[Dnsmasq-discuss] Dnsmasq in FreeBSD Jail
Jesco Freund
jesco at freund-family.de
Wed Nov 26 10:17:24 GMT 2008
Hi,
I try to get dnsmasq-2.46 up and running inside a FreeBSD jail. So far I've learned from the logs (debug.log) that the resolving process itself works flawlessly. All requests are either forwareded correctly or served by /etc/hosts entries. However, dnsmasq doesn't send its answer to the client. Here is what a dig dialogue looks like:
dig @127.0.60.10 www.google.com
; <<>> DiG 9.4.2-P1 <<>> @127.0.60.10 www.google.com
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
The logfile for this event reads:
Nov 26 11:03:40 dns dnsmasq[22000]: query[A] www.google.com from 127.0.60.10
Nov 26 11:03:40 dns dnsmasq[22000]: forwarded www.google.com to 11.22.33.44
Nov 26 11:03:40 dns dnsmasq[22000]: forwarded www.google.com to 11.22.33.45
Nov 26 11:03:40 dns dnsmasq[22000]: forwarded www.google.com to 11.22.33.46
Nov 26 11:03:40 dns dnsmasq[22000]: reply www.google.com is <CNAME>
Nov 26 11:03:40 dns dnsmasq[22000]: reply www.l.google.com is 74.125.43.103
Nov 26 11:03:40 dns dnsmasq[22000]: reply www.l.google.com is 74.125.43.147
Nov 26 11:03:40 dns dnsmasq[22000]: reply www.l.google.com is 74.125.43.99
Nov 26 11:03:40 dns dnsmasq[22000]: reply www.l.google.com is 74.125.43.104
127.0.60.10 is the IP address of the jail that runs dnsmasq. I've got the dim feeling this could be linked to the problem that I can't use bind-interfaces. The conjunction of
interface=lo6
bind-interfaces
or
listen-address=127.0.60.10
bind-interfaces
makes dnsmasq failing to start telling me
dnsmasq: unknown interface lo6
resp.
dnsmasq: no interface with address 127.0.60.10
lo6 is a clone of lo0 to provide enough interfaces for all the jails on the machine, and ifconfig (run from inside the jail) shows that interface and address are correct:
ifconfig
...
lo6: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
inet 127.0.60.10 netmask 0xffffff00
Do you have any clues how to solve this? Or am I just barking up the wrong tree?
Regards,
Jesco
More information about the Dnsmasq-discuss
mailing list