[Dnsmasq-discuss] localise-queries on ipv6 server does not work with ipv4-only hosts

fda at gmx.de fda at gmx.de
Fri Jul 16 10:00:11 UTC 2021


Am 16.07.2021 um 10:53 schrieb Dominik DL6ER:
>
>> localise-queries
>>      Return answers to DNS queries from /etc/hosts and --interface-name
>> and --dynamic-host which DEPENDS ON THE INTERFACE over which the query
>> was received.

My "interface" has an ipv4 and an ipv6!

And im requesting BY ipv6 an ipv4 (as the host has no ipv6) at an interface

which is in 1 of the subnets of the returned host.


If this should not be supported ("bug") the manpage should be fixed and
the word "interface" avoided.


>> Currently this facility is limited to IPv4.

Yes, im asking for an ipv4

If im going to eat an pig and travel on a horse im still eating the pig
and not my ride :)


> The IPv6
> address of the arriving query does not match the subnet of any of the
> two A records you defined.
-> "interface" is the wrong description in man
>   Hence, dnsmasq is unable to determine what
> is the best fit and returns all known A records. This lets the client
> chose the one it can reach and seems meaningful.

I noticed it as it does not work! Windows "decides" for 1 IP which is
not in the PCs own subnet and is not reachable..

As i do some ip changes currently, the dnsmasq device and/or router is
not reachable by ipv4, so the results are then wrong.

It seems Windows prefers ipv4 for dns, as the wrong name resolution does
not accout so often


> What you request would be adding an interface-dependent address lookup:
> is there any suitable IPv4 address on the same interface. However,a few
> things need to be clarified in this case: how to handle multiple IPv4
> addresses on the same interface each of which having a valid record? It
> is just not possible to localize queries in the same way when it is not
> clear which IPv4 subnet the client is in.


  - Dnsmasq know the incomming/destination ip of the request.

  - At daemon start it build and list with interfaces+all its ipV 4+6

  - And if an ipv4 sould be returned by ipv6 this list is first used.

In case it still fails (many subnets at 1 interfce) it could the old
"return all" method be used

I dont know dnsmasq source code, but it sound not so hard


For the multi-subnets exists a workaround to make it fully working:
assign only 1 IPv4 per IF and move the other IPv4s to "eth0:n"


> My advice: There is no advantage in reaching a DNS server internally
> over IPv6 in a dual-stack network. Ensure your clients query dnsmasq
> over IPv4 and your problem is solved in both the simplest and also most
> reliable way.

I think i dont like it, as i want the DNS be reachable by  v4+v6, eg
when ipv4 is down.

Maybe i could use different hostnames for the same device in differen
subnets. This is not so smart, devices could be switches by vlans. And
this host in multiple subnets has some cnames


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20210716/e86b6b80/attachment-0001.htm>


More information about the Dnsmasq-discuss mailing list