On 13/12/11 14:32, Ed W wrote: > On 12/12/2011 17:40, Matthias Andree wrote: >> Am 11.12.2011 20:00, schrieb Ed W: >>> How can I tell dnsmasq that it's effectively authoritive for reverse >>> lookups for private IP ranges and prevent upstream lookups? I do have >>> "bogus-priv" set. Dnsmasq-1.58 >> By adding another server-line for 10.in-addr.arpa. > > Can you please try your suggestion - for me it's not working. I already > have what you describe and basically DNS stops working without huge > delays here. I'm not sure if the delays are due to massive amounts of > logging generated due to endless retries or because the max number of > parallel queries kicks in and the retries are stalling further queries - > however, it's not workable... > > Note as I said in my previous email, I need to point the server to some > fake address, eg > > server=/10.in-addr.arpa/127.0.0.2 > > Setting it to 127.0.0.1 seems to be ignored and the queries still go out > upstream > > Either it's an artifact of my dnsmasq version (very recent), or there isn't > obviously a way to surpress these? > > Any ideas on how to suppress please?
local=/10.in-addr.arpa/ which just syntactic sugar for server=/10.in-addr.arpa/ ie, there is no upstream server for these domains, dnsmasq, please return NXDOMAIN or NODATA. I think that should work. Bogus-priv won't since the dnsmasq parsing code is stopped by the lb._dns-sd._udp type stuff from parsing an IPv4 address out of this. Simon.
