Alright so I added no-resolv and removed strict-order from the config file and restarted the server. I also commented out any unnecessary entries in the host file. The snippet from the log is here. I also ran dig <a href="http://www.yahoo.com">www.yahoo.com</a> @<a href="http://192.168.1.115">192.168.1.115</a> and the query wasn't in the log.<br>
<br><blockquote>Jan 9 12:23:34 dnsmasq[4013]: started, version 2.57 cachesize 150<br>Jan 9 12:23:34 dnsmasq[4013]: compile time options: IPv6 GNU-getopt DBus I18N DHCP TFTP IDN<br>Jan 9 12:23:34 dnsmasq[4013]: warning: ignoring resolv-file flag because no-resolv is set<br>
Jan 9 12:23:34 dnsmasq-dhcp[4013]: DHCP, IP range 192.168.1.2 -- 192.168.1.99, lease time 12h<br>Jan 9 12:23:34 dnsmasq[4013]: using nameserver 192.168.1.100#53<br>Jan 9 12:23:34 dnsmasq[4013]: read /etc/hosts - 12 addresses<br>
Jan 9 12:24:07 dnsmasq[4013]: exiting on receipt of SIGTERM<br></blockquote>So now DNSMasq should only know about the name server at 192.168.1.100. Unfortunately, this did not resolv my problem with UDP not working. What additional info do you guys need?<br>
<br><div class="gmail_quote">On Sat, Jan 7, 2012 at 4:00 AM, <span dir="ltr"><<a href="mailto:dnsmasq-discuss-request@lists.thekelleys.org.uk">dnsmasq-discuss-request@lists.thekelleys.org.uk</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Date: Sat, 07 Jan 2012 10:25:51 +0000<br>
From: Simon Kelley <<a href="mailto:simon@thekelleys.org.uk">simon@thekelleys.org.uk</a>><br>
To: <a href="mailto:dnsmasq-discuss@lists.thekelleys.org.uk">dnsmasq-discuss@lists.thekelleys.org.uk</a><br>
Subject: Re: [Dnsmasq-discuss] UDP queries to DNS fail<br>
Message-ID: <<a href="mailto:4F081DAF.80602@thekelleys.org.uk">4F081DAF.80602@thekelleys.org.uk</a>><br>
Content-Type: text/plain; charset=UTF-8; format=flowed<br>
<br>
On 07/01/12 01:21, Mike Owens wrote:<br>
> I have an issue that's driving me nuts. I have dnsmasq installed and<br>
> DHCP is working fine. I can make DNS queries over TCP and they work<br>
> fine. Normal DNS requests over UDP fail if done from a remote machine<br>
> but succeed if done locally. First thing I did was check the firewall.<br>
> have gone so far as to completely remove UFW so that there is no doubt.<br>
> I can get a reply using nc -u -z 192.168.1.100 53 from a remote machine<br>
> and dig +tcp <a href="http://www.yahoo.com" target="_blank">www.yahoo.com</a> <<a href="http://www.yahoo.com" target="_blank">http://www.yahoo.com</a>> @serverip also succeeds.<br>
><br>
> Config file:<br>
><br>
> domain-needed<br>
> bogus-priv<br>
> strict-order<br>
> server=192.168.1.100<br>
> interface=eth0<br>
> domain=<a href="http://transpireinc.com" target="_blank">transpireinc.com</a> <<a href="http://transpireinc.com" target="_blank">http://transpireinc.com</a>><br>
> dhcp-range=192.168.1.2,192.168.1.99,255.255.255.0,12h<br>
> dhcp-option=3,192.168.1.1<br>
> dhcp-authoritative<br>
> bogus-nxdomain=64.94.110.11<br>
> log-facility=/var/log/dnsmasq<br>
> log-queries<br>
> log-dhcp<br>
><br>
><br>
> netstat -lpn output:<br>
><br>
> tcp 0 0 <a href="http://0.0.0.0:53" target="_blank">0.0.0.0:53</a> <<a href="http://0.0.0.0:53" target="_blank">http://0.0.0.0:53</a>><br>
> 0.0.0.0:* LISTEN 932/dnsmasq<br>
> tcp6 0 0 :::53 :::*<br>
> LISTEN 932/dnsmasq<br>
> udp 0 0 <a href="http://0.0.0.0:53" target="_blank">0.0.0.0:53</a> <<a href="http://0.0.0.0:53" target="_blank">http://0.0.0.0:53</a>><br>
> 0.0.0.0:* 932/dnsmasq<br>
> udp 0 0 <a href="http://0.0.0.0:67" target="_blank">0.0.0.0:67</a> <<a href="http://0.0.0.0:67" target="_blank">http://0.0.0.0:67</a>><br>
> 0.0.0.0:* 932/dnsmasq<br>
> udp6 0 0 :::53<br>
> :::* 932/dnsmasq<br>
><br>
><br>
> Log snippet from today. All the successful queries occurred over TCP:<br>
><br>
> Jan 6 16:20:08 dnsmasq[823]: started, version 2.57 cachesize 150<br>
> Jan 6 16:20:08 dnsmasq[823]: compile time options: IPv6 GNU-getopt<br>
> DBus I18N DHCP TFTP IDN<br>
> Jan 6 16:20:08 dnsmasq-dhcp[823]: DHCP, IP range 192.168.1.2 --<br>
> 192.168.1.99, lease time infinite<br>
> Jan 6 16:20:08 dnsmasq[823]: using nameserver 192.168.1.100#53<br>
> Jan 6 16:20:08 dnsmasq[823]: reading /var/run/dnsmasq/resolv.conf<br>
> Jan 6 16:20:08 dnsmasq[823]: using nameserver 68.87.85.102#53<br>
> Jan 6 16:20:08 dnsmasq[823]: using nameserver 68.87.69.150#53<br>
> Jan 6 16:20:08 dnsmasq[823]: using nameserver 68.87.64.146#53<br>
> Jan 6 16:20:08 dnsmasq[823]: using nameserver 192.168.1.1#53<br>
> Jan 6 16:20:08 dnsmasq[823]: using nameserver 192.168.1.100#53<br>
> Jan 6 16:20:08 dnsmasq[823]: using nameserver 192.168.1.100#53<br>
> Jan 6 16:20:08 dnsmasq[823]: read /etc/hosts - 12 addresses<br>
> Jan 6 16:20:43 dnsmasq[840]: query[A] <a href="http://debian.org" target="_blank">debian.org</a><br>
> <<a href="http://debian.org" target="_blank">http://debian.org</a>> from 192.168.1.102<br>
> Jan 6 16:20:43 dnsmasq[840]: forwarded <a href="http://debian.org" target="_blank">debian.org</a><br>
> <<a href="http://debian.org" target="_blank">http://debian.org</a>> to 192.168.1.100<br>
> Jan 6 16:20:43 dnsmasq[840]: reply <a href="http://debian.org" target="_blank">debian.org</a> <<a href="http://debian.org" target="_blank">http://debian.org</a>><br>
> is 206.12.19.7<br>
> Jan 6 16:20:43 dnsmasq[840]: reply <a href="http://debian.org" target="_blank">debian.org</a> <<a href="http://debian.org" target="_blank">http://debian.org</a>><br>
> is 128.31.0.51<br>
> Jan 6 16:37:10 dnsmasq[856]: query[A] <a href="http://www.yahoo.com" target="_blank">www.yahoo.com</a><br>
> <<a href="http://www.yahoo.com" target="_blank">http://www.yahoo.com</a>> from 192.168.1.102<br>
> Jan 6 16:37:10 dnsmasq[856]: forwarded <a href="http://www.yahoo.com" target="_blank">www.yahoo.com</a><br>
> <<a href="http://www.yahoo.com" target="_blank">http://www.yahoo.com</a>> to 192.168.1.100<br>
> Jan 6 16:37:10 dnsmasq[856]: reply <a href="http://www.yahoo.com" target="_blank">www.yahoo.com</a><br>
> <<a href="http://www.yahoo.com" target="_blank">http://www.yahoo.com</a>> is <CNAME><br>
> Jan 6 16:37:10 dnsmasq[856]: reply <a href="http://fp3.wg1.b.yahoo.com" target="_blank">fp3.wg1.b.yahoo.com</a><br>
> <<a href="http://fp3.wg1.b.yahoo.com" target="_blank">http://fp3.wg1.b.yahoo.com</a>> is <CNAME><br>
> Jan 6 16:37:10 dnsmasq[856]: reply <a href="http://any-fp3-lfb.wa1.b.yahoo.com" target="_blank">any-fp3-lfb.wa1.b.yahoo.com</a><br>
> <<a href="http://any-fp3-lfb.wa1.b.yahoo.com" target="_blank">http://any-fp3-lfb.wa1.b.yahoo.com</a>> is <CNAME><br>
> Jan 6 16:37:10 dnsmasq[856]: reply <a href="http://any-fp3-real.wa1.b.yahoo.com" target="_blank">any-fp3-real.wa1.b.yahoo.com</a><br>
> <<a href="http://any-fp3-real.wa1.b.yahoo.com" target="_blank">http://any-fp3-real.wa1.b.yahoo.com</a>> is 72.30.2.43<br>
> Jan 6 16:37:10 dnsmasq[856]: reply <a href="http://any-fp3-real.wa1.b.yahoo.com" target="_blank">any-fp3-real.wa1.b.yahoo.com</a><br>
> <<a href="http://any-fp3-real.wa1.b.yahoo.com" target="_blank">http://any-fp3-real.wa1.b.yahoo.com</a>> is 98.137.149.56<br>
> Jan 6 16:40:14 dnsmasq[882]: query[A] <a href="http://www.yahoo.com" target="_blank">www.yahoo.com</a><br>
> <<a href="http://www.yahoo.com" target="_blank">http://www.yahoo.com</a>> from 192.168.1.102<br>
> Jan 6 16:40:14 dnsmasq[882]: forwarded <a href="http://www.yahoo.com" target="_blank">www.yahoo.com</a><br>
> <<a href="http://www.yahoo.com" target="_blank">http://www.yahoo.com</a>> to 192.168.1.100<br>
> Jan 6 16:40:14 dnsmasq[882]: reply <a href="http://www.yahoo.com" target="_blank">www.yahoo.com</a><br>
> <<a href="http://www.yahoo.com" target="_blank">http://www.yahoo.com</a>> is <CNAME><br>
> Jan 6 16:40:14 dnsmasq[882]: reply <a href="http://fp3.wg1.b.yahoo.com" target="_blank">fp3.wg1.b.yahoo.com</a><br>
> <<a href="http://fp3.wg1.b.yahoo.com" target="_blank">http://fp3.wg1.b.yahoo.com</a>> is <CNAME><br>
> Jan 6 16:40:14 dnsmasq[882]: reply <a href="http://any-fp3-lfb.wa1.b.yahoo.com" target="_blank">any-fp3-lfb.wa1.b.yahoo.com</a><br>
> <<a href="http://any-fp3-lfb.wa1.b.yahoo.com" target="_blank">http://any-fp3-lfb.wa1.b.yahoo.com</a>> is <CNAME><br>
> Jan 6 16:40:14 dnsmasq[882]: reply <a href="http://any-fp3-real.wa1.b.yahoo.com" target="_blank">any-fp3-real.wa1.b.yahoo.com</a><br>
> <<a href="http://any-fp3-real.wa1.b.yahoo.com" target="_blank">http://any-fp3-real.wa1.b.yahoo.com</a>> is 98.137.149.56<br>
> Jan 6 16:40:14 dnsmasq[882]: reply <a href="http://any-fp3-real.wa1.b.yahoo.com" target="_blank">any-fp3-real.wa1.b.yahoo.com</a><br>
> <<a href="http://any-fp3-real.wa1.b.yahoo.com" target="_blank">http://any-fp3-real.wa1.b.yahoo.com</a>> is 72.30.2.43<br>
> Jan 6 17:06:56 dnsmasq[823]: exiting on receipt of SIGTERM<br>
> Jan 6 17:06:58 dnsmasq[932]: started, version 2.57 cachesize 150<br>
> Jan 6 17:06:58 dnsmasq[932]: compile time options: IPv6 GNU-getopt<br>
> DBus I18N DHCP TFTP IDN<br>
> Jan 6 17:06:58 dnsmasq-dhcp[932]: DHCP, IP range 192.168.1.2 --<br>
> 192.168.1.99, lease time 12h<br>
> Jan 6 17:06:58 dnsmasq[932]: using nameserver 192.168.1.100#53<br>
> Jan 6 17:06:58 dnsmasq[932]: reading /var/run/dnsmasq/resolv.conf<br>
> Jan 6 17:06:58 dnsmasq[932]: using nameserver 68.87.85.102#53<br>
> Jan 6 17:06:58 dnsmasq[932]: using nameserver 68.87.69.150#53<br>
> Jan 6 17:06:58 dnsmasq[932]: using nameserver 68.87.64.146#53<br>
> Jan 6 17:06:58 dnsmasq[932]: using nameserver 192.168.1.1#53<br>
> Jan 6 17:06:58 dnsmasq[932]: using nameserver 192.168.1.100#53<br>
> Jan 6 17:06:58 dnsmasq[932]: using nameserver 192.168.1.100#53<br>
> Jan 6 17:06:58 dnsmasq[932]: read /etc/hosts - 12 addresses<br>
> Jan 6 17:07:34 dnsmasq[950]: query[A] <a href="http://www.yahoo.com" target="_blank">www.yahoo.com</a><br>
> <<a href="http://www.yahoo.com" target="_blank">http://www.yahoo.com</a>> from 192.168.1.102<br>
> Jan 6 17:07:34 dnsmasq[950]: forwarded <a href="http://www.yahoo.com" target="_blank">www.yahoo.com</a><br>
> <<a href="http://www.yahoo.com" target="_blank">http://www.yahoo.com</a>> to 192.168.1.100<br>
> Jan 6 17:07:34 dnsmasq[950]: reply <a href="http://www.yahoo.com" target="_blank">www.yahoo.com</a><br>
> <<a href="http://www.yahoo.com" target="_blank">http://www.yahoo.com</a>> is <CNAME><br>
> Jan 6 17:07:34 dnsmasq[950]: reply <a href="http://fp3.wg1.b.yahoo.com" target="_blank">fp3.wg1.b.yahoo.com</a><br>
> <<a href="http://fp3.wg1.b.yahoo.com" target="_blank">http://fp3.wg1.b.yahoo.com</a>> is <CNAME><br>
> Jan 6 17:07:34 dnsmasq[950]: reply <a href="http://any-fp3-lfb.wa1.b.yahoo.com" target="_blank">any-fp3-lfb.wa1.b.yahoo.com</a><br>
> <<a href="http://any-fp3-lfb.wa1.b.yahoo.com" target="_blank">http://any-fp3-lfb.wa1.b.yahoo.com</a>> is <CNAME><br>
> Jan 6 17:07:34 dnsmasq[950]: reply <a href="http://any-fp3-real.wa1.b.yahoo.com" target="_blank">any-fp3-real.wa1.b.yahoo.com</a><br>
> <<a href="http://any-fp3-real.wa1.b.yahoo.com" target="_blank">http://any-fp3-real.wa1.b.yahoo.com</a>> is 98.137.149.56<br>
> Jan 6 17:07:34 dnsmasq[950]: reply <a href="http://any-fp3-real.wa1.b.yahoo.com" target="_blank">any-fp3-real.wa1.b.yahoo.com</a><br>
> <<a href="http://any-fp3-real.wa1.b.yahoo.com" target="_blank">http://any-fp3-real.wa1.b.yahoo.com</a>> is 72.30.2.43<br>
><br>
><br>
> The only thing keeping this server from going live is this UDP problem.<br>
><br>
> Thanks<br>
> Mike<br>
><br>
<br>
Is there any possibility that you're looping queries _from_ dnsmasq back<br>
to itself. There's not enough information above to be sure, but the<br>
"using nameserver 192.168.x.y" logs make me suspicious. Especially<br>
"using nameserver 192.168.1.1" Behaviour in those circumstance might fit<br>
the TCP works / UDP doesn't pattern.<br>
<br>
Simon.<br>
<br>
<br>
<br></blockquote></div>