<HTML>
<div><font style="font-family: tahoma,arial,helvetica,sans-serif; font-size:
12pt;">
<div><span style="font-size: 10pt;">Hi Richard,<br />
</span></div>
<div><span style="font-size: 10pt;"><br />
</span></div>
<div><span style="font-size: 10pt;">I own the the domain mirmana.com which
points with most of its records including a wildcard to my private
DSL-connection on which I have a DD-WRT router.<br />
</span></div>
<div><span style="font-size: 10pt;"><br />
</span></div>
<div><span style="font-size: 10pt;">DD-WRT is running DNSMasq for its DHCP
& DNS.<br />
</span></div>
<div><span style="font-size: 10pt;">I have set my local domain also to
mirmana.com.<br />
</span></div>
<div><span style="font-size: 10pt;">I know this should really be
mirmana.local, but I'm doing this so my portable devices will access the
LAN-side of the services when they are used local and will get forwarded by
the router when they access these same services from WAN.<br />
</span></div>
<div><span style="font-size: 10pt;">This is the config generated by DD-WRT
according to its webif:<br />
</span></div>
<div style="margin-left: 40px;"><span style="font-size: 10pt;"><br />
<span style="font-family: Courier New;"> :~# cat /tmp/dnsmasq.conf<br />
interface=br0<br />
resolv-file=/tmp/resolv.dnsmasq<br />
all-servers<br />
domain=mirmana.com<br />
dhcp-leasefile=/tmp/dnsmasq.leases<br />
dhcp-lease-max=21<br />
dhcp-option=lan,3,192.168.10.1<br />
dhcp-option=44,192.168.10.120<br />
dhcp-authoritative<br />
dhcp-range=lan,192.168.10.248,192.168.10.254,255.255.255.0,1440m<br />
dhcp-host=00:13:D3:08:CC:81,win32,192.168.10.120,144m<br />
.</span></span></div>
<div style="margin-left: 40px;"><span style="font-size: 10pt;"><span
style="font-family: Courier New;">.<br />
</span></span></div>
<div style="margin-left: 40px;"><span style="font-size: 10pt;"><span
style="font-family: Courier New;">
ptr-record=254.0.191.85.in-addr.arpa,cj1616-gateway.mirmana.com<br />
addn-hosts=/opt/etc/pixelserv/blacks<br />
dhcp-option=option:ntp-server,194.171.167.130,81.171.44.131,87.251.35.240,213.239.154.12,131.211.84.189</span>
<br />
</span></div>
</font></div>
<div><span style="font-size: 10pt;"><br />
</span></div>
<div><span style="font-size: 10pt;">This is what happens when I resolve
www.google.com and when I resolve the non-existing wwww-google.com<br />
</span></div>
<div><span style="font-size: 10pt;"><br />
</span></div>
<div style="margin-left: 40px;"><span style="font-size: 10pt;"><span
style="font-family: Courier New;"># host www.google.com<br />
www.google.com is an alias for www.l.google.com.<br />
www.l.google.com has address 74.125.77.104<br />
www.l.google.com has address 74.125.77.99<br />
www.l.google.com has address 74.125.77.147<br />
root@WAN:~# host wwww.google.com<br />
wwww.google.com.mirmana.com is an alias for jpmarion.dyndns.org.<br />
jpmarion.dyndns.org has address 85.191.0.241<br />
</span><br />
</span></div>
<div><span style="font-size: 10pt;">I'm afraid I will now get a lecture
about wildcards I should not be using or WAN-domains that are used on a LAN,
but the point is really that I never asked for a 2nd query. There's even an
option called 'expand-hosts', but I that's not turned on.<br />
</span></div>
<div><span style="font-size: 10pt;">If a foreign DNS-server is a bit slow,
my DNSMasq suddenly decides to return my WAN-IP.<br />
</span></div>
<div><span style="font-size: 10pt;">I don't want this!<br />
</span></div>
<div><span style="font-size: 10pt;"><br />
</span></div>
<div><span style="font-size: 10pt;">I want it to just query the record I
asked it to and just give NXDOMAIN if it can't deliver.<br />
</span></div>
<div><span style="font-size: 10pt;"><br />
</span></div>
<div><span style="font-size: 10pt;">I understand the default behaviour can't
suddenly be changed, so an optional variable called 'expand-never' could be
given to achieve this.<br />
</span></div>
<div><span style="font-size: 10pt;"><br />
</span></div>
<div><span style="font-size: 10pt;">Cheers all<br />
</span></div>
<div> </div>
<div> </div>
<div> </div>
<div> </div>
<blockquote style="padding-right: 0px; padding-left: 5px; margin-left: 5px;
border-left: 2px solid rgb(0, 0, 0); margin-right: 0px;"> -----Original
Message-----<br />
From: "richardvoigt@gmail.com" <richardvoigt@gmail.com><br />
To: Jean-Pierre van Melis <fraterdnsmasq@hetemail.com><br />
Cc: dnsmasq-discuss@lists.thekelleys.org.uk<br />
Date: Tue, 28 Dec 2010 13:34:15 -0600<br />
Subject: Re: [Dnsmasq-discuss] expand-hosts<br />
<br />
Maybe Simon can figure out what you're saying, but I can't. If you
included some specific examples it would make your situation much easier to
understand.
<div> </div>
<div>e.g. (and if your situation doesn't substantially match this made-up
example, go and re-read the description of the expand-hosts option)</div>
<div> </div>
<div><<<Begin made-up example>>></div>
<div> </div>
<div>/etc/hosts has an entry for the unqualified name xyzzy:</div>
<div> </div>
<div>aaa.bbb.ccc.71 xyzzy</div>
<div> </div>
<div>/etc/resolv.conf points to localhost first, then my ISP</div>
<div> </div>
<div>server 127.0.0.1</div>
<div>server aaa.bbb.ccc.ddd</div>
<div> </div>
<div>nslookup xyzzy works:</div>
<div> </div>
<div>> nslookup xyzzy</div>
<div>Authoritative response from <a href="http://127.0.0.1">127.0.0.1</a>:
aaa.bbb.ccc.71 (A record)</div>
<div> </div>
<div>nslookup <a href="http://xyzzy.domain.com">xyzzy.domain.com</a> also
succeeds, but I think it shouldn't with expand-hosts turned off:</div>
<div> </div>
<div>> nslookup <a href="http://xyzzy.domain.com">xyzzy.domain.com</a>
</div>
<div>Authoritative response from <a href="http://127.0.0.1">
127.0.0.1</a>: aaa.bbb.ccc.71 (A record)</div>
<div> </div>
<div>I want this to return NXDOMAIN instead. How can I configure
dnsmasq to do that?</div>
<div> </div>
<div><<<End made-up example>>><br />
<br />
<div class="gmail_quote">On Tue, Dec 28, 2010 at 12:34 AM, Jean-Pierre van
Melis <span dir="ltr"><<a href="mailto:fraterdnsmasq@hetemail.com">
fraterdnsmasq@hetemail.com</a>></span> wrote:<br />
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex;
border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<div><font style="font-family: tahoma,arial,helvetica,sans-serif; font-size:
12pt;">
<div><br />
I am having trouble with the feature expand-hosts.</div>
<div>The dnsmasq running on my router has no 'expand-hosts' in its
dnsmasq.conf and it still expands hosts for domains that are unable to
resolve.</div>
<div>It is especially troublesome in my setup as I also have wildcard set on
my <domain> so these requests will be redirected to my WAN IP
address.</div>
<div> </div>
<div>On my router I have a pound reverse proxy running which then gets
traffic which it shouldn't receive.</div>
<div> </div>
<div>Why is dnsmasq expanding the host?</div>
<div>It seems it does it always when I set <domain=<a
href="http://domain.com" target="_blank">domain.com</a>>. Is this
true?</div>
<div>If so, why is there a separate setting for expand-hosts?</div>
<div> </div>
<div>I understand the need for such a feature, but I don't understand why it
also expands on hosts that don't contain a dot.</div>
<div> </div>
<div>Is it possible to have a switch so I can better control its
behavior?</div>
<div> </div>
<div>Cheers all...</div>
</font></div>
<br />
_______________________________________________<br />
Dnsmasq-discuss mailing list<br />
<a href="mailto:Dnsmasq-discuss@lists.thekelleys.org.uk">
Dnsmasq-discuss@lists.thekelleys.org.uk</a><br />
<a href="http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss"
target="_blank">
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss</a><br />
<br />
</blockquote></div>
</div>
</blockquote>
</HTML>