dnsmasq as private DNS

I’m building a private network not connected to the internet with VirtualBox for practice and i’m using dnsmasq on the server machine for both DHCP (and DHCPv6) and DNS service. The DHCP works fine but i’ve tried to create my own private domains “examplea.lan” and “exampleb.lan” which responds to two different subnets and i can’t resolve any hostname from server or clients using nslookup. Using Ubuntu 19.04 with interfaces configured using netplan.

How to stop continuous concurrent local DNS queries to dnsmasq

I set up a DNS server using dnsmasq, but it seems that it doesn’t work properly. The networking delay is up to hundreds of millisecs.

PING [server] ([server]) 56(84) bytes of data. 64 bytes from [server]: icmp_seq=1 ttl=50 time=583 ms 64 bytes from [server]: icmp_seq=2 ttl=50 time=583 ms 64 bytes from [server]: icmp_seq=3 ttl=50 time=583 ms 64 bytes from [server]: icmp_seq=4 ttl=50 time=583 ms 64 bytes from [server]: icmp_seq=5 ttl=50 time=583 ms 64 bytes from [server]: icmp_seq=6 ttl=50 time=583 ms 64 bytes from [server]: icmp_seq=7 ttl=50 time=583 ms 64 bytes from [server]: icmp_seq=8 ttl=50 time=583 ms 

Then soon I discovered that it’ll turn all right with using the default resolver systemd-resolved. By checking the log, I got the messages here below:

Jul 27 13:32:53 dnsmasq[3780]: query[A] ntp.ubuntu.com from 127.0.0.1 Jul 27 13:32:53 dnsmasq[3780]: forwarded ntp.ubuntu.com to 127.0.0.53 Jul 27 13:32:53 dnsmasq[3780]: query[A] ntp.ubuntu.com from 127.0.0.1 Jul 27 13:32:53 dnsmasq[3780]: forwarded ntp.ubuntu.com to 127.0.0.53 [countless records repeating these above...] Jul 27 13:32:53 dnsmasq[3780]: Maximum number of concurrent DNS queries reached (max: 150) Jul 27 13:32:54 dnsmasq[3780]: query[A] ntp.ubuntu.com from 127.0.0.1 Jul 27 13:32:54 dnsmasq[3780]: forwarded ntp.ubuntu.com to 127.0.0.53 [...] [probably the sigterm was sent here?] Jul 27 13:32:57 dnsmasq[3780]: query[A] ntp.ubuntu.com from 127.0.0.1 Jul 27 13:32:57 dnsmasq[3780]: forwarded ntp.ubuntu.com to 127.0.0.53 Jul 27 13:32:58 dnsmasq[3780]: no servers found in /run/dnsmasq/resolv.conf, will retry Jul 27 13:32:58 dnsmasq[3780]: query[A] ntp.ubuntu.com from 127.0.0.1 Jul 27 13:32:58 dnsmasq[3780]: query[A] ntp.ubuntu.com from 127.0.0.1 Jul 27 13:32:58 dnsmasq[3780]: query[A] ntp.ubuntu.com from 127.0.0.1 Jul 27 13:32:58 dnsmasq[3780]: query[A] ntp.ubuntu.com from 127.0.0.1 Jul 27 13:32:58 dnsmasq[3780]: query[A] ntp.ubuntu.com from 127.0.0.1 Jul 27 13:32:58 dnsmasq[3780]: exiting on receipt of SIGTERM 

So.. How to resolve this problem which makes me crazy, plz 🙁

The content from dnsmasq.conf is here:

strict-order resolv-file=/etc/resolv.conf.dnsmasq listen-address=0.0.0.0 server=/aliyuncs.com/100.100.2.136 server=/aliyuncs.com/100.100.2.138 server=/*.cn/100.100.2.136 server=/*.cn/100.100.2.138  bogus-nxdomain=100.100.2.136 bogus-nxdomain=100.100.2.138  log-queries log-facility=/var/log/dnsmasq/dnsmasq.log log-async=50  #EOF 

And resolv.conf.dnsmasq:

nameserver 100.100.2.136 nameserver 100.100.2.138 nameserver 208.67.222.123 nameserver 208.67.220.123 nameserver 8.8.8.8 nameserver 8.8.4.4 nameserver 1.2.4.8 nameserver 210.2.4.8 nameserver 208.67.222.222 nameserver 208.67.220.220 

resolv.conf:

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) #     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN # 127.0.0.53 is the systemd-resolved stub resolver. # run "systemd-resolve --status" to see details about the actual nameservers.  nameserver 127.0.0.53 options timeout:2 attempts:3 rotate single-request-reopen 

Homebrew dnsmasq “Service exited with abnormal code: 2” (Mac OS X Sierra 10.12.6)

I installed dnsmasq through Homebrew. Unfortunately it constantly crash and is resumed by launchd through brew services launch script.

This is the log:

Jun 11 10:45:33 MacBook-Pro com.apple.xpc.launchd[1] (homebrew.mxcl.dnsmasq[48386]): Service exited with abnormal code: 2 Jun 11 10:45:33 MacBook-Pro com.apple.xpc.launchd[1] (homebrew.mxcl.dnsmasq): Service only ran for 0 seconds. Pushing respawn out by 10 seconds. 

I set it up following some tutorials, this is my settings.

#/private/etc/Hosts  127.0.0.1       localhost 255.255.255.255 broadcasthost ::1             localhost  fe80::1%lo0     localhost  # [...]  127.0.0.1               local.web 0:0:0:0:0:ffff:7f00:1   local.web fe80::1%lo0             local.web 127.0.0.1               fullpipeumbrella.loc 0:0:0:0:0:ffff:7f00:1   fullpipeumbrella.loc fe80::1%lo0             fullpipeumbrella.loc  # [...]  127.0.0.1               localhost.demo1.com 0:0:0:0:0:ffff:7f00:1   localhost.demo1.com fe80::1%lo0             localhost.demo1.com  #/usr/local/etc/dnsmasq.conf  domain-needed bogus-priv no-resolv server=8.8.8.8 server=208.67.220.220 

This is the output of brew services list:

$   brew services list Name    Status  User     Plist dnsmasq started root     /Library/LaunchDaemons/homebrew.mxcl.dnsmasq.plist httpd   stopped           php     started username /Users/username/Library/LaunchAgents/homebrew.mxcl.php.plist php@7.1 stopped           php@7.2 stopped           

And the output of ps, $ ps -e | grep -v grep | grep dnsmasq:

   65 ??         0:02.31 /usr/local/opt/dnsmasq/sbin/dnsmasq --keep-in-foreground -C /usr/local/etc/dnsmasq.conf 

Finally I made a test with dscacheutil:

$   dscacheutil -q host -a name fullpipeumbrella.loc name: fullpipeumbrella.loc ipv6_address: ::ffff:127.0.0.1 ipv6_address: fe80:1::1  name: fullpipeumbrella.loc ip_address: 127.0.0.1 

Thanks in advance… 🙂

dnsmasq + systemd-resolved high cpu

I’m using DNSMasq only for DNS caching, other DNS queries should go to the original DNS configured in systemd-resolved (if I understand the flow correctly). All the solutions to this issue are saying to disable the systemd-resolved stub listened but I do need it as DNSMasq is using it as last resort for records it didn’t match:

enter image description here

If DNSMasq don’t know how to resolve an address, it asks systemd-resolved listening on 127.0.0.53:53 and then it goes to the external DNS server.

enter image description here

Anything I can do to lower the CPU without disabling systemd-resolved?

Configure dnsmasq to respond to bootp request

I have an embedded ARM board running linux (Yocto distribution). I have connected to the ethernet port a IP camera that is using bootp to get it’s initial IP address. I am using dnsmasq to respond to the bootp device. Here’s the command:

root@imx6qrsb6410a2:~# dnsmasq -d --dhcp-range=192.168.0.5,192.168.0.5,12h --dhcp-option=option:router,192.168.0.1 --interface=eth0

So I’m only going to have it serve up a single IP address to this camera. I do have a reason for this so lets move on.

I’ve tested this configuration with a DHCP device (my Windows 10 laptop) and it worked just fine. So here is the output from this command when I run it to work with the IP camera:

dnsmasq: started, version 2.75 cachesize 150 dnsmasq: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth no-DNSSEC loop-detect inotify dnsmasq-dhcp: DHCP, IP range 192.168.0.5 -- 192.168.0.5, lease time 12h dnsmasq-dhcp: DHCP, IP range 192.168.0.5 -- 192.168.0.5, lease time 12h dnsmasq: no servers found in /etc/resolv.conf, will retry dnsmasq: read /etc/hosts - 6 addresses dnsmasq-dhcp: BOOTP(eth0) 00:01:fc:4d:7f:b4 no address available dnsmasq-dhcp: BOOTP(eth0) 00:01:fc:4d:7f:b4 no address available dnsmasq-dhcp: BOOTP(eth0) 00:01:fc:4d:7f:b4 no address available dnsmasq-dhcp: BOOTP(eth0) 00:01:fc:4d:7f:b4 no address available dnsmasq-dhcp: BOOTP(eth0) 00:01:fc:4d:7f:b4 no address available dnsmasq-dhcp: BOOTP(eth0) 00:01:fc:4d:7f:b4 no address available dnsmasq-dhcp: BOOTP(eth0) 00:01:fc:4d:7f:b4 no address available dnsmasq-dhcp: BOOTP(eth0) 00:01:fc:4d:7f:b4 no address available

It will never supply the address and the device will never boot. I’ve been trying this for about 2 days now using dhcp, udhcpd as well and essentially I’m getting different variations of this problem. The only thing that is different amoungst them is better logging by the application. (if you are wondering, dnsmasq wins).

Any help would be appreciated.

Cheers!!

DNSMasq for multiple vlans with Ubuntu 18.04

Is it possible to setup one instance of dnsmasq to handle multiple vlans?

I have 3 vlans

10.0.4.0/24 – guest wifi 10.0.10.0/24 – user network 10.0.50.0/24 – private mission critical network

I want to have a dnsmasq handling dns cachine and dhcp service for all 3 networks.

I figured I would place it in the 10.0.10.0/24 network and allow access to it from all 3. UFW allowed traffic on the corresponding ports for DNS and DHCP only and ssh from the 10.0.50.0/24 network.

I’m running this on ubunutu 18.04 on a vm. I have a lot of machines I need remote access to and remembering ips is becoming a pain. I installed a dedicated network card on the vm host to give this vm untagged access to the 10.0.10.0/24 network.

I have had it working briefly but the vlaning is weird. Do I need a card for all 3 networks to the vm? Or would it be better to run an instance on all 3 networks and have one network handle all of my settings?

What’s the best approach to this?

dnsmasq DHCP Option and Aruba access points configuration wrong

I have NethServer with internal dnsmasq service for DNS and DHCP. I am trying to create configuration inside DHCP for auto provisioning Aruba access points.

Checking ArubaNetwork site i know about some specific configuration for DHCP. And I am using this configuration now in ics-dhcpd service on another server. But I should migrate to dnsmasq. And I am faced with configuration problem with vendor-class specific DHCP options 43 and 60.

This is as example on Aruba site.

option serverip code 43 = ip-address; class "vendor-class" {       match option vendor-class-identifier; }  subnet 10.200.10.0 netmask 255.255.255.0 { ...    subclass "vendor-class" "ArubaAP" {       option vendor-class-identifier "ArubaAP"; # # option serverip <loopback-IP-address-of-master-controller> #       option serverip 10.200.10.10;    }    range 10.200.10.200 10.200.10.252; } 

In my dnsmasq configuration I am trying to do something like this

dhcp-range=set:eth1.101,10.20.101.100,10.20.101.130,255.255.255.0,3600 domain=xxxxxxx.xxx,10.20.101.100,10.20.101.130  dhcp-vendorclass=vendor:arubaap,"ArubaAP" dhcp-option=vendor:arubaap,43,10.20.101.253  dhcp-option=tag:eth1.101,option:router,10.20.101.254 dhcp-option=tag:eth1.101,option:dns-server,10.20.254.1 dhcp-option=tag:eth1.101,option:tftp-server,10.20.101.1 

But it doesn’t work. Man of dnsmasq can’t help to understand how to do it correctly. Can anyone help with explanation about this issue? In my configuration not working only vendor-class DHCP options. Other configurations delivered without any problems.

dnsmasq using separate dhcp server

I’ve been a happy user of dnsmasq on my SOHO LAN for years, providing both DNS services and dhcp services.

However, after switching to AT&T’s fiber service, I need to separate responsibility for dhcp and DNS. That’s because AT&T requires you to use their router as an interface to their network, and, while you can configure their router’s dhcp service, you can’t turn it off (you can also configure their router to act as a passthru to your LAN, but that doesn’t work well; as in, your connection speed drops 95%).

I could simply not have a DNS running locally. But I find it convenient to access various LAN resources by name, rather than IP address.

My understanding is dnsmasq will not serve as a dhcp server if you don’t configure any of the dhcp options. But what I want to do, I think, is a little different: I want dnsmasq to “learn” what IP address was assigned by the AT&T router to a device and then link that IP address to a user-defined host name. If this is possible, I imagine it would be via MAC address.

I don’t know if this is possible, and so would appreciate some advice. Or an alternative solution that accomplishes the same thing.

systemd starts dnsmasq before starting network manager

Looks to me that my systemd starts dnsmasq before starting network manager. How can I confirm this? How can I force systemd starts dnsmasq after starting network manager?

Reason behind this is, as explained in NetworkManager not updating /var/run/networkmanager/resolv.conf,

  • I’m using dnsmasq as my LAN DNS server, and
  • I defined my two IP addresses in NetworkManager.

When my system started my dnsmasq is not working, and I found that the reason is it is not listening to my two IP addresses at all. Only after restarting it, it started to listen to my two IP addresses:

$   lsof -i tcp:53 COMMAND   PID            USER   FD   TYPE DEVICE SIZE/OFF NODE NAME systemd-r 544 systemd-resolve   13u  IPv4  18667      0t0  TCP 127.0.0.53:domain (LISTEN) dnsmasq   793         dnsmasq    5u  IPv4  23719      0t0  TCP localhost.my.box.name:domain (LISTEN) dnsmasq   793         dnsmasq    7u  IPv6  23721      0t0  TCP ip6-localhost:domain (LISTEN)  /etc/init.d/dnsmasq restart [ ok ] Restarting dnsmasq (via systemctl): dnsmasq.service.  $   lsof -i tcp:53 COMMAND     PID            USER   FD   TYPE DEVICE SIZE/OFF NODE NAME systemd-r   544 systemd-resolve   13u  IPv4  18667      0t0  TCP 127.0.0.53:domain (LISTEN) dnsmasq   17895         dnsmasq    5u  IPv4 601091      0t0  TCP 192.168.0.10:domain (LISTEN) dnsmasq   17895         dnsmasq    7u  IPv4 601093      0t0  TCP 192.168.0.11:domain (LISTEN) dnsmasq   17895         dnsmasq    9u  IPv4 601095      0t0  TCP localhost...  $   lsb_release -a  No LSB modules are available. Distributor ID: Ubuntu Description:    Ubuntu 18.04.1 LTS Release:        18.04 Codename:       bionic  # my systemd is not the latest but I think that shouldn't matter: $   apt-cache policy systemd systemd:   Installed: 237-3ubuntu10   Candidate: 237-3ubuntu10.9   Version table:      237-3ubuntu10.9 500         500 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages         500 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages  *** 237-3ubuntu10 500         500 http://archive.ubuntu.com/ubuntu bionic/main amd64 Packages         100 /var/lib/dpkg/status