[Dnsmasq-discuss] Help required with Zone authority & transfers

Kevin Tedder kevintedder at hotmail.com
Thu Aug 19 10:40:02 UTC 2021


I've been running DNSMASQ v2.72 on a RPI 1A very successfully at home for
the past few years.

I can run 'dig', 'host' and 'nslookup' and resolve any name, both locally
and across the I'net.   I can also run 'host -l home' (zone transfer) from
my home domain.  Everything works just as I want it.

 

The extract from the working DNSMASQ.CONF is:

server=8.8.8.8

server=8.8.4.4

# Set this DNS as Authorative for our domain

#auth-server=home,192.168.1.68

auth-zone=home,ariel.home

auth-sec-servers=home

host-record=ariel.home,192.168.1.68

local=/home/

interface=eth0

listen-address=127.0.0.1

 

 

I now want to port it across to a RPI 3B running OpenMediaVault-5 and
docker.    I thought this would be simple since I only have to build a
docker image, using DNSMASQ v2.8, and port the DNSMASQ.CONF file across.
I was wrong.

 

I can resolve my local devices and perform a zone transfer,  but cannot
resolve any remote names across the I'net.

 

# dig www.bbc.co.uk

 

; <<>> DiG 9.8.4-P2 <<>> www.bbc.co.uk

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11869

;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; WARNING: recursion requested but not available

 

;; QUESTION SECTION:

;www.bbc.co.uk.                 IN      A

 

;; Query time: 1 msec

;; SERVER: 192.168.1.72#53(192.168.1.72)

;; WHEN: Thu Aug 19 11:14:50 2021

;; MSG SIZE  rcvd: 31

 

The extract from the DNSMASQ.CONF is :

server=8.8.8.8

server=8.8.4.4

# Set this DNS as Authorative for our domain

auth-server=home,192.168.1.72

host-record=home,192.168.1.72

auth-zone=home,192.168.1.72/24

auth-sec-servers=home

listen-address=127.0.0.1

listen-address=192.168.1.72

no-dhcp-interface=enxb827ebb41d1e      #  I don't want two DHCP servers
running yet whilst I port this

 

 

However, if I reconfigure dnsmasq to no longer be authorative for my home
domain, I can perform 'dig', 'host' and 'nslookup' to resolve any name, both
locally and across the I'net.

But, I cannot perform a zone transfer

# host -v -l home.

Trying "home"

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62729

;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

 

;; QUESTION SECTION:

;

; Transfer failed.

 

The extract from the DNSMASQ.CONF is :

server=8.8.8.8

server=8.8.4.4

# Set this DNS as Authorative for our domain

#auth-server=home,192.168.1.72                                            #
removed

host-record=home,192.168.1.72

#auth-zone=home,192.168.1.72/24                                         #
removed

#auth-sec-servers=home
# removed

listen-address=127.0.0.1

listen-address=192.168.1.72

no-dhcp-interface=enxb827ebb41d1e      #  I don't want two DHCP servers
running yet whilst I port this

 

 

Clearly I'm doing something wrong but I cannot see what it is.    Any
guidance would be gratefully appreciated.

 

Thanks

Kevin

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20210819/ea67267c/attachment.htm>


More information about the Dnsmasq-discuss mailing list