[Dnsmasq-discuss] 2.53rc2

clemens fischer ino-news at spotteswoode.dnsalias.org
Thu May 27 23:51:15 BST 2010 

Simon Kelley wrote:

> clemens fischer wrote:
>
>> I wonder what netlink is used for?  Could it be DBus?  Quite a bit of
>> traffic on the netlink socket.
> 
> Mainly, it's finding all the interfaces and their parameters, there's
> also a function which listens for an "interface up" event and re-send
> the last query, to make dial-on-demand work better.

I see.  On freebsd, we had to use ioctl's for this.

>> So I presume nothing can be done if people want to wildcard-bind in
>> order to use any interfaces, even when they don't exist yet.
> 
> Can you make BIND listen on a port other than 53, and direct queries
> to it through dnsmasq (dnsmasq will send queries upstream on any port
> you like).

I'm doing this even simpler:

  // BIND's named.conf
  acl listen_ip { !172.16/12; !192.168/16; any; };
  acl listen_ip6 { ::1; };
  ...
  options {
      ...
      listen-on { listen_ip; };
      listen-on-v6 { listen_ip6; };
      ...
  }

This makes BIND listen on any local IPs except for 172.16/12 and
192.168/16 for IPv4 and on the loopback for IPv6.  These ranges are used
locally, with 192.168/16 dedicated to the interfaces handled by dnsmasq:

  named   16239  named  20u IPv4 60116 0t0 TCP 127.0.0.1:53 (LISTEN)
  named   16239  named  21u IPv4 60118 0t0 TCP 127.0.0.24:53 (LISTEN)
  named   16239  named  22u IPv4 60120 0t0 TCP 127.0.0.25:53 (LISTEN)
  named   16239  named  23u IPv4 60122 0t0 TCP 127.0.0.53:53 (LISTEN)
  named   16239  named  24u IPv4 60124 0t0 TCP 95.89.50.155:53 (LISTEN)
  named   16239  named  25u IPv6 60126 0t0 TCP [::1]:53 (LISTEN)
  named   16239  named  26u IPv4 60129 0t0 TCP 127.0.0.1:953 (LISTEN)
  named   16239  named 512u IPv4 60115 0t0 UDP 127.0.0.1:53
  named   16239  named 513u IPv4 60117 0t0 UDP 127.0.0.24:53
  named   16239  named 514u IPv4 60119 0t0 UDP 127.0.0.25:53
  named   16239  named 515u IPv4 60121 0t0 UDP 127.0.0.53:53
  named   16239  named 516u IPv4 60123 0t0 UDP 95.89.50.155:53
  named   16239  named 517u IPv6 60125 0t0 UDP [::1]:53
  dnsmasq 16293 nobody   5u IPv4 60646 0t0 UDP *:67
  dnsmasq 16293 nobody   6u IPv6 60660 0t0 TCP [fe80::21f:1fff:fe52:9dbd]:53 (LISTEN)
  dnsmasq 16293 nobody   7u IPv6 60661 0t0 UDP [fe80::21f:1fff:fe52:9dbd]:53
  dnsmasq 16293 nobody   8u IPv4 60662 0t0 TCP 192.168.3.1:53 (LISTEN)
  dnsmasq 16293 nobody   9u IPv4 60663 0t0 UDP 192.168.3.1:53

No need to mess with port 53 for DNS.  Dnsmasq sends DNS queries to
127.0.0.24 and etc/resolv.conf lists 127.0.0.53 for local clients.  This
way I can see if local clients or remote clients issued queries to BIND
in its log.

>> 2010-05-27_16:07:11.54241 send(8, "<26>May 27 18:07:11
>>   dnsmasq[1001"..., 93, MSG_NOSIGNAL) = 93
>> 2010-05-27_16:07:11.54264 send(8, "<26>May 27 18:07:11
>>   dnsmasq[1001"..., 54, MSG_NOSIGNAL) = 54
>> 
>> This is a little disturbing:  logging is configured to go to a file
>> (stderr), not to syslog.  It doesn't make much difference here, though.
> 
> From the man page: "Errors whilst reading configuration will still go to
> syslog, but all output from a successful startup, and  all  output
> whilst running, will go exclusively to the file."

Dang!  I thought I had read something like this but didn't think of
looking into dnsmasq's man page.


clemens

More information about the Dnsmasq-discuss mailing list