[Dnsmasq-discuss] Reverse lookups stopped working with DNSSEC enabled
Opty
opty77 at gmail.com
Fri Apr 11 13:59:30 UTC 2025
Hello,
using dnsmasq 2.90 on Slackware 15.0 (32-bit), about a week ago
reverse lookups suddenly stopped working with DNSSEC enabled:
opty at vodopnik:~$ host 158.194.80.13
;; Truncated, retrying in TCP mode.
;; communications error to 127.0.0.1#53: timed out
;; communications error to 127.0.0.1#53: timed out
;; no servers could be reached
I upgraded to 2.91 which didn't help much, just the truncation message
went gone. So I tried to comment edns-packet-max=1232, then enable
dnssec-check-unsigned but that didn't help either.
Finally, I upgraded to 2.92test2 but still no joy.
Currently working /etc/dnsmasq.conf:
domain-needed
bogus-priv
conf-file=/usr/share/dnsmasq/trust-anchors.conf
no-resolv
server=9.9.9.9
server=149.112.112.112
listen-address=127.0.0.1,192.168.1.254,10.0.5.1
no-dhcp-interface=127.0.0.1,192.168.1.254
bind-interfaces
dhcp-range=10.0.5.100,10.0.5.249,12h
dhcp-host=rr:ee:dd:aa:cc:tt,10.0.5.128
dhcp-option=option:ntp-server,10.0.5.1
dhcp-option=option:dns-server,10.0.5.1
edns-packet-max=1232
I suspect my ISP of some change and in case of your interest I would
appreciate some guidance on debugging this, preferably
non-interruptive.
Regards,
Opty
More information about the Dnsmasq-discuss
mailing list