[Dnsmasq-discuss] dnsmasq / dns server / iptables config glitch?

Mark Beierl mark at jemms.net
Tue Nov 24 20:37:45 GMT 2009 

Not a problem... just trying to help too :)

The 127.0.1.1 is a common thing these days, but I don't know why.  Yes 
you can merge them into one 127.0.0.1 line.

Rance Hall seemed to have hit the config entry on the head:

bind-address 0.0.0.0  

instead of isengard.  Due to isengard resolving to localhost/127.0.0.1 
(or 127.0.1.1 as the case may be), it is still the same as telling mysql 
to listen only to localhost, so that change made no real difference.  
You must tell mysql explicitly to listen to all addresses (0.0.0.0) with 
the bind-addresses listed above.

Regards,
Mark

Adam Hardy wrote:
> I'm sorry, I must be quite annoying, giving stupid answers to the most basic 
> networking questions. I checked in /etc/hosts:
>
> 127.0.0.1	localhost
> 127.0.1.1	isengard.localdomain	isengard
>
> I didn't edit /etc/hosts myself so I'm not sure why 127.0.1.1 is in there. My lo 
> interface according to ifconfig is 127.0.0.1
>
> Before my previous email, I had also edited my mysql config via the my.cnf file 
> to make the bind-address=isengard. I guess that explains the netstat output.
>
> But I have no idea why 127.0.1.1 is there as well as 127.0.0.1 - what 
> installation programs would have written that, other than the debian system 
> install?
>
> If it was just from the system installation, can I get rid of 127.0.1.1 and use 
> all on one line:
>
> 127.0.0.1 localhost isengard.localdomain isengard
>
> I also don't know whether to put some extra lines in my dnsmasq.conf and 
> dhclient.conf, for instance in dnsmasq.conf the example
>
> server=/localnet/192.168.0.1
>
> looks useful, judging from the other stuff I just dealt with, although I'm not 
> sure what purpose it serves.
>
> The external NIC using dhclient.conf to get its IP address from the modem seems 
> to be rewriting /etc/resolv.conf. Does dnsmasq deal with this on its own or is 
> there a setting I should be using?
>
> My dhclient.conf seems OK:
>
> option rfc3442-classless-static-routes code 121 = array of unsigned integer 8;
> request subnet-mask, broadcast-address, time-offset, routers,
> 	domain-name, domain-name-servers, domain-search, host-name,
> 	netbios-name-servers, netbios-scope, interface-mtu,
> 	rfc3442-classless-static-routes;
>
>
> Regards
> Adam
>
>
>
> Mark Beierl on 24/11/09 14:28, wrote:
>   
>> The TIME_WAIT is not an active socket, it's the remnant of a previous 
>> connection.  I have no idea at all why mysqld has moved to 127.0.1.1.  
>> Is the bind address config line set to the host name and is the host 
>> name entry in /etc/hosts 127.0.1.1?
>>
>> Unfortunately, I know very little about mysql, so I can't point you in 
>> the right direction for configuration...
>>
>> Regards,
>> Mark
>>
>> Adam Hardy wrote:
>>     
>>> You're right. The result from netstat was:
>>>
>>>
>>> tcp   0   0 127.0.0.1:3306   0.0.0.0:*  LISTEN 2557/mysqld
>>>
>>> after changing the bindaddress config in the mysql config as per the 
>>> docs to free up networking, it then gives this result:
>>>
>>> adam at isengard:~$ sudo netstat -napt | grep 3306
>>> tcp   0   0 127.0.1.1:3306    0.0.0.0:*       LISTEN      16473/mysqld
>>> tcp   0   0 127.0.1.1:53067   127.0.1.1:3306  TIME_WAIT   -
>>>
>>> which looks weird. But then it's probably just because I don't have 
>>> much experience in this area. Why has it switched over to 127.0.1.1 ?
>>>
>>> Thanks
>>> Adam
>>>
>>>
>>> Mark Beierl on 23/11/09 19:00, wrote:
>>>  
>>>       
>>>> Silly thought but - is mysql configured to listen to 127.0.0.1 only? 
>>>> Something like
>>>>
>>>> sudo netstat -napt | grep 3306
>>>>
>>>> ought to show if mysql is listening on 127.0.0.1:3306 or 0.0.0.0:3306.
>>>>
>>>> Regards,
>>>> Mark
>>>>
>>>> Adam Hardy wrote:
>>>>    
>>>>         
>>>>> Thought I had a simple problem but I don't really find anything 
>>>>> relevant on the web and I'm not getting any responses to my 
>>>>> questions here.
>>>>>
>>>>> Just a pointer in the right direction would be helpful - something 
>>>>> to put me back on the scent?
>>>>>
>>>>> Thanks
>>>>> Adam
>>>>>
>>>>> Adam Hardy on 20/11/09 20:38, wrote:
>>>>>  
>>>>>      
>>>>>           
>>>>>> I have a lan with a gateway machine running an ADSL modem and two 
>>>>>> NICs with iptables and dnsmasq.
>>>>>>
>>>>>> It also runs mysql and tomcat but is currently just a simple 
>>>>>> gateway, I'm not trying to configure any DMZ or fancier stuff like 
>>>>>> that.
>>>>>>
>>>>>> My problem is that I can access mysql using 'localhost:3306' but I 
>>>>>> can't access it on the same box when using the machine name e.g. 
>>>>>> 'isengard:3306' and my guess is that I have mis-configured either 
>>>>>> dnsmasq or iptables.
>>>>>>
>>>>>> I figure that my command "mysql --host=isengard" is probably being 
>>>>>> resolved as external and then getting blocked by the firewall.
>>>>>>
>>>>>> My dnsmasq config file, based on the example config but with 
>>>>>> comments removed, is:
>>>>>>
>>>>>> domain-needed
>>>>>> bogus-priv
>>>>>> filterwin2k
>>>>>> local=/localdomain/
>>>>>> domain=localdomain
>>>>>> dhcp-range=192.168.0.3,192.168.0.254
>>>>>> dhcp-option=option:router,192.168.0.2
>>>>>> dhcp-option=option:mtu,1500
>>>>>>
>>>>>> and my resolv.conf file is:
>>>>>>
>>>>>> nameserver 194.74.65.68
>>>>>>
>>>>>> and I think this is getting continually rewritten by dhcp with the 
>>>>>> nameserver info from the dhcp server on the modem which gives the 
>>>>>> outside NIC its internet ip address.
>>>>>>
>>>>>> Does this make any sense? Or rather does anyone see where my 
>>>>>> situation is foobarred?
>>>>>>             
>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>

More information about the Dnsmasq-discuss mailing list