-discuss] Dnsmaq giving default gateway address as dns server on DHCP offer
If it doesn't work when started at boot, but does if you started it manually, the most likely reason is that the boot scripts are passing command-line options such as a different config file. If you edited the default config file, when you start dnsmasq by hand, that's the one it finds. The command line arguments of the auto-launched dnsmasq instance should give further information (the 'ps' command should show the command lines of running processes) On Sun, Aug 6, 2017 at 1:07 PM, Anoop Ravi wrote: > That seems to be correct. That may be the reason why it is working > when i give dhcp-option 6. > > Do you have any guess what could be going wrong? Is there any flag > which I need to enable to make dnsmasq work as dns server as well? > > I have seen a strage behavior as well. Resolution wont work on bootup. > But when I restart dnsmasq(killing PID and starting commandline) it > works. Do you have any clue? > > Any help is much appreciated. > > Thanks, > Anoop > > On 8/6/17, richardvo...@gmail.com wrote: > > One clear difference is that the query that succeeded is for a different > > name than the one that failed. > > > > But the bigger problem is that the reply is somehow going straight to the > > client. When dnsmasq is acting as a caching proxy, these steps happen: > > > > 1. the client sends a query to dnsmasq > > 2. dnsmasq checks its cache and doesn't find a match > > 3. dnsmasq sends a query to the upstream server > > 4. the upstream server sends a reply to dnsmasq > > 5. dnsmasq adds the information to its cache > > 6. dnsmasq sends a reply to the client > > > > In your capture, #4 isn't happening -- the reply destination address is > > wrong. > > > > > > > > On Sun, Aug 6, 2017 at 12:47 PM, Anoop Ravi > wrote: > > > >> Hi Richard, > >> > >> I dont want to use dhcp-option 6 to override nameservers. I took a > >> packet capture on both local lan interface and the interface which > >> talks to outside world. I could see that in both scenarios (working > >> and nonworking), names are getting resolved at the outer interface. > >> But somehow query is getting refused at the local interface. Do you > >> have any clue why this is happening? > >> > >> Attaching screenshot of comparison on local interface packet capture. > >> > >> Thanks, > >> Anoop > >> > > > > > -- > Anoop. > ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Dnsmaq giving default gateway address as dns server on DHCP offer
The default configuration of dnsmasq is to act as a caching proxy server (this behavior of dnsmasq has existed before dhcp support). There are a few reasons the proxying could fail, chief among them being firewall rules. If that isn't the problem, increasing the logging detail may give further clues. If you want to use dnsmasq only as a DHCP server and not a DNS cache, then configuring dhcp-option 6 is the right approach. Note that in this case you won't be able to look up computers by their dhcp hostname. A quick summary of nameserver settings: Lookups from other software on the dnsmasq server: uses /etc/resolv.conf Lookups from dnsmasq (proxy on behalf of clients): defaults to using /etc/resolv.conf, can be overridden via --server and/or --resolv-file options option "DNS server" sent to DHCP clients: defaults to the IP address of the dnsmasq server that's in the same block as the address given out, can be overridden with --dhcp-option 6 On Sun, Aug 6, 2017 at 1:43 AM, Anoop Ravi wrote: > Hi, > > Richard, > As you said, I was under an impression that dnsmasq will provide all the > nameserver entries in resolv.conf to the clients. Thank you for correcting > me. > > But, my clients are not resoving the names with this configuration. It is > getting correct domain name and server ip as dns server. If I manually add > resolv.conf entries into dnsmasq.conf using dhcp-option 6, then it will > start resolving. I can see clients getting nameserver ip at this time. > > What could be the reason for this behaviour? > > Thanks > > ___ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Dnsmaq giving default gateway address as dns server on DHCP offer
Hi, Richard, As you said, I was under an impression that dnsmasq will provide all the nameserver entries in resolv.conf to the clients. Thank you for correcting me. But, my clients are not resoving the names with this configuration. It is getting correct domain name and server ip as dns server. If I manually add resolv.conf entries into dnsmasq.conf using dhcp-option 6, then it will start resolving. I can see clients getting nameserver ip at this time. What could be the reason for this behaviour? Thanks ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Dnsmaq giving default gateway address as dns server on DHCP offer
dnsmasq is capable of being the first DNS for clients and determining which requests should go to the AD controller and which to external DNS. Or, the configuration you describe is also possible. Where Ravi appears to have gone wrong is in thinking that /etc/resolv.conf addresses would be sent to client. dnsmasq never does that. On Sat, Aug 5, 2017 at 12:35 PM, wrote: > On 08/05/2017 11:43 AM, /dev/rob0 wrote: > >> Yes, there is an option you can use in dnsmasq.conf to change the >> nameserver[s] given to DHCP clients, but why do you want that? See the >> dnsmasq(8) manual for details. >> > > one possibility is on an AD network where all device DNS lookups go > through the AD controller... the AD controller then talks to dnsmasq > running on the perimeter firewall and handles the lookups to outside DNS > servers... everything inside the AD network being restricted to the AD > network so no individual devices can make lookups outside... they can only > talk to the AD controller for DNS and the AD controller can only talk to > dnsmasq for DNS... the AD controller is not the perimeter device for > traffic headed outside of the AD network... the perimeter firewall running > dnsmasq is, though... > > > -- > NOTE: No off-list assistance is given without prior approval. >*Please keep mailing list traffic on the list unless* >*a signed and pre-paid contract is in effect with us.* > > > ___ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Dnsmaq giving default gateway address as dns server on DHCP offer
On 08/05/2017 11:43 AM, /dev/rob0 wrote: Yes, there is an option you can use in dnsmasq.conf to change the nameserver[s] given to DHCP clients, but why do you want that? See the dnsmasq(8) manual for details. one possibility is on an AD network where all device DNS lookups go through the AD controller... the AD controller then talks to dnsmasq running on the perimeter firewall and handles the lookups to outside DNS servers... everything inside the AD network being restricted to the AD network so no individual devices can make lookups outside... they can only talk to the AD controller for DNS and the AD controller can only talk to dnsmasq for DNS... the AD controller is not the perimeter device for traffic headed outside of the AD network... the perimeter firewall running dnsmasq is, though... -- NOTE: No off-list assistance is given without prior approval. *Please keep mailing list traffic on the list unless* *a signed and pre-paid contract is in effect with us.* ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Dnsmaq giving default gateway address as dns server on DHCP offer
On Fri, Aug 04, 2017 at 09:53:52PM -0700, Anoop Ravi wrote: > I am using dnsmasq as dns and dhcp server on my device. Somehow > dnsmasq is not giving correct dns server address to my clients. > Instead it is giving default gateway ip. I have correct dns servers > listed in resolv.conf and my dnsmasq.conf is pointing to correct > resolv file using "resolv-file" parameter. I am running dnsmasq as > below. > > dnsmasq -u nobody -q --dhcp-authoritative -C /var/dnsmasq.conf > > From the logs,I could see that it is reading resolv.conf > > reading /etc/resolv.conf > using nameserver xx.xx.xx.xx#53 > using nameserver xx.xx.xx.xx#53 > using nameserver xx.xx.xx.xx#53 > > While client connects, I can see that dnsmasq offering default > gateway address as dns-server ip. > > sent size: 4 option: 6 dns-server x.x.x.x > > Is there anything wrong in my parameters? why is not giving > correct dns servers? Nothing in your post indicates why you think that's incorrect; dnsmasq IS a DNS server. Typically that's what you want, for all local DHCP clients to use dnsmasq as DNS server. The point being: to have local name resolution and to have one central cache for external names. Yes, there is an option you can use in dnsmasq.conf to change the nameserver[s] given to DHCP clients, but why do you want that? See the dnsmasq(8) manual for details. -- http://rob0.nodns4.us/ Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss