[Dnsmasq-discuss] Make dnsmasq distinguish local IPs
Petr Menšík
pemensik at redhat.com
Tue Jul 21 13:42:02 BST 2020
I would check what addresses it is listening on. I think it considers
all loopback addresses its own. Probably because it would accept queries
to that address if you stop unbound.
It might help, if you configured it with this:
bind-interfaces
except-interface=lo0
listen-address=127.0.0.21
It would listen only on 127.0.0.21 and consider all other addresses not
its own. I think it should send queries there. It should then accept:
server=127.0.0.20
without ignoring it this way.
On 7/20/20 4:35 PM, László Károlyi wrote:
> Hi Petr,
>
> as you have seen in the original email, it is dnsmasq that refuses to
> use the lo0 interface to communicate with the IP 127.0.0.20:
>
> Jul 20 13:33:23 ksol dnsmasq[99396]: ignoring nameserver 127.0.0.20 -
> local interface
>
> When querying manually from the host env to the jailed unbound, I get
> proper DNS responses. This was something I did pay extra attention to
> get it working from the get-go. See:
>
> Citing my configs here makes no sense as you can see it's working already.
>
> Cheers,
> --
> László Károlyi
> http://linkedin.com/in/karolyi
>
> On 2020-07-20 16:12, Petr Menšík wrote:
>> Hi László,
>>
>> are you sure it is dnsmasq, who is rejecting the communication?
>> Unbound has by default disabled commuinication on localhost. If you have
>> any other servers running along it, you have to use:
>>
>> do-not-query-localhost: no
>>
>> to override defaults. But that has to be done on unbound side. AFAIK
>> dnsmasq does not have any such limitation. It does limit only
>> per-interface, all required is to configure interface=lo, which is
>> enabled by default.
>>
>> How many interface= statements do you have in configuration? Is
>> localhost included?
>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
--
Petr Menšík
Software Engineer
Red Hat, http://www.redhat.com/
email: pemensik at redhat.com
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20200721/5bdfe810/attachment.sig>
More information about the Dnsmasq-discuss
mailing list