[Dnsmasq-discuss] DNS refused when internet is down

Duncan Webb duncan-lists at uniqfeed.com
Mon Dec 14 10:07:53 GMT 2020


On 14/12/2020 08:25, Geert Stappers wrote:
> On Mon, Dec 14, 2020 at 06:51:18AM +0100, Duncan Webb wrote:
>> On 05/12/2020 15:01, Geert Stappers wrote:
>>> On Sat, Dec 05, 2020 at 11:21:19AM +0100, Duncan Webb wrote:
>>>> On 02/12/2020 15:03, Geert Stappers wrote:
>>>>> On Wed, Dec 02, 2020 at 02:45:04PM +0100, Matus UHLAR - fantomas wrote:
>>>                .....
>>>>>> but for now get proper message from proper command.
>>>>> And add information at which network component it is.
>>>> What do you mean?
>>> That just copy-and-paste the command and the output
>>> from somewhere in a ((too? complex?) network is useless.
>>>
>>> That proper message from proper command should be provided
>>> with additional information on which device (a.k.a. network component)
>>> it was executed.
>> Do you mean this?
>>
>> /usr/local/sbin/dnsmasq --all-servers -H /var/etc/dnsmasq-hosts
>> --listen-address=192.168.0.254 --listen-address=10.99.2.1
>> --listen-address=10.99.0.1 --listen-address=10.99.128.1
>> --listen-address=127.0.0.1 --listen-address=::1 --bind-interfaces
>> --server=/example.net/10.99.0.1 --server=/opcase1.private/10.99.144.1
>> --server=/144.99.10.in-addr.arpa/10.99.144.1 --log-queries=extra
>> --dns-forward-max=5000 --cache-size=10000 --local-ttl=1
>> --conf-dir=/usr/local/etc/dnsmasq.conf.d,*.conf
>>
>>>         .....
>>>>> "Works for me"
>>>> Here too today,
>>> OK
>>>
>>>
>>>> next is to add some .conf files and see if an option causes
>>>> the refused message. I suspect that it is no-negcache that got removed after
>>>> an upgrade of the firewall software.
>>>> First is to check the syntax of the conf files.
>> I did some more tests this weekend and when
>> testing host returns this
>>
>> $ host s3
>> s3.example.net has address 10.99.0.103
>> Host s3.example.net not found: 5(REFUSED)
>> Host s3.example.net not found: 5(REFUSED)
>>
>> dig noes not report an error.
>>
>> $ dig +short s3 @10.99.0.1
>> 10.99.0.103
>>
>> Also check_dns nagios plugin reports and error that it cannot resolve the
>> address.
>>
>> At this stage there are no *.conf
>>
>> Thanks and kind regards,
>> Duncan
>   
>
> At which device was the `host s3` executed?
> At which device was the `dig +short s3 @10.99.0.1` executed?

By device to you mean host? If so then all the requests were executed 
from a workstation 10.99.0.210

>
> Why not `host s3 10.99.0.1` for better comparison?

The "host -d s3" command was also run. When the internet was connected 
this following was seen:

$ host -d s3
Trying "s3.example.net"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57543
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;s3.example.net.       IN  A

;; ANSWER SECTION:
s3.example.net.    1   IN  A   10.99.0.103

Received 49 bytes from 10.99.0.1#53 in 0 ms
Trying "s3.example.net"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39237
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;s3.example.net.       IN  AAAA

Received 33 bytes from 10.99.0.1#53 in 6 ms
Trying "s3.example.net"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63206
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;s3.example.net.       IN  MX

Received 33 bytes from 10.99.0.1#53 in 6 ms

When disconnected from the internet then this was the result

$ host -d s3
Trying "s3.example.net"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42726
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;s3.example.net.       IN  A

;; ANSWER SECTION:
s3.example.net.    1   IN  A   10.99.0.103

Received 49 bytes from 10.99.0.1#53 in 0 ms
Trying "s3.example.net"
Host s3.example.net not found: 5(REFUSED)
Received 33 bytes from 10.99.0.1#53 in 0 ms
Trying "s3.example.net"
Host s3.example.net not found: 5(REFUSED)
Received 33 bytes from 10.99.0.1#53 in 0 ms

I didn't try the command "host s3 10.99.0.1".

Many thank and kind regards,
Duncan




More information about the Dnsmasq-discuss mailing list