[Dnsmasq-discuss] Help required with Zone authority & transfers
Simon Kelley
simon at thekelleys.org.uk
Mon Aug 23 20:22:57 UTC 2021
I think the problem is that you're configuring dnsmasq to be a recursive
server listening on 102.168.1.172 with
listen-address=192.168.1.72
and configuring it to be an authoritative server listening on
102.168.1.172 with
auth-server=home,192.168.1.72
It can do one or the other, but not both.
Simon.
On 19/08/2021 11:40, Kevin Tedder wrote:
> I’ve been running DNSMASQ v2.72 on a RPI 1A very successfully at home
> for the past few years.
>
> I can run ‘dig’, ‘host’ and ‘nslookup’ and resolve any name, both
> locally and across the I’net. I can also run ‘host –l home’ (zone
> transfer) from my home domain. Everything works just as I want it.
>
>
>
> The extract from the working DNSMASQ.CONF is:
>
> server=8.8.8.8
>
> server=8.8.4.4
>
> # Set this DNS as Authorative for our domain
>
> #auth-server=home,192.168.1.68
>
> auth-zone=home,ariel.home
>
> auth-sec-servers=home
>
> host-record=ariel.home,192.168.1.68
>
> local=/home/
>
> interface=eth0
>
> listen-address=127.0.0.1
>
>
>
>
>
> I now want to port it across to a RPI 3B running OpenMediaVault-5 and
> docker. I thought this would be simple since I only have to build a
> docker image, using DNSMASQ v2.8, and port the DNSMASQ.CONF file
> across. I was wrong.
>
>
>
> I can resolve my local devices and perform a zone transfer, but cannot
> resolve any remote names across the I’net.
>
>
>
> # dig www.bbc.co.uk
>
>
>
> ; <<>> DiG 9.8.4-P2 <<>> www.bbc.co.uk
>
> ;; global options: +cmd
>
> ;; Got answer:
>
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11869
>
> ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; WARNING: recursion requested but not available
>
>
>
> ;; QUESTION SECTION:
>
> ;www.bbc.co.uk. IN A
>
>
>
> ;; Query time: 1 msec
>
> ;; SERVER: 192.168.1.72#53(192.168.1.72)
>
> ;; WHEN: Thu Aug 19 11:14:50 2021
>
> ;; MSG SIZE rcvd: 31
>
>
>
> The extract from the DNSMASQ.CONF is :
>
> server=8.8.8.8
>
> server=8.8.4.4
>
> # Set this DNS as Authorative for our domain
>
> auth-server=home,192.168.1.72
>
> host-record=home,192.168.1.72
>
> auth-zone=home,192.168.1.72/24
>
> auth-sec-servers=home
>
> listen-address=127.0.0.1
>
> listen-address=192.168.1.72
>
> no-dhcp-interface=enxb827ebb41d1e # I don’t want two DHCP servers
> running yet whilst I port this
>
>
>
>
>
> However, if I reconfigure dnsmasq to no longer be authorative for my
> home domain, I can perform ‘dig’, ‘host’ and ‘nslookup’ to resolve any
> name, both locally and across the I’net.
>
> But, I cannot perform a zone transfer
>
> # host -v -l home.
>
> Trying "home"
>
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62729
>
> ;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
>
>
> ;; QUESTION SECTION:
>
> ;
>
> ; Transfer failed.
>
>
>
> The extract from the DNSMASQ.CONF is :
>
> server=8.8.8.8
>
> server=8.8.4.4
>
> # Set this DNS as Authorative for our domain
>
> #auth-server=home,192.168.1.72 #
> removed
>
> host-record=home,192.168.1.72
>
> #auth-zone=home,192.168.1.72/24
> # removed
>
> #auth-sec-servers=home
> # removed
>
> listen-address=127.0.0.1
>
> listen-address=192.168.1.72
>
> no-dhcp-interface=enxb827ebb41d1e # I don’t want two DHCP servers
> running yet whilst I port this
>
>
>
>
>
> Clearly I’m doing something wrong but I cannot see what it is. Any
> guidance would be gratefully appreciated.
>
>
>
> Thanks
>
> Kevin
>
>
>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
>
More information about the Dnsmasq-discuss
mailing list