[Dnsmasq-discuss] Problem with forwarded TCP queries

Simon Kelley simon at thekelleys.org.uk
Wed Nov 14 11:15:24 GMT 2007 

Simon Capper wrote:
> I have dnsmasq (2.35) set up to forward queries for a private domain to a
> private dns server, all other queries go to the servers in /etc/resolv. The
> server also uses a different source port than the default.
> 
> The dnsmaq config for this server looks like:
> 
> server=/sub.my_domain/my_domain/10.15.15.12 at 1.0.0.1
> 
> When I query "server1.my_domain" using UDP the source address of the
> query is 1.0.0.1 as expected.
> When I do the same query using TCP the source address is not being set and
> the query fails because the socket is trying to connect from the wrong
> interface.
> 
> I applied this patch to bind the TCP query to the source address in the
> config file. 
> 
> Should a TCP query honor the source address

Yes, that it doesn't is an oversight. The "source address" feature is
rarely used, and TCP queries are rarely used also. You may well be the
first person to try and use them both!

> and is this the best way to fix this problem?
It looks fine to me. The current development version of dnsmasq allows
traffic for a particular server to be sent via interface using config
that looks like

server=1.2.3.4 at eth0

That needs to be handled in this case too, which needs slighly more
complex code.

I'll put something together and make a test release soon.

Thanks for the heads-up.


Cheers,

Simon.


> 
> 
> ==== /src_orig/forward.c#1 - /src/forward.c ====
> @@ -749,6 +749,7 @@
>            
>            if ((last_server->tcpfd == -1) &&
>                (last_server->tcpfd = socket(last_server->addr.sa.sa_family,
> SOCK_STREAM, 0)) != -1 &&
> +              bind(last_server->tcpfd, &last_server->source_addr.sa,
> sa_len(&last_server->source_addr)) != -1 &&
>                connect(last_server->tcpfd, &last_server->addr.sa,
> sa_len(&last_server->addr)) == -1)
>              {
>                close(last_server->tcpfd);
>  
> 
> Thanks,
> 
> Simon
> 
> 
> 
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>

More information about the Dnsmasq-discuss mailing list