[Dnsmasq-discuss] DNSmasq forwarding to DNS doesn't works
Matthias Andree
matthias.andree at gmx.de
Fri Aug 26 10:17:35 BST 2011
Am 26.08.2011 10:44, schrieb Jérémie SYLVAND:
> Hello,
>
> We are trying to move from dhcpd + bind to dnsmasq for our small company.
> On the test server, the dhcp provided by dnsmasq works properly, as the
> internal dns who works better than we want : it's possible to ping the
> machine's name given in the dnsmasq.conf, but also the machine's name
> written on the machine (who is different), very good !
> But I'm having an issue with the forwarding to external DNS. My DNS
> can't resolve a request like google.com <http://google.com> so it must
> send it to a DNS upstream, like the DNS of my Internet Servcie Provider/.
> /What I have understood is dnsmasq read the file resolv.conf (or the
> file we have provided) to know DNS upstream, but it doesn't work for me.
>
> Here is options I have provided in my dnmasq.conf file (without all
> comments):
>
> bogus-priv
> expand-hosts
> resolv-file=/etc/resolv.conf
> all-servers
> domain=city.domain.com <http://city.domain.com>
> interface=eth0
> dhcp-range=eth0,192.168.0.180,192.168.0.200,12h
...
> log-queries
> log-dhcp
>
> In the file resolv.conf:
>
> search city.domain.com <http://city.domain.com>
> nameserver 127.0.0.1
> nameserver <ISP 1 IP address1>
> nameserver <ISP 1 IP address2>
> nameserver <ISP 2 IP address1>
> nameserver <ISP 2 IP address2>
>
> I don't understand why it doesn't work, probably because I don't have
> understood the real functioning of dnsmasq...
> Can you help me ?
Jérémie,
the "nameserver 127.0.0.1" is a problem here, because dnsmasq
effectively forwards to itself. I propose the following:
1. modify your dnsmasq.conf:
Add lines similar to these, replacing the IP addresses by the actual
ISPs' DNS resolver addresses:
no-resolv
server 10.0.11.11
server 10.0.11.12
server 172.16.0.111
server 172.16.0.112
Note that there must not be a server 127.0.0.1 line!
2. modify your /etc/resolv.conf to read only:
search city.example.com
nameserver 127.0.0.1
3. kill and restart dnsmasq
4. if it does not work, try if adding "bind-interfaces" and restarting
dnsmasq helps. It may make things better or worse for you.
If nothing works, please show dnsmasq logs -- you've already set
log-queries.
More information about the Dnsmasq-discuss
mailing list