[Dnsmasq-discuss] dns query from localnetwork are blocked
T o n g
mlist4suntong at yahoo.com
Thu Jan 1 19:16:20 GMT 2015
Hi,
I following the following to config dnsmasq as DHCP and DNS server
http://sfxpt.wordpress.com/2013/11/30/dnsmasq-installation-
configuration-5/
It works well till Ubuntu 13.10. However, with Ubuntu 14.10, the dns
query from localnetwork will always timeout. The configurations are
exactly the same, What could be the problem?
>From within localnetwork:
~~~
$ dig google.ca
; <<>> DiG 9.9.5-4.3-Ubuntu <<>> google.ca
;; global options: +cmd
;; connection timed out; no servers could be reached
dig @192.168.2.100 maroon
; <<>> DiG 9.9.5-4.3-Ubuntu <<>> @192.168.2.100 maroon
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
~~~
On the DNS sever itself:
~~~
$ dig google.ca @127.0.0.1
...
;; ANSWER SECTION:
google.ca. 299 IN A 173.194.43.111
...
;; Query time: 50 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
$ dig @192.168.2.100 maroon
...
;; ANSWER SECTION:
maroon. 0 IN A 192.168.2.100
;; Query time: 1 msec
;; SERVER: 192.168.2.100#53(192.168.2.100)
...
~~~
This is the debug output from dnsmasq log:
~~~
Jan 1 13:26:10 maroon dnsmasq[2833]: reply google.ca is 173.194.43.119
Jan 1 13:26:10 maroon dnsmasq[2833]: reply google.ca is 173.194.43.120
*** DEBUG 2015-01-01 13:26:21-05:00 DEBUG ***
Jan 1 13:27:42 maroon dnsmasq[2833]: query[A] maroon from 192.168.2.100
Jan 1 13:27:42 maroon dnsmasq[2833]: /etc/dnsmasq.hosts maroon is
192.168.2.100
*** DEBUG 2015-01-01 13:28:19-05:00 DEBUG ***
~~~
All other dns queries from localnetwork did not generate any log entries.
So, because the local dns query work, I think something is blocking the
dns queries from localnetwork to reach my local DNS server. What could it
be?
I didn't limit the dnsmasq listen address:
~~~
$ grep listen-address /etc/dnsmasq.conf /etc/dnsmasq.d/*
/etc/dnsmasq.conf:#listen-address=
~~~
My /etc/hosts.deny and hosts.allow files are untouched either, and I can
ping my DNS server, and ssh into its IP address as well. So I think the
blocking is only at the DNS level since other access are just fine. It is
not because of iptables rules either:
~~~
$ iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
~~~
Now, I've run out of all the possibilities.
What could be the problem?
Thanks
More information about the Dnsmasq-discuss
mailing list