<div dir="ltr"><div dir="ltr">пт, 7 авг. 2020 г. в 22:11, Geert Stappers <<a href="mailto:stappers@stappers.nl">stappers@stappers.nl</a>>:<br></div><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On Fri, Aug 07, 2020 at 07:09:52PM +0300, Michael Aramanovich wrote:<br>> <br>
> However, the problem is still easily reproducible on Centos 7, Centos 8,<br>
> with dnsmasq 2.76 / 2.79 (and the most recent ones as well).<br>
<br>
Acknowlegde on the "and the most recent ones as well"<br>
..</blockquote><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Reproducing the issue without NM will help to fingerpoint to dnsmasq ...<br>
<br></blockquote><div><br></div><div>Well , I managed to reproduce the issue with the last version (just compiled from git), without NM, and even without --enable-dbus :) , the issue is more or less clear now:</div><div><br></div><div>Just run dnsmasq with the following parameters ("ens32" is the interface name on my centos; change it to yours if it differs):</div><div><br></div><div>sudo dnsmasq --no-resolv --no-daemon --no-hosts --bind-interfaces --listen-address=127.0.0.1 --cache-size=0 --server 8.8.8.8@ens32 <br></div><div><br></div><div>Every request to the upstream DNS server 8.8.8.8 will be sent by dnsmasq with the SAME source port, randomly chosen at start up, the "--query-port" option in the command line above will be ignored (and this is documented in dnsmasq-man: "<span style="color:rgb(0,0,0);font-family:"Times New Roman";font-size:medium">The query-port flag is ignored for any servers which have a source address specified but the port may be specified directly as part of the source address." ) </span> Also, adding --min-port or --max-port will not make sense.</div><div><br></div><div>But still there is no way to force dnsmasq to use a random port for every upstream query if the upstream server is set with @interface.</div><div><br></div><div>Unfortunately, the NetworkManager uses DBus to set upstream name server via SetServersEx, with argument 8.8.8.8@ens32, which is basically the same as setting it via conf or command line as in the example above. That's why I thought initially that "--enable-dbus" is a culprit.<br></div><div><br></div><div>Regards,</div><div>Michael.</div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div></div>
</blockquote></div></div>