[Dnsmasq-discuss] Problems with --server

David Erickson halcyon1981 at gmail.com
Tue Jan 20 22:51:23 GMT 2015


Thanks Simon I'll give it a shot! Re logging, unfortunately ddwrt totally
stripped logging from dnsmasq, it is very frustrating.
On Jan 20, 2015 1:49 PM, "Simon Kelley" <simon at thekelleys.org.uk> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
>
>
> On 19/01/15 22:47, David Erickson wrote:
> > Hello- I am using dnsmasq inside dd-wrt, I am a recent build of
> > DD-WRT with dnsmasq v2.72.  I am having problems getting server
> > domain forwarding to work, in particular I can tcpdump and watch my
> > request come in on the LAN port, the request from dnsmasq head out
> > the WAN port to the upstream server, the answer comes back from the
> > upstream server, then dnsmasq returns an empty result to me.
> >
> > Cmdline: dnsmasq -u root -g root --conf-file=/tmp/dnsmasq.conf
> >
> > Conf: interface=br0 resolv-file=/tmp/resolv.dnsmasq all-servers
> > strict-order domain=zonk.some.domain
> > dhcp-leasefile=/tmp/dnsmasq.leases dhcp-lease-max=50
> > dhcp-option=lan,3,10.129.0.1
> > dhcp-range=lan,10.129.0.100,10.129.0.150,255.255.255.0,1440m
> > stop-dns-rebind
> ^^^^^^^^^^^^^^^^^^
>
>
> This is your problem. It says "Don't accept replies is A queries where
> the address is in the RFC1918 range, ie 10.x.y.z, amongst others.
> Dnsmasq should have been logging this.
>
>
> Cheers,
>
> Simon.
>
> > log-queries # some.domain server=/some.domain/10.128.0.1
> > rev-server=10.128.0.0/24,10.128.0.1 # dc.some.domain
> > server=/dc.some.domain/10.128.64.1
> > rev-server=10.128.64.0/24,10.128.64.1
> >
> > And here is the tcpdump interchange:
> >
> > Me -> dnsmasq 23:32:32.301531 IP (tos 0x0, ttl 64, id 49653, offset
> > 0, flags [none], proto UDP (17), length 86) 10.129.0.138.65190 >
> > 10.129.0.1.53: [udp sum ok] 8601+ A? dc-terminal.dc.some.domain.
> > (58) 23:32:32.301567 IP (tos 0x0, ttl 64, id 49653, offset 0, flags
> > [none], proto UDP (17), length 86) 10.129.0.138.65190 >
> > 10.129.0.1.53: [udp sum ok] 8601+ A? dc-terminal.dc.some.domain.
> > (58)
> >
> > dnsmasq -> upstream device 23:32:32.302130 IP (tos 0x0, ttl 64, id
> > 12450, offset 0, flags [DF], proto UDP (17), length 86)
> > 10.128.0.119.46851 > 10.128.64.1.53: [udp sum ok] 58951+ A?
> > dc-terminal.dc.some.domain. (58)
> >
> > upstream device -> dnsmasq 23:32:32.317469 ethertype IPv4, IP (tos
> > 0x0, ttl 63, id 58992, offset 0, flags [DF], proto UDP (17), length
> > 102) 10.128.64.1.53 > 10.128.0.119.46851: [udp sum ok] 58951* q:
> > A? dc-terminal.dc.some.domain. 1/0/0 dc-terminal.dc.some.domain.
> > [0s] A 10.128.64.3 (74) 23:32:32.317505 IP (tos 0x0, ttl 63, id
> > 58992, offset 0, flags [DF], proto UDP (17), length 102)
> > 10.128.64.1.53 > 10.128.0.119.46851: [udp sum ok] 58951* q: A?
> > dc-terminal.dc.some.domain. 1/0/0 dc-terminal.dc.some.domain. [0s]
> > A 10.128.64.3 (74)
> >
> > dnsmasq -> Me (with an empty answer payload) 23:32:32.317777 IP
> > (tos 0x0, ttl 64, id 65207, offset 0, flags [DF], proto UDP (17),
> > length 86) 10.129.0.1.53 > 10.129.0.138.65190: [bad udp cksum
> > 0x15e0 -> 0x50d2!] 8601* q: A? dc-terminal.dc.some.domain. 0/0/0
> > (58) 23:32:32.317804 IP (tos 0x0, ttl 64, id 65207, offset 0, flags
> > [DF], proto UDP (17), length 86) 10.129.0.1.53 >
> > 10.129.0.138.65190: [udp sum ok] 8601* q: A?
> > dc-terminal.dc.some.domain. 0/0/0 (58)
> >
> > Any help or suggestions on troubleshooting would be greatly
> > appreciated.
> >
> > Thanks, David
> >
> >
> >
> > _______________________________________________ Dnsmasq-discuss
> > mailing list Dnsmasq-discuss at lists.thekelleys.org.uk
> > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> >
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
>
> iQIcBAEBCAAGBQJUvsXaAAoJEBXN2mrhkTWic78P/0891jV4EBaseShOYhmD9tZK
> 1zjSWvuL39yBGQSxGkUtseGoXJ96rjjlVIpgLKSMDA3cliUZeclzM5Icd+4fCQcu
> DFZoyCWN+9a+GQT9AkshmxiQrFTOLsKg+oPb0ycxwCDGSZyZVneECaTN0XPdQJzV
> mBQBU8nluAei2/NgzO26qWwkUooQf5GXX0VF4cnj8U3EpXf3bxT5r7oBXQcMnc6N
> ZUtfvgToKKtGzbK6Mu/L7r0KnI9i1Yghc7G4y36rkFBk3q8Nj76rtcPshf3+twQo
> cU5+TOkI5XDWj94OvzTuK9XRTry6qoAYRbaQ3dWVimca5VZx5LxIoEsNeTE5mINl
> sHbZPNd2h2oi0nt3gjldKR/zBdeEg68s6h/iD9y9GnItzwL68LMM1NF8s2S9L56Z
> HbA7fYf0CKB2T2y86fcmpX1uLKDPgod5IOUemASSmtMWgrpCQkxXiFankviLdFFQ
> A6t/+WuGqXhZaCowIRJyrRGW0lmYKHCSAtS1obTdlZhK+Rq9KaJHzoMDm/Rja67K
> 8/xqJY+9g7AOKn3wG2mutdxJp0X6FvIP+lgw1JDUlnL2gGkJBx3VjZwf+LsQHm5V
> IaiCcACmc3Ac1mrCwCo/eKxYuL+l9iE2wNqrUyNOPSkbkjj5dHYva+UJIT+Uo6TG
> A9Hp6aZkDiZPS4gzlA7E
> =7bF0
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20150120/31f706d9/attachment-0001.html>


More information about the Dnsmasq-discuss mailing list