9

I've done a default install of dnsmasq. When I run dig, it seems to be using dnsmasq (127.0.0.1), but the results don't include the hostnames included in /etc/hosts.

/etc/hosts:

192.168.1.13 sun

in a terminal:

$ dig sun

; <<>> DiG 9.6-ESV-R4 <<>> sun
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32131
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;sun.               IN  A

;; AUTHORITY SECTION:
.           9699    IN  SOA a.root-servers.net. nstld.verisign-grs.com. 2011041100 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Apr 12 05:20:56 2011
;; MSG SIZE  rcvd: 96

in a terminal:

$ dig @localhost sun

; <<>> DiG 9.6-ESV-R4 <<>> @localhost sun
; (2 servers found)
;; global options: +cmd
;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43763
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;sun.               IN  A

;; AUTHORITY SECTION:
.           10800   IN  SOA a.root-servers.net. nstld.verisign-grs.com. 2011041800 1800 900 604800 86400

;; Query time: 40 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Apr 18 17:15:23 2011
;; MSG SIZE  rcvd: 96

I've tried using local and expand-hosts/domain, but can't seem to get either of those working either. My primary goal is to be able to use one machine to host LAN DNS, I don't care if the names wind up being sun or sun.domain, whatever works.

Here is my /etc/resolv.conf

nameserver 127.0.0.1
domain members.linode.com
search members.linode.com
nameserver 72.14.188.5
nameserver 72.14.179.5

and /etc/dnsmasq.conf

domain-needed
bogus-priv

This is all on an ubuntu 10.04 machine if it makes a difference. I have been following this guide: http://www.mythicalbeast.co.uk/linux/dnsmasq_howto.html (though not verbatim since that also sets up DHCP)

Zach Dwiel
  • 91
  • 1
  • 1
  • 3
  • Are you sure the option 'no-hosts' isn't being passed to dnsmasq somehow? What is the result of 'dig @localhost sun'. – sciurus Apr 15 '11 at 15:22
  • added the result of 'dig @localhost sun'. I double-checked /etc/dnsmasq.conf and confirmed that no-hosts was commented out. Is there some other way that option could be getting set? – Zach Dwiel Apr 18 '11 at 17:18

6 Answers6

7

I know this is from 2011, but since it still has no accepted answer:

Today, I had a similar problem. Curl worked to get the expected response from a haproxy lxc with the respective header, but somehow my local dnsmasq did not provide resolution for container.test (confirmed with nslookup).

Google found me this post by Hugo Heden, who said that is might be an issue with /etc/hosts formatting.

What solved the problem for me was:

  1. Uncommenting no-hosts in /etc/dnsmasq.conf
  2. Putting 123.123.123.12 container.test into a new file, e.g. /etc/dnsmasq.hosts
  3. Pointed dnsmasq to the new file by adding addn-hosts=/etc/dnsmasq.hosts to /etc/dnsmasq.conf
Jan Alleman
  • 71
  • 1
  • 3
6

This snippet from the dnsmaq FAQ seems relevant:

Q: Names on the internet are working fine, but looking up local names from /etc/hosts or DHCP doesn't seem to work.

A: Resolver code sometime does strange things when given names without any dots in. Win2k and WinXP may not use the DNS at all and just try and look up the name using WINS. On unix look at "options ndots:" in "man resolv.conf" for details on this topic. Testing lookups using "nslookup" or "dig" will work, but then attempting to run "ping" will get a lookup failure, appending a dot to the end of the hostname will fix things. (ie "ping myhost" fails, but "ping myhost." works. The solution is to make sure that all your hosts have a domain set ("domain" in resolv.conf, or set a domain in your DHCP server, see below fr Windows XP and Mac OS X). Any domain will do, but "localnet" is traditional. Now when you resolve "myhost" the resolver will attempt to look up "myhost.localnet" so you need to have dnsmasq reply to that name. The way to do that is to include the domain in each name on /etc/hosts and/or to use the --expand-hosts and --domain options.

So I suggest you post your /etc/resolv.conf, as well as the arguments you are feeding to dnsmasq when you start it.

Phil Hollenback
  • 14,647
  • 4
  • 34
  • 51
  • here is my /etc/resolv.conf: – Zach Dwiel Apr 12 '11 at 14:50
  • I added /etc/resolv.conf to the original post so it would look nicer instead of here. I looked into what the arguments are that are getting fed to dnsmasq, but it is a bit convoluted by the surrounding /etc/init.d/dnsmasq script, or did you mean /etc/dnsmasq? – Zach Dwiel Apr 12 '11 at 14:58
2

Something I found: Everything appears to be configured ok, but dns name from /etc/hosts is not resolving. After adding/editing /etc/hosts (or any config file), don't forget to restart dnsmasq process to re-read the file. Dnsmasq imports these files on startup, it's not a live lookup.

Tom B
  • 21
  • 1
1

I've just found what happens behind the scenes: dnsmasq tries to expand sun to sun. when it reads /etc/hosts file. If you try to resolve sun. it returns the correct result, but if you query it for sun it forwards the request to upstream DNS servers.

To work around this behaviour:

  • add local to /etc/resolv.conf, e.g.:

search local ec2.internal

  • add sun.local to /etc/hosts or /etc/dnsmasq.hosts, e.g.:

10.79.114.99 sun sun.local

  • restart dnsmasq

When a client queries for sun the DNS resolver will autoexpand the query to sun.local first and return the result from hosts file.

1

What does your /etc/resolv.conf look like? Look for domain or search elements.

Setup a .local domain for dnsmasq and then add that to your resolv.conf and it should work.

Try dig sun.local @localhost.

dmourati
  • 24,720
  • 2
  • 40
  • 69
-1

dig, as well as host, and nslookup are specifically created to query dns servers. It will not look at /etc/hosts, and in fact will ignore /etc/nsswitch.conf

Anything using the gethostbyname call will however use /etc/nsswitch.conf

For example, ping should use /etc/hosts provided files is before dns in /etc/nsswitch.conf which it normally is.

rfelsburg
  • 767
  • 3
  • 7
  • I thought this too, but dnsmasq specifically serves dns names from /etc/hosts on the server. It appears that if you configure everything correctly then dig to the server will actually end up giving you answers from /etc/hosts, bypassing nsswitch, etc. – Phil Hollenback Apr 12 '11 at 06:48
  • Try running 'strace dig sun' and posting the results, that will let you know if dig is in fact using dnsmasq. Also, a cop of your /etc/resolve.conf file would be helpful, specifically looking to see if domain is set. – rfelsburg Apr 12 '11 at 13:16