[Dnsmasq-discuss] force all queries to tcp?
Brent Langston
brentley at brentley.net
Thu Jun 12 17:51:19 BST 2008
The Situation:
- Our IT policy is to eliminate all UDP traffic, except for traffic going to
specific DNS servers.
- I have a private DNS zone (*.mylab.internal).
- I'm hosting dns records for my private zone using dnsmasq.
- All of the people that access the lab are running Linux notebooks and have
dnsmasq installed.
The Idea:
Configure dnsmasq on the notebooks with something like:
server=/mylab.internal/192.168.0.200 so that all queries for
*.mylab.internal go to the dns server I'm running, and any other dns queries
go to the standard corporate dns servers.
The Problem:
dnsmasq performs the queries using UDP traffic. Since UDP traffic is
blocked, the queries time out. As a test, I can run these two commands:
dig @192.168.0.200 server.mylab.internal (results in a timeout)
dig +tcp @192.168.0.200 server.mylab.internal (immediate response received)
Sooo........ How can I configure the notebook instances of dnsmasq to
always send queries to the tcp port, rather than the default udp ports?
Any ideas?
--
--------
Brent
--------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20080612/7b7db903/attachment.htm
More information about the Dnsmasq-discuss
mailing list