[Dnsmasq-discuss] Finding actual DNS server used
Albert ARIBAUD
albert.aribaud at free.fr
Sun Jan 15 11:14:42 GMT 2017
Hi Chris,
Le Sun, 15 Jan 2017 09:53:00 +0000
Chris Green <cl at isbd.net> a écrit:
> On Sun, Jan 15, 2017 at 09:21:25AM +0100, Albert ARIBAUD wrote:
> > Hi Chris,
> >
> > Le Sat, 14 Jan 2017 19:27:28 +0000
> > Chris Green <cl at isbd.net> a écrit:
> >
> > (re getting dnsmasq to say which upstream servers it uses)
> >
> > > Why is is so difficult to provide this information? At the very
> > > least it would provide a confidence check that all is working as
> > > intended. It might very well help if something isn't working
> > > too.
> >
> > It is not difficult at all to get this information. It's just that
> > dnsmasq does not provide any "API" to get it, because it's easy to
> > get it otherwise for diagnosis purposes.
> >
> > For diagnosis, the operator can:
> >
> > - read the configuration file(s) dnsmasq uses and find "server="
> > lines in it, and read the /etc/resolv* tree, if dnsmasq uses them,
> > and that will give the list of servers dnmasq uses at any point in
> > time.
> >
> There aren't any! These are systems where dnsmasq is run by Network
> Manager rather than directly, thus there is no spcific dnsmasq
> configuration file.
... and then the configuration is known from the dnsmasq process command
line. So let me amend my statement above: "... read the configuration
options, from the dnsmasq process command line if it contains any, and
from the configuration file or files if applicable".
> > - log DNS queries, which will give the additional info about
> > which client actually queried dnsmasq, which queries were cached
> > vs sent upstream (to which server), and what the answer was.
> >
> > - run tcpdump or wireshark on the dnsmasq host or on the DNS client
> > (or both for troubleshooting e.g. timing-related issues). This will
> > give a full view of DNS exchanges on the considerd machine, to the
> > last bit, litterally.
> >
> > So, from a diagnosis point of view, pulling the actual list of
> > servers from a running dnsmasq is not that much of a need.
> >
> It would be a whole lot easier than the above though wouldn't it?
It would be more straightforward, but not a whole lot easier: the
tcpdump command is dead simple, as is reading the wireshark log.
> To 'log DNS queries' one may have to actually stop and start the
> system and that may well make the problem one is trying to look at
> disappear.
So would modifying the dnsmasq code to add diagnostics-related
features, actually. :)
Seriously, though: diagnostics always run the risk of affecting the
issue anyway. Even doing a tcpdump could stop a time-sensitive bug fom
appearing.
So I don't personally consider the 'debugging risks affecting the
issue' criterion much.
Besides, in my empirical experience, the specific act of turning
logging on for DNS or DHCP never affected any issue I ever came
across, except in the sense that it helped pinpoint the root cause, but
of course YMMV.
Note: if stopping/starting the dnsmasq server [without any logging
added or removed] makes Lars' client work again, then it is valuable
input to diagnosing the issue.
> Both tcpdump and wireshark are quite esoteric utilities, it would take
> quite a bit of knowledge of using them to extract the required
> information.
I would disagree on the 'esoteric' point, or at least I would make a
difference between becoming generally proficient with tcpdump/wireshark
and using it for a given purpose.
Indeed, if trying to master all of tcpdump/wireshark's features, these
tool will look quite esoteric.
But one does not need to /master/ tcpdump in order to get a capture of
DNS traffic; one does just need to install the tools (which is *not*
esoteric) and to know which commands to run (and finding thes commands
it not an esoteric task either; it takes less than a minute's googling).
Granted, that won't make this person a tcpdump guru, but it will get
the DNS diagnostic job done.
> Surely there's a case for something that simply lists the upstream DNS
> servers that a dnsmasq instance is using.
Which would it be? For DNS troubleshooting, equally simple tools can be
used (and put to good profit later on for other network issues).
Amicalement,
--
Albert.
More information about the Dnsmasq-discuss
mailing list