It depends what interface you use for auth-server in second parameter.
You have not shared if you have internal and external interfaces, so I
would guess enp2s0f0 is internal interface. If you want authoritative
answers served to internal clients, use just
|auth-server=server.home.mydomain.com <http://server.home.mydomain.com>
|
||auth-server with interface specified is intended to be used on router
WAN interface facing to potentially hostile network. Therefore it does
not do recursive service, but just authoritative on it. That is by
design, but may not be what you wanted.
For trusted internal network, specify just allowed interface(s).
interface=lo
interface=enp20f0
|auth-server=server.home.mydomain.com
<http://server.home.mydomain.com>||auth-zone=home.mydomain.com
<http://home.mydomain.com>,192.168.1.0/24
||host-record=server.home.mydomain.com,192.168.1.50|
||
Cheers,
Petr|
|
On 06. 11. 23 14:22, John Klimek wrote:
Here is the dnsmasq.conf I'm using. It seems to return authoritative
responses for home.mydomain.com <http://home.mydomain.com> but if I
query anything else it returns REFUSED:
|log-queries no-resolv server=8.8.4.4 server=8.8.8.8
auth-server=server.home.mydomain.com
<http://server.home.mydomain.com>,enp2s0f0 auth-zone=home.mydomain.com
<http://home.mydomain.com>,192.168.1.0/24
host-record=server.home.mydomain.com,192.168.1.50
<http://192.168.1.0/24 host-record=server.home.mydomain.com,192.168.1.50>|
--
Petr Menšík
Software Engineer, RHEL
Red Hat,http://www.redhat.com/
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB
_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
