On 12/12/2011 17:40, Matthias Andree wrote:
Am 11.12.2011 20:00, schrieb Ed W:
This is zeroconfiguration DNS-based service discovery stuff. Check
Wikipedia for "Zeroconf".
Dec 11 18:28:08 localhost daemon.info dnsmasq[590]: forwarded
dr._dns-sd._udp.225.177.159.10.in-addr.arpa to 8.8.8.8
Dec 11 18:28:08 localhost daemon.info dnsmasq[590]: forwarded
dr._dns-sd._udp.225.177.159.10.in-addr.arpa to 8.8.4.4
Dec 11 18:28:08 localhost daemon.info dnsmasq[590]: query[PTR]
lb._dns-sd._udp.225.177.159.10.in-addr.arpa from 192.168.111.137
Dec 11 18:28:08 localhost daemon.info dnsmasq[590]: forwarded
lb._dns-sd._udp.225.177.159.10.in-addr.arpa to 8.8.8.8
Dec 11 18:28:08 localhost daemon.info dnsmasq[590]: forwarded
lb._dns-sd._udp.225.177.159.10.in-addr.arpa to 8.8.4.4
How can I tell dnsmasq that it's effectively authoritive for reverse
lookups for private IP ranges and prevent upstream lookups? I do have
"bogus-priv" set. Dnsmasq-1.58
By adding another server-line for 10.in-addr.arpa.
OK, I would like to claim this is a "bug"... I read the description of
dns-sd (snippet from page27 of the RFC) here:
https://bugs.eclipse.org/bugs/show_bug.cgi?id=315970
This gives a tiny amount of clarity on the origin of some of my peculiar
dns traffic
However, I see no way to prevent internal dns reverse name requests from
leaking upstream, eg if my local ip range is 192.168.111.0/24 then how
to prevent requests for x.111.168.192.in-addr.arpa ? (If I use
"server=/111.168.192.in-addr.arpa/127.0.0.x" then various unpleasant
things happen as reported previously)
Additionally, given that I have bogus-priv in my config - should this
not suppress such reverse host lookups?
Any thoughts?
Thanks
Ed W
