[Dnsmasq-discuss] Different behaviour with "interface=" on two almost identical systems
Chris Green
cl at isbd.net
Sat Mar 30 09:12:29 UTC 2024
On Fri, Mar 29, 2024 at 03:45:20PM -0500, Chris Buechler wrote:
> On Thu, Mar 28, 2024 at 11:40 AM Chris Green <[1]cl at isbd.net> wrote:
>
> I did try stopping dnsmasq and then nothing was listening on port
> 53.
> However, just to prove it:-
> root at backup:~# ss -tulpn sport = 53
> Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
> Process
> udp UNCONN 0 0 [2]0.0.0.0:53
> 0.0.0.0:* users:(("dnsmasq",pid=1826,fd=4))
> udp UNCONN 0 0 [::]:53 [::]:*
> users:(("dnsmasq",pid=1826,fd=6))
> tcp LISTEN 0 32 [3]0.0.0.0:53
> 0.0.0.0:* users:(("dnsmasq",pid=1826,fd=5))
> tcp LISTEN 0 32 [::]:53 [::]:*
> users:(("dnsmasq",pid=1826,fd=7))
>
> That's the nature of how dnsmasq binds by default. You need two config
> lines to actually bind only to localhost:
> listen-address=127.0.0.1
> bind-interfaces
> The listen-address config will make it only reply to queries to
> localhost, but doesn't prevent wildcard binding. bind-interfaces makes
> it bind explicitly to the listen-address. See the bind-interfaces
> section of the man page for details.
> [4]https://thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html
>
OK, thank you, I did read those man page entries but found it rather
confusing! It has fixed the problem though! :-)
I still don't quite understand why it seemed to work on one system but
not on another almost identical one.
--
Chris Green
More information about the Dnsmasq-discuss
mailing list