[Dnsmasq-discuss] Dnsmasq in FreeBSD Jail

Jesco Freund jesco at freund-family.de
Wed Nov 26 10:17:24 GMT 2008 

Hi,

I try to get dnsmasq-2.46 up and running inside a FreeBSD jail. So far I've learned from the logs (debug.log) that the resolving process itself works flawlessly. All requests are either forwareded correctly or served by /etc/hosts entries. However, dnsmasq doesn't send its answer to the client. Here is what a dig dialogue looks like:

dig @127.0.60.10 www.google.com

; <<>> DiG 9.4.2-P1 <<>> @127.0.60.10 www.google.com
; (1 server found)
;; global options:  printcmd
;; connection timed out; no servers could be reached

The logfile for this event reads:

Nov 26 11:03:40 dns dnsmasq[22000]: query[A] www.google.com from 127.0.60.10
Nov 26 11:03:40 dns dnsmasq[22000]: forwarded www.google.com to 11.22.33.44
Nov 26 11:03:40 dns dnsmasq[22000]: forwarded www.google.com to 11.22.33.45
Nov 26 11:03:40 dns dnsmasq[22000]: forwarded www.google.com to 11.22.33.46
Nov 26 11:03:40 dns dnsmasq[22000]: reply www.google.com is <CNAME>
Nov 26 11:03:40 dns dnsmasq[22000]: reply www.l.google.com is 74.125.43.103
Nov 26 11:03:40 dns dnsmasq[22000]: reply www.l.google.com is 74.125.43.147
Nov 26 11:03:40 dns dnsmasq[22000]: reply www.l.google.com is 74.125.43.99
Nov 26 11:03:40 dns dnsmasq[22000]: reply www.l.google.com is 74.125.43.104

127.0.60.10 is the IP address of the jail that runs dnsmasq. I've got the dim feeling this could be linked to the problem that I can't use bind-interfaces. The conjunction of

interface=lo6
bind-interfaces

or

listen-address=127.0.60.10
bind-interfaces

makes dnsmasq failing to start telling me

dnsmasq: unknown interface lo6
resp.
dnsmasq: no interface with address 127.0.60.10

lo6 is a clone of lo0 to provide enough interfaces for all the jails on the machine, and ifconfig (run from inside the jail) shows that interface and address are correct:

ifconfig
...
lo6: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        inet 127.0.60.10 netmask 0xffffff00

Do you have any clues how to solve this? Or am I just barking up the wrong tree?

Regards,
Jesco

More information about the Dnsmasq-discuss mailing list