[Dnsmasq-discuss] DNS redundant queries to internet and extranet
Simon Kelley
simon at thekelleys.org.uk
Mon Jun 23 11:14:58 BST 2008
Arno Wald wrote:
> Hello,
>
> I am not sure if the dnsmasq mailing list is the right place to ask
> this. Please excuse me, if not. But I do not have an idea in which layer
> of the whole network configuration I have to check the configuration.
>
> The situation: I have one PC running dnsmasq that has different network
> interfaces
> * one goes to a DSL-modem (pppoe) to connect to the internet.
> * one is for my local LAN (that I have named ".here").
> * only when I need it, I turn on openvpn to have access to the LAN of my
> office network (that I now do call ".myoffice.de").
>
> In the debug.log of dnsmasq I see that when accessing a site in the
> internet, not only the internet-DNS of my provider is queried for the
> site-name, but also resolving of site.here and site.myoffice.de does
> happen:
>
> : query[A] www.pro-linux.de from 127.0.0.1
> : forwarded www.pro-linux.de to 194.8.194.60 # my provider's DNS
> : query[AAAA] www.pro-linux.de from 127.0.0.1
> : forwarded www.pro-linux.de to 194.8.194.60
> : reply www.pro-linux.de is 213.239.211.178 # IP is found!
> : query[AAAA] www.pro-linux.de.here from 127.0.0.1
> : config www.pro-linux.de.here is NXDOMAIN-IPv6
> : query[AAAA] www.pro-linux.de.myoffice.de from 127.0.0.1
> : forwarded www.pro-linux.de.myoffice.de to xxx.xxx.xxx.xxx
>
> (I have x-ed out the last IP address)
>
> Why does this happen as the first query allready answers the host-IP? I
> had expected that the resolv.conf "search" path only is walked through
> as long as the IP-address cannot be found.
>
> --- resolv.conf ----
> nameserver 127.0.0.1
> search here myoffice.de
> --------------------
>
> --- dnsmasq.conf (only the important lines ---
> domain-needed
> bogus-priv
> resolv-file=/etc/ppp/resolv.conf
> server=/myoffice.de/xxx.xxx.xxx.xxx
> local=/localnet/
> local=/here/
> ----------------------------------------------
>
> Does anybody has an idea how to change this? I do not want myoffice's
> DNS to see all the sites that I am visiting.
>
> Who is doing all the queries? Is it the application (konqueror), the
> resolver or dnsmasq?
>
The extra queries are for IPv6 addresses. Best to find a way to disable
IPv6 on your machine.
Cheers,
Simon.
More information about the Dnsmasq-discuss
mailing list