[Dnsmasq-discuss] Different behaviour with "interface=" on two almost identical systems
Buck Horn
buckhorn at weibsvolk.org
Thu Mar 28 14:50:57 UTC 2024
On 28.03.24 14:28, Chris Green wrote:
> ... and another system, also running dnsmasq version 2.90:-
>
> chris at t470$ nmap 192.168.1.128 | grep 53
> 53/tcp open domain
> chris at t470
>
>
> So why are they acting differently and, possibly more to the point,
> how do I make dnsmasq listen only on the loopback address?
Hi Chris,
you are just probing for port 53, without information about the process
handling that port, so it could be another resolver on the same machine
(e.g. systemd-resolved, or a dnsmasq instance controlled by
NetworkManager) that hogs port 53.
You may want to consider using something like sudo ss -tulpn sport = 53
to see what is actually listening.
For listening on 127.0.0.1 only, you probably should consider to
explicitly state that as listen-address:
(quoting https://dnsmasq.org/docs/dnsmasq-man.html)
-a, --listen-address=<ipaddr>
Listen on the given IP address(es). Both --interface and
--listen-address options may be given, in which case the set of both
interfaces and addresses is used. Note that if no --interface option is
given, but --listen-address is, dnsmasq will not automatically listen on
the loopback interface. To achieve this, its IP address, 127.0.0.1, must
be explicitly given as a --listen-address option.
Kind regards,
Buck
More information about the Dnsmasq-discuss
mailing list