[Dnsmasq-discuss] dnsmasq to provide public DNS service

[Albert ARIBAUD]

Hi Tong,

Le Thu, 14 Jul 2016 00:21:20 +0000 (UTC)
T o n g <mlist4suntong at yahoo.com> a écrit:

> After struggled for a few days, I finally decided that I should
> reply, to bring some closure on this. Thank you for all these days of
> your tireless help. However, my conclusion is still the same as my
> first post -- dnsmasq is unable to provide public DNS service -- It
> can be used as DNS server for local host, or local network, but just
> not for the general public. We've ruled out everything possible, and
> the only thing left is dnsmasq. 

Your conclusion is wrong; the only thing you can conclude from your
trials is that dnsmasq will not operate properly in an environment
which does not conform to Internet standards -- and *that* is hardly a
surprise.

> I.e., if there is any probelm with my ISP or my hosting provider, I 
> wouldn't have been able to start a working second SSH session
> listening to port 53 (instead of 22). 

You are again not concluding properly. DNS requires *UDP* port 53 as
well as *TCP* port 53. Your assumption that DNS somehow can do with
*TCP* port 53 alone is unfounded and plain wrong.

> In other words, all else the same, swap in SSH to listen to port 53,
> it works; swap in dnsmasq, and it fails. With all else the same,
> dnsmasq is the only problem. 

This experiment only proves that *TCP* port 53 works between your home
and box, but that was apready proven by previous tests I suggested.
However, dnsmasq requires *UDP* port 53 -- and due to a crippled
access, you cannot use that UDP port, contrary to a considerable
quantity of other persons who daily prove that dnsmasq can be used way
beyond a LAN.

> Thanks anyway for all your helps. 

You're welcome. :)

Amicalement,
-- 
Albert.