[Dnsmasq-discuss] Becoming authoritative DNS for additional netblock

A C agcme at hotmail.com
Tue Dec 1 23:40:01 GMT 2015


On 2015-12-01 13:22, Albert ARIBAUD wrote:
> Hi "A C",
> 
> Le Tue, 1 Dec 2015 09:59:07 -0800
> A C <agcme at hotmail.com> a écrit:
> 
> (note : local= is synonymous to server=)
> 
>> local=/example.com/
> 
> This one means *example.com should be resolved by reading /etc/hosts
> or the DHCP lease info.

Right, that's what I expect.  The docs say, though, that a more specific
version will take precedence over a more general version.  So
/vpn.example.com/ should take precedence over /example.com/ when
performing the redirect.  If that's not the case then the docs should
reflect that.

> 
>> local=/vpn.example.com/
>> server=/vpn.example.com/10.0.0.140
>

> Those two are contradictory since they specify the same domain. What

> happens then, I don't know, but f the first line wins, then

> *vpn.example.com will be resolved using /etc/hosts or DHCP leases, and

> therefore will fail.

>

I took out the second local statement but it still didn't help.  I
didn't have that at first, I only had the server statement.  When that
didn't work I added local on a whim to see what happened.  The same
result with only that server line, NXDOMAIN.


>> server=/0.100.10.in-addr.arpa/10.0.0.140
> 
> This one should forward reverse resolutions for 10.100.0.* to the VPN
> server. I believe you have not shown results of a reverse resolution,
> be it to 10.0.0.* or 10.100.0.*.


Same as the others, NXDOMAIN.  The router's copy of dnsmasq just doesn't
forward the queries to the VPN server.




More information about the Dnsmasq-discuss mailing list