[Dnsmasq-discuss] dnsmasq to provide public DNS service
T o n g
mlist4suntong at yahoo.com
Sat Jul 9 03:08:36 BST 2016
On Fri, 08 Jul 2016 18:49:53 +0200, Albert ARIBAUD wrote:
>> > Once we have netcat available on both ends, we will be able to mimic
>> > DNS exchanges between the machines but without dnsmasq being
>> > involved;
>> The connect is not the problem. I've stopped dnsmasq temporarily and
>> start SSH listening to port 53 and I was able to connect from home.
> The SSH test only proves you can access the box on TCP port 22 (assuming
> you're usign the defaults) from your home; this does not prove anything
> regarding TCP port 53 or UDP port 53, which are what DNS uses.
> 1. Open a terminal and start an SSH session to your box. In this
> session, disable dnsmasq then run
> netcat -u -l -p 53
> 3. On your home machine open one terminal and run
> netcat -u xyz 53
> where xyz should be replaced with the public IP of your box.
> 4. Type some text then hit the Enter key on your home machine.
> Does your box display the text?
> 5. Type some other text then hit the Enter key in the shell to your box.
> Does the netcat running locally display the text?
Sorry for responding late, because I didn't get anything from the server,
my box. However, I did started a second SSH session before, to listen to
port 53 instead of 22, and it worked before. Then I looked up... Long
If I start `netcat -t` then it works; if I start `netcat -u` then it
doesn't work. I.e., the hosting company is blocking the UDP accesses.
But my dnsmasq does listen to TCP port as well though:
$ netstat -lnp | grep :53
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp 0 0 0.0.0.0:53 0.0.0.0:*
tcp6 0 0 :::53 :::*
udp 0 0 0.0.0.0:53
0 :::53 :::*
Will TCP only without UDP not OK?
dig +tcp +short cnn.com @mybox, and will get:
;; communications error to mybox_ip#53: connection reset
from my home or,
;; communications error to mybox_ip#53: end of file
if trying from within my box.
Why is that?
More information about the Dnsmasq-discuss