[Dnsmasq-discuss] DNS refused when internet is down

Duncan Webb duncan-lists at uniqfeed.com
Tue Dec 1 08:32:52 GMT 2020 

Humble apologies for my poor post and thank you for the better posting 
tips. I have searched for similar problems but haven't found any.

On 26/11/2020 08:31, Geert Stappers wrote:
> On Wed, Nov 25, 2020 at 10:44:34AM +0100, john doe wrote:
>> On 11/25/2020 9:31 AM, Duncan Webb wrote:
>>> Dear all,
>>>
>>> When the internet is down for some external reason nslookup is returning
>>> "Connection to DNS 10.0.0.1 was refused" when looking up a host on the
>>> LAN that has its IP from DHCP. Both DHCP and DNS are provided by 
>>> dnsmasq.
>>>
>>> Is this the expected behaviour or a misconfiguration?
>>>
>> No, this is not the expected behavior.
> Also my first impression, on second thought: "It could be" ...
>
>
>> We can not say
>> where the issue lies with the little information you have provided.
> So please make your problem an interesting challenge for the ML ;-)

The problem can be reproduced by disconnecting the cable to the ADSL 
router. As soon as the cable is removed then a nslookup will return a 
"Connection to DNS 10.0.0.1 was refused" reply for every query.

I would expect that hosts on the LAN that have been provided an IP 
address from the dnsmasq DHCP server to resolve.

The configuration is all on the command line and this is

/usr/local/sbin/dnsmasq --all-servers -H /var/etc/dnsmasq-hosts
--listen-address=192.168.0.254 --listen-address=10.99.2.1
--listen-address=10.99.0.1 --listen-address=10.99.128.1
--listen-address=127.0.0.1 --listen-address=::1 --bind-interfaces
--server=/example.net/10.99.0.1 --server=/opcase.private/10.99.130.1
--server=/130.99.10.in-addr.arpa/10.99.130.1
--server=/opcase1.private/10.99.144.1
--server=/144.99.10.in-addr.arpa/10.99.144.1 --dns-forward-max=5000
--cache-size=10000 --local-ttl=1
--conf-dir=/usr/local/etc/dnsmasq.conf.d,*.conf

I don't think that the options --server=/opcase.private/10.99.130.1 
where the server is offline could be causing this but for completeness 
both the servers 10.99.130.1 and 10.99.144.1 are offline.

The --conf-dir directory has no .conf files.

The firewall is OPNsense which based on BSD and I don't think this is 
relevant to this specific problem.

example.net is not the real domain. The contents of 
/var/etc/dnsmasq-hosts contains lines like this:

10.99.0.201 w1.example.net w1
10.99.0.202 w2.example.net w2
10.99.0.203 w3.example.net w3

It is these addresses that I would expect to be resolved.

Thank you
Duncan

More information about the Dnsmasq-discuss mailing list