[Dnsmasq-discuss] dnsmasq to provide public DNS service

wkitty42 at gmail.com wkitty42 at gmail.com
Fri Jul 15 15:07:24 BST 2016

also replied off-list...

On 07/13/2016 08:21 PM, T o n g wrote:
> After struggled for a few days, I finally decided that I should reply, to
> bring some closure on this. Thank you for all these days of your tireless
> help. However, my conclusion is still the same as my first post -- dnsmasq is
> unable to provide public DNS service -- It can be used as DNS server for
> local host, or local network, but just not for the general public. We've
> ruled out everything possible, and the only thing left is dnsmasq.
> I.e., if there is any probelm with my ISP or my hosting provider, I wouldn't
> have been able to start a working second SSH session listening to port 53
> (instead of 22).

you have missed the point... SSH is TCP... DNS is UDP... DNS switches to TCP 
/ONLY/ if the reply is too large... these other services you're switching in to 
test with are not UDP and that's the flaw in your testing... it is UDP on port 
53 that your ISP is apparently blocking... if you want to test properly, then 
you need to set up a UDP service on port 53 and see if it works from outside 
your ISP...

> In other words, all else the same, swap in SSH to listen to port 53, it
> works; swap in dnsmasq, and it fails. With all else the same, dnsmasq is the
> only problem.

see above... you must compare apples and apples... you cannot compare TCP 
software against UDP software... that's apples and oranges and you will/have 
come to the wrong conclusion via improper testing and invalid results data...

  NOTE: No off-list assistance is given without prior approval.
        *Please keep mailing list traffic on the list* unless
        private contact is specifically requested and granted.

More information about the Dnsmasq-discuss mailing list