On 2015-12-02 00:50, Albert ARIBAUD wrote: > Hi "A C", > > Le Wed, 2 Dec 2015 00:00:06 -0800 > A C <ag...@hotmail.com> a écrit: > >>> I infer that what you have in your working config is not >>> >>> server=/vpn.example.com/10.0.0.140 >>> local=/vpn.example.com/ >>> >>> as indicated above, but actually >>> >>> server=/vpn.example.com/10.0.0.140 >>> local=/example.com/ >>> >>> and what you witness is that it works in this order, but will not >>> work in that order: >>> >>> local=/example.com/ >>> server=/vpn.example.com/10.0.0.140 >>> >>> Am I correct? >>> >> >> Yes, that was a typo on my part. The actual config file has >> local=/example.com/ I just typed the vpn into the email by accident. >> The config file has no other local directives. >> >> Also, your final observation is correct. If local appears before >> server, the queries to the subdomain fail. If local appears after >> server it works. Just for fun I tried out a couple extra server lines >> that point to entirely different domains outside of mine (e.g. >> server=/example.org/1.2.3.4 where local=/example.com/). In that case >> the position of server and local doesn't matter the query is forwarded >> as I remembered from previous usage. So there appears to be an >> interaction between local and server when both contain the same domain >> and the order must be from most specific to least specific. > Hmm. Option --local is supposed to be syntactic sugar for "--server > without a server IP" (or maybe even just a synonym if the manpage is > literal about it), and --server is supposed to be order-insensitive, > so it /looks/ like the dnsmasq documentation and actual behaviour differ > here. > > I guess at this point, Simon (now To:) is the one to confirm the issue > and analysis. > > Amicalement,
Yes, it does look that way. It also appears that it causes issues with setting up reverse (i.e. in-addr.arpa) lookups, too. I configured the VPN server's dnsmasq to be local for both vpn.example.com and for 0.100.10.in-addr.arpa (two local statements) and lookups directed to it are fine. But when I add a server directive to the router's config to redirect 0.100.10.in-addr.arpa over to the VPN server (server=/0.100.10.in-addr.arpa/10.0.0.140) it behaves strangely. Depending on the order, sometimes it forwards the query and other times it doesn't. In either case it ignores replies. It actually causes a loop, ping ponging queries back and forth between the two systems. I had to disable that for now but I would like to get that sorted too, that might need be another thread unless they're related. _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
