> > Dnsmasq uses the _destination_ address of the query. I'm not familiar > with Docker. Is it using NAT?
Can't say i'm especially familiar with Docker's networking stack, but it definitely looks and feels like something NAT-ish to me! Interestingly enough, the log entry for where the query came from is correctly detected, but I guess it's not using that address to localise? eg: Apr 5 14:44:59 dnsmasq[505]: query[A] github.com from 10.23.0.23 Apr 5 14:44:59 dnsmasq[505]: forwarded github.com to 1.0.0.1 Apr 5 14:44:59 dnsmasq[505]: reply github.com is 140.82.118.3 Are the addresses used in the log and the destination address different? Thanks, - Jake Howard On Sat, 4 Apr 2020, at 19:01, Simon Kelley wrote: > On 31/03/2020 13:51, Jake Howard wrote: > > Hello! > > > > Had a breakthrough on what's going on, and it's down to a caveat I > > missed when reading the man page on localise-queries: > > > >> Return answers to DNS queries from /etc/hosts and *--interface-name* > > which depend on the interface over which the query was received. > > > > And of course, this issue has to do with docker. With Docker, even > > though the container is listening on 2 different interfaces, and 2 > > different IPs, the inner container, and thus dnsmasq, only sees 1 > > interface, with all addresses coming from it. Hence localisation isn't > > quite working. > > > > If I run dnsmasq with the exact same config but on the host, where it > > can see the different interfaces, works perfectly! > > > > Testing was done in 2.79 and 2.76, with a config file practically > > identical to your CLI arguments. > > > > Technically, there's not a bug here per-say, but it'd be really handy if > > there was a way of looking at the source IP when determining which > > record to return rather than just the interface? > > Dnsmasq uses the _destination_ address of the query. I'm not familiar > with Docker. Is it using NAT? > > > Simon. > > > > > > Thanks! > > > > On Mon, 30 Mar 2020, at 20:42, Simon Kelley wrote: > >> On 28/03/2020 20:38, Jake Howard wrote: > >> > Hi, > >> > > >> > My intention is to have 1 dnsmasq instance, accessible over 2 interfaces > >> > (listening on all), and have the response to a query differ based on the > >> > interface, and therefore its incoming IP. From what i've read, that's > >> > exactly what localise-queries is meant to do, but it doesn't appear to > >> > be unless I put the entries into /etc/hosts directly. > >> > >> > >> OK, what you're expecting to happen and what I'm expecting to happen are > >> the same. That's good. > >> > >> I just did a quick test, and it seems to work fine for me. The > >> example.com addresses are in /tmp/hosts. > >> > >> > >> srk@holly:~/dnsmasq/dnsmasq$ src/dnsmasq -d --log-queries > >> --localise-queries -p 10000 --addn-hosts=/tmp/hosts > >> dnsmasq: started, version 2.81rc4-5-gd162bee cachesize 150 > >> dnsmasq: compile time options: IPv6 GNU-getopt no-DBus no-UBus no-i18n > >> no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth no-DNSSEC > >> loop-detect inotify dumpfile > >> dnsmasq: reading /etc/resolv.conf > >> dnsmasq: using nameserver 127.0.1.1#53 > >> dnsmasq: read /etc/hosts - 9 addresses > >> dnsmasq: read /tmp/hosts - 2 addresses > >> dnsmasq: query[A] example.com from 127.0.0.1 > >> dnsmasq: /tmp/hosts example.com is 192.168.151.43 > >> dnsmasq: /tmp/hosts example.com is 192.168.150.43 > >> dnsmasq: query[A] example.com from 192.168.150.49 > >> dnsmasq: /tmp/hosts example.com is 192.168.150.43 > >> > >> > >> If it's not working for you, that's a bug, but we need to find what it > >> is about your setup that tickles the bug. > >> > >> Can you boil it down to the simplest configuration that displays the > >> problem, and also specify which version of dnsmasq you're using? > >> > >> > >> cheers, > >> > >> Simon. > >> > >> > >> > > >> > Thanks, > >> > - Jake Howard > >> > > >> > On Sat, 28 Mar 2020, at 17:59, Simon Kelley wrote: > >> >> On 19/03/2020 21:47, Jake Howard wrote: > >> >> > Hello! > >> >> > > >> >> > Is `localise-queries` meant to work against entries added via > >> >> > `addn-hosts`? Querying a record returns both IPs, but always in the > >> >> same > >> >> > order. The order is correctly fixed when the records are put in > >> >> > `/etc/hosts` directly. > >> >> > >> >> > >> >> Yes, localise-queries works with entries added via addn-hosts, but it > >> >> doesn't have anything to do with the order that records appear, so that > >> >> doesn't address your problem. What are you trying to achieve? > >> >> > >> >> > >> >> Simon. > >> >> > >> >> > >> >> > > >> >> > Config: > >> >> > > >> >> > ``` > >> >> > localise-queries > >> >> > no-resolv > >> >> > cache-size=10000 > >> >> > log-queries > >> >> > log-facility=/var/log/pihole.log > >> >> > local-ttl=2 > >> >> > log-async > >> >> > server=8.8.8.8 > >> >> > server=8.8.4.4 > >> >> > server=1.1.1.1 > >> >> > server=1.0.0.1 > >> >> > interface=eth0 > >> >> > server=/use-application-dns.net/ > >> >> > > >> >> > addn-hosts=/etc/vpn-hosts.conf > >> >> > localise-queries > >> >> > > >> >> > ``` > >> >> > > >> >> > This is from pihole, but AFAIK that shouldn't make a difference > >> if I'm > >> >> > modifying the config directly. > >> >> > > >> >> > Would appreciate some input, or being told i'm wrong! > >> >> > > >> >> > Thanks, > >> >> > > >> >> > - Jake Howard > >> >> > > >> >> > > >> >> > > >> >> > > >> >> > _______________________________________________ > >> >> > Dnsmasq-discuss mailing list > >> >> > Dnsmasq-discuss@lists.thekelleys.org.uk > >> >> > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > >> >> > > >> >> > >> >> > >> >> _______________________________________________ > >> >> Dnsmasq-discuss mailing list > >> >> Dnsmasq-discuss@lists.thekelleys.org.uk > >> >> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > >> >> > >> > > >> > > >> > _______________________________________________ > >> > Dnsmasq-discuss mailing list > >> > Dnsmasq-discuss@lists.thekelleys.org.uk > >> > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > >> > > >> > >> > >> _______________________________________________ > >> Dnsmasq-discuss mailing list > >> Dnsmasq-discuss@lists.thekelleys.org.uk > >> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > >> > > > > > > _______________________________________________ > > Dnsmasq-discuss mailing list > > Dnsmasq-discuss@lists.thekelleys.org.uk > > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > > > > > _______________________________________________ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss >
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
