[Dnsmasq-discuss] expand-hosts

richardvoigt at gmail.com richardvoigt at gmail.com
Wed Dec 29 21:39:21 GMT 2010 

On Wed, Dec 29, 2010 at 12:44 PM, Jean-Pierre van Melis <
fraterdnsmasq at hetemail.com> wrote:

>  > It isn't dnsmasq performing the second query, it's your OS resolver
> service.  Check your /etc/resolv.conf configuration, remove any
> "search-suffix" or similar directive that might be in there.  Also note that
> this is a per-client setting, it can't be centrally controlled with dnsmasq.
>
> I checked /etc/resolv.conf on the router that's also running dnsmasq.
> It had 2 entries of "search mirmana.com".
> I deleted them both. Now it resolved it fine, giving an NXDOMAIN as an
> answer.
>
> My linux clients didn't have that entry, but after deleting 'domain
> mirmana.com' it stopped adding the domain to the query. I now need to find
> out how that entry got in there (the linux client I mean).
> I'm afraid it was through DHCP.
>

It is only indirectly through DHCP.  DHCP is supplying the clients with a
domain name, it then depends on client configuration whether than name is
used as a search suffix.

Windows boxen have a setting "For resolution of unqualified names: Append
primary and connection-specific DNS suffixes".

Linux clients will have something similar, but I'm not familiar with exactly
where it is, it probably depends on whether you're using  udhcpc,
dhcpclient, or some other dhcp client package.



>
>
>
> -----Original Message-----
> From: "richardvoigt at gmail.com" <richardvoigt at gmail.com>
> To: Jean-Pierre van Melis <fraterdnsmasq at hetemail.com>
> Cc: "dnsmasq-discuss at lists.thekelleys.org.uk" <
> dnsmasq-discuss at lists.thekelleys.org.uk>
> Date: Wed, 29 Dec 2010 08:27:00 -0600
> Subject: Re: [Dnsmasq-discuss] expand-hosts
>
>
>
> On Tue, Dec 28, 2010 at 5:18 PM, Jean-Pierre van Melis <fraterdnsmasq at hetemail.com
> > wrote:
>
>>  Hi Richard,
>>
>>  I own the the domain mirmana.com which points with most of its records
>> including a wildcard to my private DSL-connection on which I have a DD-WRT
>> router.
>>
>>  DD-WRT is running DNSMasq for its DHCP & DNS.
>>  I have set my local domain also to mirmana.com.
>>  I know this should really be mirmana.local, but I'm doing this so my
>> portable devices will access the LAN-side of the services when they are used
>> local and will get forwarded by the router when they access these same
>> services from WAN.
>>  This is the config generated by DD-WRT according to its webif:
>>
>>  :~# cat /tmp/dnsmasq.conf
>> interface=br0
>> resolv-file=/tmp/resolv.dnsmasq
>> all-servers
>> domain=mirmana.com
>> dhcp-leasefile=/tmp/dnsmasq.leases
>> dhcp-lease-max=21
>> dhcp-option=lan,3,192.168.10.1
>> dhcp-option=44,192.168.10.120
>> dhcp-authoritative
>> dhcp-range=lan,192.168.10.248,192.168.10.254,255.255.255.0,1440m
>> dhcp-host=00:13:D3:08:CC:81,win32,192.168.10.120,144m
>> .
>> .
>>  ptr-record=254.0.191.85.in-addr.arpa, cj1616-gateway.mirmana.com
>> addn-hosts=/opt/etc/pixelserv/blacks
>>
>> dhcp-option=option:ntp-server,194.171.167.130,81.171.44.131,87.251.35.240,213.239.154.12,131.211.84.189
>>
>>  This is what happens when I resolve www.google.com and when I resolve
>> the non-existing wwww-google.com
>>
>>  # host www.google.com
>> www.google.com is an alias for www.l.google.com.
>> www.l.google.com has address 74.125.77.104
>> www.l.google.com has address 74.125.77.99
>> www.l.google.com has address 74.125.77.147
>> root at WAN:~# host wwww.google.com
>>  wwww.google.com.mirmana.com is an alias for jpmarion.dyndns.org.
>> jpmarion.dyndns.org has address 85.191.0.241
>>
>>  I'm afraid I will now get a lecture about wildcards I should not be
>> using or WAN-domains that are used on a LAN, but the point is really that I
>> never asked for a 2nd query. There's even an option called 'expand-hosts',
>> but I that's not turned on.
>>  If a foreign DNS-server is a bit slow, my DNSMasq suddenly decides to
>> return my WAN-IP.
>>  I don't want this!
>>
>>  I want it to just query the record I asked it to and just give NXDOMAIN
>> if it can't deliver.
>>
>
> It isn't dnsmasq performing the second query, it's your OS resolver
> service.  Check your /etc/resolv.conf configuration, remove any
> "search-suffix" or similar directive that might be in there.  Also note that
> this is a per-client setting, it can't be centrally controlled with dnsmasq.
>
>
>>
>>  I understand the default behaviour can't suddenly be changed, so an
>> optional variable called 'expand-never' could be given to achieve this.
>>
>>  Cheers all
>>
>>
>>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20101229/ce0df798/attachment-0001.htm

More information about the Dnsmasq-discuss mailing list