[Dnsmasq-discuss] Fwd: dnsmasq localise-queries + addn-hosts

Geert Stappers stappers at stappers.nl
Sun Apr 5 16:11:11 BST 2020 

On Sun, Apr 05, 2020 at 02:48:34PM +0100, Jake Howard wrote:
> On Sat, 4 Apr 2020, at 19:01, Simon Kelley wrote:
> > On 31/03/2020 13:51, Jake Howard wrote:
> > > On Mon, 30 Mar 2020, at 20:42, Simon Kelley wrote:
> > >> On 28/03/2020 20:38, Jake Howard wrote:
> > >>>   ....    
> > >>
> > >> OK, what you're expecting to happen and what I'm expecting to happen are
> > >> the same. That's good.
> > >>
> > >> I just did a quick test, and it seems to work fine for me.

> > >>     ... works for me ...

> > >> If it's not working for you, that's a bug, but we need to find what it
> > >> is about your setup that tickles the bug.
> > >>
> > >> Can you boil it down to the simplest configuration that displays the
> > >> problem, and also specify which version of dnsmasq you're using?
> > >>
> > > Hello!
> > > 
> > > Had a breakthrough on what's going on, and it's down to a caveat I
> > > missed when reading the man page on localise-queries:
> > > 
> > > " Return answers to DNS queries from /etc/hosts and *--interface-name*
> > > " which depend on the interface over which the query was received.
> > > 
> > > And of course, this issue has to do with docker. With Docker, even
> > > though the container is listening on 2 different interfaces, and 2
> > > different IPs, the inner container, and thus dnsmasq, only sees 1
> > > interface, with all addresses coming from it. Hence localisation isn't
> > > quite working.

Ah "Docker". It would have helped to share that information earlier ...


> > > If I run dnsmasq with the exact same config but on the host, where it
> > > can see the different interfaces, works perfectly!

Acknowledge   (and thanks for the compliment)


> > > Testing was done in 2.79 and 2.76, with a config file practically
> > > identical to your CLI arguments.
> > > 
> > > Technically, there's not a bug here per-say, but it'd be really handy if
> > > there was a way of looking at the source IP when determining which
> > > record to return rather than just the interface?



> > Dnsmasq uses the _destination_ address of the query. I'm not familiar
> > with Docker. Is it using NAT?
> 
> Can't say i'm especially familiar with Docker's networking stack,
> but it definitely looks and feels like something NAT-ish to me!
> Interestingly enough, the log entry for where the query came from is
> correctly detected, but I guess it's not using that address to localise?
> 
> eg:
> Apr  5 14:44:59 dnsmasq[505]: query[A] github.com from 10.23.0.23
> Apr  5 14:44:59 dnsmasq[505]: forwarded github.com to 1.0.0.1
> Apr  5 14:44:59 dnsmasq[505]: reply github.com is 140.82.118.3
> 
> Are the addresses used in the log and the destination address different?


Please elaborate that question,  especially "destination address".



Regards
Geert Stappers
-- 
Silence is hard to parse

More information about the Dnsmasq-discuss mailing list