[Dnsmasq-discuss] Fwd: dnsmasq localise-queries + addn-hosts

Jake Howard jake+dnsmasq at theorangeone.net
Tue Mar 31 13:51:35 BST 2020


Hello!

Had a breakthrough on what's going on, and it's down to a caveat I missed when reading the man page on localise-queries:

> Return answers to DNS queries from /etc/hosts and *--interface-name* which depend on the interface over which the query was received.

And of course, this issue has to do with docker. With Docker, even though the container is listening on 2 different interfaces, and 2 different IPs, the inner container, and thus dnsmasq, only sees 1 interface, with all addresses coming from it. Hence localisation isn't quite working.

If I run dnsmasq with the exact same config but on the host, where it can see the different interfaces, works perfectly!
Testing was done in 2.79 and 2.76, with a config file practically identical to your CLI arguments.

Technically, there's not a bug here per-say, but it'd be really handy if there was a way of looking at the source IP when determining which record to return rather than just the interface?

Thanks!

On Mon, 30 Mar 2020, at 20:42, Simon Kelley wrote:
> On 28/03/2020 20:38, Jake Howard wrote:
> > Hi,
> > 
> > My intention is to have 1 dnsmasq instance, accessible over 2 interfaces
> > (listening on all), and have the response to a query differ based on the
> > interface, and therefore its incoming IP. From what i've read, that's
> > exactly what localise-queries is meant to do, but it doesn't appear to
> > be unless I put the entries into /etc/hosts directly.
> 
> 
> OK, what you're expecting to happen and what I'm expecting to happen are
> the same. That's good.
> 
> I just did a quick test, and it seems to work fine for me. The
> example.com addresses are in /tmp/hosts.
> 
> 
> srk at holly:~/dnsmasq/dnsmasq$ src/dnsmasq -d --log-queries
> --localise-queries -p 10000 --addn-hosts=/tmp/hosts
> dnsmasq: started, version 2.81rc4-5-gd162bee cachesize 150
> dnsmasq: compile time options: IPv6 GNU-getopt no-DBus no-UBus no-i18n
> no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth no-DNSSEC
> loop-detect inotify dumpfile
> dnsmasq: reading /etc/resolv.conf
> dnsmasq: using nameserver 127.0.1.1#53
> dnsmasq: read /etc/hosts - 9 addresses
> dnsmasq: read /tmp/hosts - 2 addresses
> dnsmasq: query[A] example.com from 127.0.0.1
> dnsmasq: /tmp/hosts example.com is 192.168.151.43
> dnsmasq: /tmp/hosts example.com is 192.168.150.43
> dnsmasq: query[A] example.com from 192.168.150.49
> dnsmasq: /tmp/hosts example.com is 192.168.150.43
> 
> 
> If it's not working for you, that's a bug, but we need to find what it
> is about your setup that tickles the bug.
> 
> Can you boil it down to the simplest configuration that displays the
> problem, and also specify which version of dnsmasq you're using?
> 
> 
> cheers,
> 
> Simon.
> 
> 
> > 
> > Thanks,
> > - Jake Howard
> > 
> > On Sat, 28 Mar 2020, at 17:59, Simon Kelley wrote:
> >> On 19/03/2020 21:47, Jake Howard wrote:
> >> > Hello!
> >> > 
> >> > Is `localise-queries` meant to work against entries added via 
> >> > `addn-hosts`? Querying a record returns both IPs, but always in the
> >> same 
> >> > order. The order is correctly fixed when the records are put in 
> >> > `/etc/hosts` directly.
> >>
> >>
> >> Yes, localise-queries works with entries added via addn-hosts, but it
> >> doesn't have anything to do with the order that records appear, so that
> >> doesn't address your problem. What are you trying to achieve?
> >>
> >>
> >> Simon.
> >>
> >>
> >> > 
> >> > Config:
> >> > 
> >> > ```
> >> > localise-queries
> >> > no-resolv
> >> > cache-size=10000
> >> > log-queries
> >> > log-facility=/var/log/pihole.log
> >> > local-ttl=2
> >> > log-async
> >> > server=8.8.8.8
> >> > server=8.8.4.4
> >> > server=1.1.1.1
> >> > server=1.0.0.1
> >> > interface=eth0
> >> > server=/use-application-dns.net/
> >> > 
> >> > addn-hosts=/etc/vpn-hosts.conf
> >> > localise-queries
> >> > 
> >> > ```
> >> > 
> >> > This is from pihole, but AFAIK that shouldn't make a difference if I'm 
> >> > modifying the config directly.
> >> > 
> >> > Would appreciate some input, or being told i'm wrong!
> >> > 
> >> > Thanks,
> >> > 
> >> > - Jake Howard
> >> > 
> >> > 
> >> > 
> >> > 
> >> > _______________________________________________
> >> > Dnsmasq-discuss mailing list
> >> > Dnsmasq-discuss at lists.thekelleys.org.uk
> >> > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> >> > 
> >>
> >>
> >> _______________________________________________
> >> Dnsmasq-discuss mailing list
> >> Dnsmasq-discuss at lists.thekelleys.org.uk
> >> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> >>
> > 
> > 
> > _______________________________________________
> > Dnsmasq-discuss mailing list
> > Dnsmasq-discuss at lists.thekelleys.org.uk
> > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> > 
> 
> 
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20200331/c5e98e44/attachment.html>


More information about the Dnsmasq-discuss mailing list