[Dnsmasq-discuss] DNS refused when internet is down

[Duncan Webb]

On 05/12/2020 15:01, Geert Stappers wrote:
> On Sat, Dec 05, 2020 at 11:21:19AM +0100, Duncan Webb wrote:
>> On 02/12/2020 15:03, Geert Stappers wrote:
>>> On Wed, Dec 02, 2020 at 02:45:04PM +0100, Matus UHLAR - fantomas wrote:
>               .....
>>>> but for now get proper message from proper command.
>>> And add information at which network component it is.
>> What do you mean?
> That just copy-and-paste the command and the output
> from somewhere in a ((too? complex?) network is useless.
>
> That proper message from proper command should be provided
> with additional information on which device (a.k.a. network component)
> it was executed.

Do you mean this?

/usr/local/sbin/dnsmasq --all-servers -H /var/etc/dnsmasq-hosts 
--listen-address=192.168.0.254 --listen-address=10.99.2.1 
--listen-address=10.99.0.1 --listen-address=10.99.128.1 
--listen-address=127.0.0.1 --listen-address=::1 --bind-interfaces 
--server=/example.net/10.99.0.1 --server=/opcase1.private/10.99.144.1 
--server=/144.99.10.in-addr.arpa/10.99.144.1 --log-queries=extra 
--dns-forward-max=5000 --cache-size=10000 --local-ttl=1 
--conf-dir=/usr/local/etc/dnsmasq.conf.d,*.conf

>        .....
>>> "Works for me"
>> Here too today,
> OK
>
>
>> next is to add some .conf files and see if an option causes
>> the refused message. I suspect that it is no-negcache that got removed after
>> an upgrade of the firewall software.
>> First is to check the syntax of the conf files.

I did some more tests this weekend (difficult during the week) and when 
testing host returns this

$ host s3
s3.example.net has address 10.99.0.103
Host s3.example.net not found: 5(REFUSED)
Host s3.example.net not found: 5(REFUSED)

dig noes not report an error.

$ dig +short s3 @10.99.0.1
10.99.0.103

Also check_dns nagios plugin reports and error that it cannot resolve 
the address.

At this stage there are no *.conf

Thanks and kind regards,
Duncan