[Dnsmasq-discuss] DNS refused when internet is down

Duncan Webb duncan-lists at uniqfeed.com
Tue Dec 1 09:52:35 GMT 2020


On 01/12/2020 10:24, Matus UHLAR - fantomas wrote:
>>>> On 11/25/2020 9:31 AM, Duncan Webb wrote:
>>>>> When the internet is down for some external reason nslookup is 
>>>>> returning
>>>>> "Connection to DNS 10.0.0.1 was refused" when looking up a host on 
>>>>> the
>>>>> LAN that has its IP from DHCP. Both DHCP and DNS are provided by 
>>>>> dnsmasq.
>>>>>
>>>>> Is this the expected behaviour or a misconfiguration?
>
>>> On Wed, Nov 25, 2020 at 10:44:34AM +0100, john doe wrote:
>>>> No, this is not the expected behavior.
>
>> On 26/11/2020 08:31, Geert Stappers wrote:
>>> Also my first impression, on second thought: "It could be" ...
>
>>>> We can not say
>>>> where the issue lies with the little information you have provided.
>
>>> So please make your problem an interesting challenge for the ML ;-)
>
> On 01.12.20 09:32, Duncan Webb wrote:
>> The problem can be reproduced by disconnecting the cable to the ADSL 
>> router. As soon as the cable is removed then a nslookup will return a 
>> "Connection to DNS 10.0.0.1 was refused" reply for every query.
>
> which server does 10.0.0.1 belong to?  apparently not to your router, as
> I don't see this address as argument to --listen-address.

Sorry this was a typo should have been 10.99.0.1 (can't pull that cable 
out at the moment to get the exact message)

>
>> I would expect that hosts on the LAN that have been provided an IP 
>> address from the dnsmasq DHCP server to resolve.
>
> hosts on the lan should be resolved by dnsmasq, but unreachable address
> can't resolve them.
>
>> The configuration is all on the command line and this is
>>
>> /usr/local/sbin/dnsmasq --all-servers -H /var/etc/dnsmasq-hosts
>> --listen-address=192.168.0.254 --listen-address=10.99.2.1
>> --listen-address=10.99.0.1 --listen-address=10.99.128.1
>> --listen-address=127.0.0.1 --listen-address=::1 --bind-interfaces
>> --server=/example.net/10.99.0.1 --server=/opcase.private/10.99.130.1
>> --server=/130.99.10.in-addr.arpa/10.99.130.1
>> --server=/opcase1.private/10.99.144.1
>> --server=/144.99.10.in-addr.arpa/10.99.144.1 --dns-forward-max=5000
>> --cache-size=10000 --local-ttl=1
>> --conf-dir=/usr/local/etc/dnsmasq.conf.d,*.conf
>>
>> I don't think that the options --server=/opcase.private/10.99.130.1 
>> where the server is offline could be causing this but for 
>> completeness both the servers 10.99.130.1 and 10.99.144.1 are offline.
>>
>> The --conf-dir directory has no .conf files.
>>
>> The firewall is OPNsense which based on BSD and I don't think this is 
>> relevant to this specific problem.
>>
>> example.net is not the real domain. The contents of 
>> /var/etc/dnsmasq-hosts contains lines like this:
>>
>> 10.99.0.201 w1.example.net w1
>> 10.99.0.202 w2.example.net w2
>> 10.99.0.203 w3.example.net w3
>>
>> It is these addresses that I would expect to be resolved.
>



More information about the Dnsmasq-discuss mailing list