[Dnsmasq-discuss] Why does dnsmasq append a local domain in DNS queries?

Mikhail Morfikov mmorfikov at gmail.com
Thu Jan 7 16:25:42 GMT 2016


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

I have the following entries set in the dnsmasq.conf file:

# egrep -v ^# /etc/dnsmasq.conf | egrep -v "^$"
domain-needed
bogus-priv
strict-order
no-resolv
no-poll
server=127.0.2.1#5353
server=/pool.ntp.org/208.67.222.222
server=/mhouse.lh/192.168.1.1#53
local=/mhouse.lh/
listen-address=127.0.0.1
no-dhcp-interface=lo
bind-interfaces
expand-hosts
domain=mhouse.lh
cache-size=10000
min-cache-ttl=3600
max-cache-ttl=7200
dns-forward-max=1024
no-negcache

So all of the DNS requests should go to the 127.0.2.1 address, except for the two domains. One of the domains is my local one (mhouse.lh), and all
the queries should go to my network router.

The whole setup works just fine, but the problems start when I try to
visit a domain that simply doesn't exist. For instance, dupaa.com . The
following log is from tcpdump:

15:45:32.035381 IP 127.0.0.1.18520 > 127.0.2.1.5353: 1536+ A (QM)? dupaa.com. (27)
15:45:37.040620 IP 127.0.0.1.18520 > 127.0.2.1.5353: 1536+ A (QM)? dupaa.com. (27)
15:45:38.045687 IP 127.0.2.1.5353 > 127.0.0.1.18520: 1536 ServFail 0/0/1 (38)

15:45:38.046118 IP 192.168.1.150.6289 > 192.168.1.1.53: 57153+ A? dupaa.com.mhouse.lh. (37)

So the query was sent to dnsmasq, then it was passed to the local DNS
service (dnscrypt-proxy), and it failed to resolve because the domain
doesn't exist. But this wasn't the end. For some reason, there was another
query, now with the local domain appended to the actual domain. I have no
idea why this happens.

This is my /etc/resolv.conf file:

nameserver 127.0.0.1
search mhouse.lh

The IP is the dnsmasq's IP, and the search should append the domain
"mhouse.lh" to queries that don't have any domain specified, for example,
when you use just hostnames. It's very useful thing in local networks.
When I remove the "search" line, the problem disappears, but I don't have
the ability to use just hostnames anymore. I could add them to the
/etc/hosts file, but I want to avoid this.

Is there any way to solve this problem?
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJWjpF4AAoJEM0EaBB3G2UgkLgQAOLZc2ew2kHg+nGvrxaSZYcv
KGwpZo+FlcblXnOTIXstSlOk7Wlk6aoRlG8rXAhwAz6Y+4plfcO3E0dJ6QaDkVRs
FMptpCj32JntOL914EGEHP0XOOjC1oeZ9Fge/x5Zmzdv/ps/IO5uPAp2h+4j3zgT
kea07NgNl+2e9k+PuEnfJutpDOTm5QKaW5P3gmHIcoiP3w0PJXveeBM4b5VPHZz1
6KrZpXVflFcdh1yGQvErGkvsas0BGPCHoPjrHDisjDG8Yjezptk/EG6IIqyiENWE
Iq2YLb5yY0wKgvlQIlOqCEC1HqnR+Z1jDkhIGiDcVI81nl1DJdCUYGjRVLyHR0Be
mEQiT4cSiiePCFn/X/NT/WWUv2k4As/X36Eyc8Snpwi+bnbHyAO5XRhzv7i27jyw
NfKRPXIYln8da4MIa6s6017qRmlcao+M2xVHnbDzAULWnbZT9RhKoTWeJGBvRIHM
SESLCxGEze7fPEzIBS/+RFkfx0YYTXe/188tf9/byHOqaZSZ3qKsDnK0H9JsO0xv
7msVJeTQwAxSBUXOrfGfc1b5Ae+9lmmoEh02lI7Cpreolg/X4sDiYG1rNvhKBUMQ
xVxy9q7WdV8HA8BovYpcNfwrg2GGgehtCer8zQwH62wZbeb4obhVidjdu/dm4xax
ghwJQclFIeaG/RddcOJy
=OBpF
-----END PGP SIGNATURE-----



More information about the Dnsmasq-discuss mailing list