[FS#847] resolv.conf no longer points at local dnsmasq instance

LEDE Bugs lede-bugs at lists.infradead.org
Wed Jun 14 11:22:52 PDT 2017


The following task has a new comment added:

FS#847 - resolv.conf no longer points at local dnsmasq instance
User who did this - Paul Oranje (por)

----------
Seems kind of nightmare is developing around 127.0.0.1#53.

The referred commit had been commented on earlier by @kdarbyshirebryant (KDB).
He questioned the wisdom/assumption that the resolver listening on 127.0.0.1#53 is to be regarded the main instance, being the instance that manages the resolver file (resolv.conf). KDB wrote that the local resolver not necessarily listens on #53 because requests to #53 (by the local C lib resolver routines) may be re-written by DNAT rules.
Not surprisingly this scenario had not been considered when writing the patch (resolv.conf does not offer a way to specify the port to query on the nameserver).

The patch was committed by @dedeckeh before I got to re-think the idea - happy me, but so it did create a problem for KDB, probably breaks existing set-ups, definitely not intended.

The change came forth from FS#785.
That issue had to do with the resolver file not being handled when noresolv was true (which happened when unbound is run as the (main) nameserver with dnsmasq to service dhcp and local dns requests).
Whether dnsmasq uses upstream nameservers listed in the resolver file (noresolv) is unrelated to dnsmasq being the nameserver to be named in the resolver file.

Since multiple instances of dnsmasq can be run, some criterium is needed to distinguish the instance of dnsmasq that should be listed as nameserver in the resolver file. The patch did so by designating as that nameserver the resolver that listens on 127.0.0.1#53, of which there can be only one.

When the issue here at hand is caused by that criterium not working because dnsmasq does not listen on 127.0.0.1#53, but is made accessible via some DNAT rule and if that must be supported, then some other criterium will be needed to figure out which instance is to listed in the resolver file (and to manage that file). A new dnsmasq UCI option that explicitly indicates that instance (if any) would than probable be needed.

Any suggestions ?

----------

More information can be found at the following URL:
https://bugs.lede-project.org/index.php?do=details&task_id=847#comment2797



More information about the lede-bugs mailing list