<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>It seems to me the second example does not have specified any
normal servers. Or better, you expect /#/ has special meaning, but
I have found only server=/example/# to have documented special
meaning. New version do not recognize /#/ a special value anymore.
I think that has changed with 2.86 release.</p>
<p>Only --address=/#/ special handling were documented, at least in
RHEL9 2.85 version. I think Simon considered its usage in --server
as an implementation error and that why it is not working anymore.
Or better, it has no special meaning anymore.<br>
</p>
<p>Few comments below.<br>
</p>
<div class="moz-cite-prefix">On 9/26/23 10:28, Yann ILAS wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CACcbP8MBN2KJYZBxMdb-Ve_VH+RVWJgBwg2o2fPSZ0U8vpztjA@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">
<div>Ok </div>
<div><br>
</div>
<div>With that config file :</div>
<div><br>
</div>
<div>> listen-address=127.0.0.1<br>
> bind-interfaces<br>
> server=8.8.8.8<br>
> server=/svc.cluster.local/<a href="http://10.96.0.10"
moz-do-not-send="true">10.96.0.10</a><br>
> cache-size=500<br>
</div>
<div><br>
</div>
<div># dig @<a href="http://127.0.0.1" moz-do-not-send="true">127.0.0.1</a>
<a href="http://perdu.com" moz-do-not-send="true">perdu.com</a>
A +short<br>
172.67.133.176<br>
104.21.5.178<br>
</div>
<div><br>
</div>
<div>Output from the dnsmasq server :</div>
<div><br>
</div>
<div>| # dnsmasq --no-daemon --log-queries --log-debug<br>
| dnsmasq: started, version 2.89 cachesize 500<br>
| dnsmasq: compile time options: IPv6 GNU-getopt DBus no-UBus
i18n IDN2 DHCP DHCPv6 no-Lua TFTP conntrack ipset nftset auth
cryptohash DNSSEC loop-detect inotify dumpfile<br>
| dnsmasq: using nameserver 8.8.8.8#53<br>
| dnsmasq: using nameserver 10.96.0.10#53 for domain
svc.cluster.local <br>
| dnsmasq: reading /etc/resolv.conf<br>
| dnsmasq: using nameserver 8.8.8.8#53<br>
| dnsmasq: using nameserver 10.96.0.10#53 for domain
svc.cluster.local <br>
| dnsmasq: ignoring nameserver 127.0.0.1 - local interface<br>
| dnsmasq: read /etc/hosts - 7 names<br>
| <br>
| dnsmasq: query[A] <a href="http://perdu.com"
moz-do-not-send="true">perdu.com</a> from 127.0.0.1<br>
| dnsmasq: forwarded <a href="http://perdu.com"
moz-do-not-send="true">perdu.com</a> to 8.8.8.8<br>
| dnsmasq: reply <a href="http://perdu.com"
moz-do-not-send="true">perdu.com</a> is 172.67.133.176<br>
| dnsmasq: reply <a href="http://perdu.com"
moz-do-not-send="true">perdu.com</a> is 104.21.5.178<br>
</div>
<div><br>
</div>
</div>
</blockquote>
That seems okay.<br>
<blockquote type="cite"
cite="mid:CACcbP8MBN2KJYZBxMdb-Ve_VH+RVWJgBwg2o2fPSZ0U8vpztjA@mail.gmail.com">
<div dir="ltr">
<div><br>
</div>
<div>With that config file :</div>
<div><br>
</div>
<div>> listen-address=127.0.0.1<br>
> bind-interfaces<br>
> server=/#/<a href="http://9.9.9.9" moz-do-not-send="true">9.9.9.9</a><br>
> server=/svc.cluster.local/<a href="http://10.96.0.10"
moz-do-not-send="true">10.96.0.10</a><br>
> cache-size=500<br>
</div>
</div>
</blockquote>
And what server=/#/ is supposed to mean here? I think you can use
instead server=/./9.9.9.9, but I fail to see to use that syntax
here. I haven't found in man dnsmasq what is should do. I think it
used to work as a replacement for /./, because that was not accepted
before. I would say that is corner case.<br>
<blockquote type="cite"
cite="mid:CACcbP8MBN2KJYZBxMdb-Ve_VH+RVWJgBwg2o2fPSZ0U8vpztjA@mail.gmail.com">
<div dir="ltr">
<div><br>
</div>
<div>| root@bookworm:/tmp# dig @<a href="http://127.0.0.1"
moz-do-not-send="true">127.0.0.1</a> <a
href="http://perdu.com" moz-do-not-send="true">perdu.com</a>
A +short<br>
| root@bookworm:/tmp# <br>
</div>
<div><br>
</div>
<div>Output from the dnsmasq server :<br>
</div>
<div><br>
</div>
<div>| root@bookworm:~# dnsmasq --no-daemon --log-queries
--log-debug<br>
| dnsmasq: started, version 2.89 cachesize 500<br>
| dnsmasq: compile time options: IPv6 GNU-getopt DBus no-UBus
i18n IDN2 DHCP DHCPv6 no-Lua TFTP conntrack ipset nftset auth
cryptohash DNSSEC loop-detect inotify dumpfile<br>
| dnsmasq: using nameserver 9.9.9.9#53 for domain # <br>
| dnsmasq: using nameserver 10.96.0.10#53 for domain
svc.cluster.local <br>
| dnsmasq: reading /etc/resolv.conf<br>
| dnsmasq: using nameserver 9.9.9.9#53 for domain # <br>
| dnsmasq: using nameserver 10.96.0.10#53 for domain
svc.cluster.local <br>
| dnsmasq: ignoring nameserver 127.0.0.1 - local interface<br>
| dnsmasq: read /etc/hosts - 7 names<br>
| <br>
| dnsmasq: query[A] <a href="http://perdu.com"
moz-do-not-send="true">perdu.com</a> from 127.0.0.1<br>
| dnsmasq: config error is REFUSED (EDE: not ready)<br>
</div>
<div><br>
</div>
<div>With that last config file, the output of dnsmasq (version
`2.85`) mentions the default nameserver which will be used
=> `using nameserver 9.9.9.9#53 for default` :</div>
</div>
</blockquote>
Yes, that makes server=/#/ is now server=/./. server=/#/ has no
special meaning and this means now simply only "#" domain is
redirected to 9.9.9.9. Try dig "test.#" @localhost.<br>
<blockquote type="cite"
cite="mid:CACcbP8MBN2KJYZBxMdb-Ve_VH+RVWJgBwg2o2fPSZ0U8vpztjA@mail.gmail.com">
<div dir="ltr">
<div><br>
</div>
<div>| root@debian11:~# dnsmasq --no-daemon --log-queries
--log-debug<br>
| dnsmasq: started, version 2.85 cachesize 500<br>
| dnsmasq: compile time options: IPv6 GNU-getopt DBus no-UBus
i18n IDN2 DHCP DHCPv6 no-Lua TFTP conntrack ipset auth
cryptohash DNSSEC loop-detect inotify dumpfile<br>
| dnsmasq: using nameserver 10.96.0.10#53 for domain
svc.cluster.local <br>
| dnsmasq: using nameserver 9.9.9.9#53 for default <br>
| dnsmasq: reading /etc/resolv.conf<br>
| dnsmasq: using nameserver 10.96.0.10#53 for domain
svc.cluster.local <br>
| dnsmasq: using nameserver 9.9.9.9#53 for default <br>
| dnsmasq: ignoring nameserver 127.0.0.1 - local interface<br>
| dnsmasq: read /etc/hosts - 6 addresses<br>
</div>
<div><br>
</div>
<div><br>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">Le ven. 15 sept. 2023
à 22:28, Geert Stappers <<a
href="mailto:stappers@stappers.nl" moz-do-not-send="true"
class="moz-txt-link-freetext">stappers@stappers.nl</a>>
a écrit :<br>
</div>
<blockquote class="gmail_quote"
style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On
Tue, Sep 12, 2023 at 09:15:04PM +0200, Yann ILAS wrote:<br>
> Le mar. 12 sept. 2023 à 18:56, Geert Stappers a écrit :<br>
> > On Mon, Sep 11, 2023 at 01:58:07PM +0200, Yann
ILAS wrote:<br>
> > > Hi !<br>
> ><br>
> > Hello,<br>
> ><br>
> ><br>
> > > I get an issue with version 2.89 of dnsmasq,
on Debian 12. There seems to<br>
> > > be a regression. I did see the changelog<br>
> > > <<a
href="https://thekelleys.org.uk/dnsmasq/CHANGELOG"
rel="noreferrer" target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">https://thekelleys.org.uk/dnsmasq/CHANGELOG</a>>
for version 2.87, which<br>
> > > states that the /#/ bug has been fixed... but
I don't see it with version<br>
> > > 2.89 (the last version installed on Debian).
The /#/ in the config file<br>
> > > seems still to be an issue.<br>
> > ><br>
> > > listen-address=127.0.0.1<br>
> > > bind-interfaces<br>
> > > server=/#/<a href="http://8.8.8.8"
rel="noreferrer" target="_blank" moz-do-not-send="true">8.8.8.8</a><br>
> > > server=/svc.cluster.local/<a
href="http://10.96.0.10" rel="noreferrer" target="_blank"
moz-do-not-send="true">10.96.0.10</a><br>
> > > cache-size=500<br>
> > ><br>
> ><br>
> > And with<br>
> ><br>
> > listen-address=127.0.0.1<br>
> > bind-interfaces<br>
> > server=9.9.9.9<br>
> > server=/svc.cluster.local/<a
href="http://10.96.0.10" rel="noreferrer" target="_blank"
moz-do-not-send="true">10.96.0.10</a><br>
> > cache-size=500<br>
> ><br>
> > ? (Yes, that are two changes!)<br>
> ><br>
> Hi,<br>
> <br>
> From the client :<br>
> root@bookworm:~# dig @<a href="http://127.0.0.1"
rel="noreferrer" target="_blank" moz-do-not-send="true">127.0.0.1</a>
<a href="http://perdu.com" rel="noreferrer" target="_blank"
moz-do-not-send="true">perdu.com</a> A +short<br>
> 172.67.133.176<br>
> 104.21.5.178<br>
> <br>
> Log from the daemon :<br>
> root@bookworm:~# dnsmasq --no-daemon --log-queries
--log-debug<br>
> dnsmasq: started, version 2.89 cachesize 500<br>
> dnsmasq: compile time options: IPv6 GNU-getopt DBus
no-UBus i18n IDN2 DHCP<br>
> DHCPv6 no-Lua TFTP conntrack ipset nftset auth
cryptohash DNSSEC<br>
> loop-detect inotify dumpfile<br>
> dnsmasq: using nameserver 9.9.9.9#53<br>
> dnsmasq: using nameserver 10.96.0.10#53 for domain
svc.cluster.local<br>
> dnsmasq: reading /etc/resolv.conf<br>
> dnsmasq: using nameserver 9.9.9.9#53<br>
> dnsmasq: using nameserver 10.96.0.10#53 for domain
svc.cluster.local<br>
> dnsmasq: ignoring nameserver 127.0.0.1 - local
interface<br>
> dnsmasq: read /etc/hosts - 7 names<br>
> dnsmasq: query[A] <a href="http://perdu.com"
rel="noreferrer" target="_blank" moz-do-not-send="true">perdu.com</a>
from 127.0.0.1<br>
> dnsmasq: forwarded <a href="http://perdu.com"
rel="noreferrer" target="_blank" moz-do-not-send="true">perdu.com</a>
to 9.9.9.9<br>
> dnsmasq: reply <a href="http://perdu.com"
rel="noreferrer" target="_blank" moz-do-not-send="true">perdu.com</a>
is 172.67.133.176<br>
> dnsmasq: reply <a href="http://perdu.com"
rel="noreferrer" target="_blank" moz-do-not-send="true">perdu.com</a>
is 104.21.5.178<br>
<br>
Okay, that looks fine. Now test the two changes separately.<br>
I refer to the above "Yes, that are two changes!"<br>
<br>
<br>
Groeten<br>
Geert Stappers<br>
-- <br>
Silence is hard to parse<br>
<span style="white-space: pre-wrap">
</span></blockquote>
</div>
</div>
</blockquote>
<pre class="moz-signature" cols="72">--
Petr Menšík
Software Engineer, RHEL
Red Hat, <a class="moz-txt-link-freetext" href="https://www.redhat.com/">https://www.redhat.com/</a>
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB</pre>
</body>
</html>