[Dnsmasq-discuss] Regression/Feature Request for 2.92
rodolfosilva2 at tutanota.com
rodolfosilva2 at tutanota.com
Wed Mar 11 06:19:02 UTC 2026
Dears,
i use a customs dnsmasq confirguration in which dnsmasq uses my local DNS Server for unqualified hostnames and hostnames with custom domain dw.internal
Configuration looks like this:
# Add other name servers here, with domain specs if they are for
# non-public domains.
servers-file=/var/run/NetworkManager/local-net-dns-servers.conf
/var/run/NetworkManager/local-net-dns-servers.conf
server=/dw.internal/10.24.64.3 at eth0
server=//10.24.64.3 at eth0
i have DNSSEC Validation enabled, an now when querying a local hostname:
dig router1.dw.internal
dnsmasq tries to validate the response even if this local zone is not signed.validation router1.dw.internal is ABANDONED
i fixed this by including trust-anchor=internal in the global dnsmasq.conf
But maybe we can AUTOMATICALLY exclude any custom non-public domain from dsnssec validation?
If not possible , does the logic allow including the trust-anchor statement in the servers-file ?
Prior v2.92 Validation for internal domain just went fine
Expecting any advise--
Secured with Tuta Mail:
https://tuta.com/free-email
More information about the Dnsmasq-discuss
mailing list