On 13/06/17 16:52, Mark Rogers wrote:
On 13 June 2017 at 16:21, Laurie Brown laurie@brownowl.com wrote:
DNSmasq is your friend...
It is indeed, but 17.04 isn't letting me talk to it!
Specifically: dnsmasq is what I have running on a server in my office, and my desktop is set to use it via DHCP . A lookup for anything with a dot in it works, but without it doesn't get passed to my dnsmasq server:
$ dig myhost.msl-office.co.uk #works $ dig virtualhost.myhost #works $ dig myhost #fails $ dig @192.168.1.5 myhost #works (where 192.168.1.5 is my server running dnsmasq)
Ah! I confess I haven't tried it with 17.04 at all. I use it extensively in 14.04 and it works well.
I have a situation where I need split-horizon DNS (which djbdns can do as well). Mobile device users, when in-house, need to access internal services with what is effectively the external domain so that when they leave the internal network, the same domains work, but point to a different IP address.
Basically dnscache intercepts the call to an external domain and returns a local address, which is what I think you need.
Not sure if the off-list reply was deliberate so I haven't "corrected" it, but feel free to reply back to the list.
It wasn't! hit the wrong button in a hurry! Sorry!
Cheers, Laurie.
On 14 June 2017 at 10:45, Laurie Brown laurie@brownowl.com wrote:
Ah! I confess I haven't tried it with 17.04 at all. I use it extensively in 14.04 and it works well.
To be clear: I haven't tested dnsmasq under 17.04 (my DNS server runs an LTS release), but it doesn't seem to be the DNS server that's the issue, it's the client: if I force my 17.04 desktop to query the DNS it's fine, but if I don't then it gets lost. This was NOT an issue under 16.10, although that said my 16.10 was an upgrade from earlier releases that may have retained something, whereas 17.04 was a clean install.
On Wed, Jun 14, 2017 at 12:16:28PM +0100, Mark Rogers wrote:
On 14 June 2017 at 10:45, Laurie Brown laurie@brownowl.com wrote:
Ah! I confess I haven't tried it with 17.04 at all. I use it extensively in 14.04 and it works well.
To be clear: I haven't tested dnsmasq under 17.04 (my DNS server runs an LTS release), but it doesn't seem to be the DNS server that's the issue, it's the client: if I force my 17.04 desktop to query the DNS it's fine, but if I don't then it gets lost. This was NOT an issue under 16.10, although that said my 16.10 was an upgrade from earlier releases that may have retained something, whereas 17.04 was a clean install.
Yes, it's the client.
I have dnsmasq running on a Raspberry Pi on my LAN, that's essentially some old[ish] version of Debian. All of my xubuntu 16.04 clients work fine with that, as do various Android and other systems. It's just the xubuntu 17.04 system that doesn't work with unqualified local names.
The basic reason is that 17.04 doesn't use the 'dnsmasq run by Network Manager' for local DNS cache, it has a systemd equivalent instead. For a couple of reasons this doesn't work as well:-
It *should* be able to look up unqualified names but can't for some reason, this is an actual bug and has been reported.
The systemd DNS treats multiple DNS entries in /etc/resolv.conf differently from the previous system. If the first one fails then it uses the second and *continues* to use the second. Previously the DNS servers were tried in order. I had my local server followed by 8.8.8.8 (Google public server) so when, for whatver reason, my local DNS had an issue the DNS would switch to Google and stay there - no resolution of local names.
For the present I have added a 'search' domain to /etc/resolv.conf (well, to the resolvconf configuration actually) and I have removed 8.8.8.8 from the nameservers. This is working OK for me, I just have to work around *another* issue I have with a router whose firewall blocks access from its WiFi to it's wired LAN! (That's why I added the 8.8.8.8, so WiFi users got DNS).
On 14 June 2017 at 16:27, Chris Green cl@isbd.net wrote:
The basic reason is that 17.04 doesn't use the 'dnsmasq run by Network Manager' for local DNS cache, it has a systemd equivalent instead.
Thanks for the detailed explanation.
It *should* be able to look up unqualified names but can't for some reason, this is an actual bug and has been reported.
Don't suppose you have a bug reference I can look up?
The systemd DNS treats multiple DNS entries in /etc/resolv.conf differently from the previous system. If the first one fails then it uses the second and *continues* to use the second. Previously the DNS servers were tried in order.
As I understand it this is "normal" (if frustrating) behaviour and if dnsmasq did things differently then that might have been nice but not "normal". (Try putting two DNS entries into a Windows box, for example.)
For the present I have added a 'search' domain to /etc/resolv.conf (well, to the resolvconf configuration actually)
That didn't work when I tried it for some reason but I'll have another go.
-
Chris Green -
Laurie Brown -
Mark Rogers