0

I noticed some 'weird' DNSMasq behavior when I set up my LAN for dual stack IPv4 & IPv6 networking. It seems that my DNS server (DNSMasq) which acts as a forwarder and also has all the host names for the static leases for the local network, replies with it's own interface address when it cannot resolve a specific record.

Let me explain: When I do a look-up for an 'A' record for my host called 'router.home.example.com', it replies with the correct local IP address (10.0.1.2). When I query for the 'AAAA' address (which my router does not have yet, and as such is not registered as a static lease) it replies with it's own IPv6 address (and host name). Obviously I expected it to return a 'host/record not found' message.

The problem is that when I try to reach said router (OpenWRT) via the web interface, it complains about a DNS rebinding attempt and refuses to let me log in, probably because it sees 2 different addresses and host names.

Before posting this question here I've spent hours trying to figure this out - I really hope it's not something obvious I'm missing because I've been staring at this problem for too long.

For what it's worth, I'm using pfSense 2.1 BETA with DNSMasq. I've successfully configured IPv6 using Hurricane Electric as a tunnel broker.

Thanks in advance for any help!

QNimbus
  • 101
  • 3
  • It seems that the reply for the non-existing records or host names are returning the internet facing IPv4/IPv6 addresses and hostnames. As if they are forwarded to my ISP's DNS servers... If this is the problem, I still need to find out how to prevent DNSMasq from forwarding these queries... – QNimbus Apr 12 '13 at 08:16

1 Answers1

0

Apparently trying to explain my own problem helped me answer my own question :)

It seems that I needed to explicitly prevent 'local' DNS queries from being forwarded. I accomplished this by adding the following to dnsmasq.conf (or via the PFSense admin interface in the 'advanced' field)

bogus-priv
local=/home.example.com/
QNimbus
  • 101
  • 3