[Dnsmasq-discuss] expand-hosts

Jean-Pierre van Melis fraterdnsmasq at hetemail.com
Wed Dec 29 18:44:13 GMT 2010


> It isn't dnsmasq performing the second query, it's your OS resolver
 service.  Check your /etc/resolv.conf configuration, remove any 
"search-suffix" or similar directive that might be in there.  Also note 
that this is a per-client setting, it can't be centrally controlled with
 dnsmasq.

I checked /etc/resolv.conf on the router that's also running dnsmasq.
It had 2 entries of "search mirmana.com".
I deleted them both. Now it resolved it fine, giving an NXDOMAIN as an 
answer.

My linux clients didn't have that entry, but after deleting 'domain 
mirmana.com' it stopped adding the domain to the query. I now need to find 
out how that entry got in there (the linux client I mean).
I'm afraid it was through DHCP.


-----Original Message-----

From: "richardvoigt at gmail.com" <richardvoigt at gmail.com>

To: Jean-Pierre van Melis <fraterdnsmasq at hetemail.com>

Cc: "dnsmasq-discuss at lists.thekelleys.org.uk" 
<dnsmasq-discuss at lists.thekelleys.org.uk>

Date: Wed, 29 Dec 2010 08:27:00 -0600

Subject: Re: [Dnsmasq-discuss] expand-hosts






On Tue, Dec 28, 2010 at 5:18 PM, Jean-Pierre van Melis 
<fraterdnsmasq at hetemail.com [mailto:fraterdnsmasq at hetemail.com]> wrote:

Hi Richard,



I own the the domain mirmana.com [http://mirmana.com/] which  
points with most of its records including a wildcard to my private  
DSL-connection on which I have a DD-WRT router.



DD-WRT is running DNSMasq for its DHCP  
& DNS.

I have set my local domain also to  
mirmana.com [http://mirmana.com/].

I know this should really be  
mirmana.local, but I'm doing this so my portable devices will access the  
LAN-side of the services when they are used local and will get forwarded by  

the router when they access these same services from WAN.

This is the config generated by DD-WRT  
according to its webif:

:~# cat /tmp/dnsmasq.conf


interface=br0

resolv-file=/tmp/resolv.dnsmasq

all-servers

domain=mirmana.com [http://mirmana.com/]

dhcp-leasefile=/tmp/dnsmasq.leases

dhcp-lease-max=21

dhcp-option=lan,3,192.168.10.1

dhcp-option=44,192.168.10.120

dhcp-authoritative

dhcp-range=lan,192.168.10.248,192.168.10.254,255.255.255.0,1440m

dhcp-host=00:13:D3:08:CC:81,win32,192.168.10.120,144m

.

.

ptr-record=254.0.191.85.in-addr.arpa,cj1616-gateway.mirmana.com 
[http://cj1616-gateway.mirmana.com/]

addn-hosts=/opt/etc/pixelserv/blacks

dhcp-option=option:ntp-server,194.171.167.130,81.171.44.131,87.251.35.240,213.239.154.12,131.211.84.189



This is what happens when I resolve  
www.google.com [http://www.google.com/] and when I resolve the non-existing 
wwww-google.com [http://wwww-google.com/]



# host www.google.com [http://www.google.com/]

www.google.com [http://www.google.com/] is an alias for www.l.google.com 
[http://www.l.google.com/].

www.l.google.com [http://www.l.google.com/] has address 74.125.77.104

www.l.google.com [http://www.l.google.com/] has address 74.125.77.99

www.l.google.com [http://www.l.google.com/] has address 74.125.77.147

root at WAN:~# host wwww.google.com [http://wwww.google.com/]

wwww.google.com.mirmana.com [http://wwww.google.com.mirmana.com/] is an 
alias for jpmarion.dyndns.org [http://jpmarion.dyndns.org/].

jpmarion.dyndns.org [http://jpmarion.dyndns.org/] has address 85.191.0.241

I'm afraid I will now get a lecture  
about wildcards I should not be using or WAN-domains that are used on a LAN, 

 but the point is really that I never asked for a 2nd query. There's even an 

 option called 'expand-hosts', but I that's not turned on.

If a foreign DNS-server is a bit slow,  
my DNSMasq suddenly decides to return my WAN-IP.

I don't want this!



I want it to just query the record I  
asked it to and just give NXDOMAIN if it can't deliver.

It isn't dnsmasq performing the second query, it's your OS resolver service. 
 Check your /etc/resolv.conf configuration, remove any "search-suffix" or 
similar directive that might be in there.  Also note that this is a 
per-client setting, it can't be centrally controlled with dnsmasq.


I understand the default behaviour can't 
 suddenly be changed, so an optional variable called 'expand-never' could be 

 given to achieve this.



Cheers all
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20101229/30d11b82/attachment.htm 


More information about the Dnsmasq-discuss mailing list