On 2015-12-01 07:46, Albert ARIBAUD wrote: > Hi "A C", > > Le Mon, 30 Nov 2015 21:34:58 -0800 > A C <ag...@hotmail.com> a écrit: > >> On 2015-11-30 05:02, Albert ARIBAUD wrote: >> >>> Can you watch the router's DNS traffic rather than the VPN server's? >>> Possibly give a tcpdump of a successful and a failed DNS request? I >>> assume you cannot change how dnsmasq runs on the router but if you >>> can, then try having it log the successful and failed DNS requests >>> too. This log might show whether a request is forwarded or cached, >>> for instance. >> >> >> Ok. I ran with query logging turned on and queried for a device >> already on the main 10.0.0.0/16 network from another machine and one >> of the VPN clients that the VPN server should know and answer from >> the same machine (the machine being 10.0.0.2). >> >> >> The working query: >> dnsmasq: query[A] device.example.com from 10.0.0.2 >> dnsmasq: /etc/hosts device.example.com is 10.0.0.180 >> >> >> The query that should be forwarded to the VPN server's instance of >> dnsmasq responds like this: >> dnsmasq: query[A] client1.vpn.example.com from 10.0.0.2 >> dnsmasq: config client1.vpn.example.com is <NXDOMAIN>-IPv4 > > Can you copy-paste, with as little modifications as possible, the > complete dnsmasq configuration of the router?
This is it in the most recent version including some of my edits related to this testing. Until this new DNS work I had only one local statement and no server statements. interface=eth0 domain-needed bogus-priv filterwin2k localise-queries local=/example.com/ local=/vpn.example.com/ domain=example.com expand-hosts server=/vpn.example.com/10.0.0.140 server=/0.100.10.in-addr.arpa/10.0.0.140 dhcp-authoritative dhcp-range=10.0.10.100,10.0.10.105,255.255.0.0,24h dhcp-leasefile=/tmp/dhcp.leases read-ethers dhcp-option=3,10.0.0.1 dhcp-option=6,10.0.0.1 dhcp-option=42,10.0.0.141 _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
