[Dnsmasq-discuss] Behavior change of upstream servers set via DBus

Fri Nov 26 03:15:43 UTC 2021

Thanks for your help, I'll try getting the problem sloved once I get
some free time. For now, I'm still using dnsmasq 2.85 and that should
be fine for a while.

On Wed, 2021-11-24 at 15:32 +0100, Petr Menšík wrote:
> I understand Jerry had simple setup with dnsmasq 2.85, just using
> NetworkManager and dns=dnsmasq. He were able to configure something
> like
> two sets of nameservers. One configured automatically by Network
> Manager, the second hardcoded using server=/#/1.1.1.1.
> 
> It is interesting use case. I think something similar to dhcp tags
> would
> be nice here. If he could define alternative set of servers and not
> copy
> again and again target server IP. Especially when he uses kind of
> negated matches.
> 
> I do not think this were implemented intentionally before. /#/ is
> documented only for --address as a fallback, it seems like more
> coincidence it worked this way also with --server.
> 
> I think good approach would be sending clean domains to alternative
> instance listening on localhost, different port or IP. That would
> have
> configured just server=1.1.1.1. You might be even able to setup
> stubby
> for DNS over TLS encryption for those clean domains, if that is
> permitted and possible. It might be any other dns server, while
> dnsmasq
> would be configured by Network Manager for easy configuration and
> provide name based redirection.
> 
> # example of clean record
> server=/clean.example/127.0.0.1#1053
> 
> I understand it requires additional instance, but that should be okay
> on
> common laptop.
> 
> Cheers,
> Petr
> 
> On 11/20/21 19:07, Matus UHLAR - fantomas via Dnsmasq-discuss wrote:
> > On 17.11.21 15:50, Jerry Xiao wrote:
> > > It's unnecessary and inefficient to rebuild a config file that
> > > long
> > > every time you connect to a new wifi network,
> > 
> > well, you have used default and "default" server, where the
> > "default" was
> > not really default, because only configured domains were pointed to
> > it.
> > 
> > yes, you used undocumented feature of dnsmasq that gort removed.
> > 
> > what you need is some kind of "server-alias", I guess you are
> > welcome to
> > provide a patch or hope someone will make it for you.
> > 
> > > and btw this is also bad for your ssd.
> > 
> > have you never heard of tmpfs?
> > 
> > alternatively, you can use multiple dnsmasq instances, one
> > forwarding to
> > default server and only named domains to the second instance.  The
> > second
> > instance will forward to dhcp-provided nameserver(s).
> > 
> > > > On 11.11.21 15:12, Jerry Xiao wrote:
> > > > > I was using dnsmasq 2.85 to do all of this, until it is
> > > > > upgraded
> > > > > and no
> > > > > longer works. I'm not quite sure if it is an unintentional
> > > > > feature
> > > > > on
> > > > > the old version 2.85, in option.c there is a piece of clearly
> > > > > intentional code to deal with the sharp inside something like
> > > > > "server=/#/1.1.1.1"
> > > > > 
> > > > > if (strcmp(arg, "#") == 0)
> > > > >  domain = "";
> > > > > 
> > > > > this also sets the SERV_HAS_DOMAIN server flag below.
> > > > > I remember seeing the feature being discussed in the mailing
> > > > > list,
> > > > > though the thread is not that easy to find.
> > > > > 
> > > > > I spent some more time digging into the code base, only to
> > > > > find out
> > > > > that there is no "easy" way to implement this in the new
> > > > > version
> > > > > because of the new sorting algorithm used for choosing
> > > > > servers, the
> > > > > vastly changed server flags (SERV_HAS_DOMAIN, along with some
> > > > > other
> > > > > flags, are removed) and the fact that server flags and query
> > > > > flags
> > > > > are
> > > > > already full, idk if the upstream is willing to merge my
> > > > > changes if
> > > > > the
> > > > > size of the flags are enarged.
> > > > > 
> > > > > Worst case I just replace dnsmasq with systemd-networkd, but
> > > > > before
> > > > > that I'd like to know if there's still other ways to
> > > > > implement
> > > > > this.
> > 