[Dnsmasq-discuss] [solved] Re: Finding actual DNS server used
On 01/16/2017 12:23 AM, Weedy wrote: > On 15 January 2017 at 17:15, Albert ARIBAUD > wrote: >> Hi Weedy, >> >> Le Sun, 15 Jan 2017 17:04:37 -0500 Weedy a >> écrit: > [snip] >>> >>> http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html#lbAG >>> >>> An API of sorts was added some time last year >> >> I've gone through the NOTES section you are referring to, but I >> don't see exactly which API you are referring to. Could you provide >> more precise indications? > > I was talking about "statistics are also available in the DNS as > answers to queries of class CHAOS and type TXT in domain bind". > Which is why I said API of sorts. [snip] Thanks. That's it. I somehow missed it there in the manual page: When it receives a SIGUSR1, dnsmasq writes statistics to the system log. … For each upstream server it gives the number of queries sent, and the number which resulted in an error. … That gives me the information I was looking for regarding verifying which server dnsmasq is using. Regards, Lars ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Finding actual DNS server used
Hi Weedy, Le Sun, 15 Jan 2017 17:23:18 -0500 Weedy a écrit: > >> http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html#lbAG > >> > >> An API of sorts was added some time last year > > > > I've gone through the NOTES section you are referring to, but I > > don't see exactly which API you are referring to. Could you provide > > more precise indications? > > I was talking about "statistics are also available in the DNS as > answers to queries of class CHAOS and type TXT in domain bind". Which > is why I said API of sorts. Hey, it does indeed work! $ dig +short chaos txt servers.bind "fe80:::::%enp4s0#53 144 0" "192.168.x.x#53 126 0" > You already went into detail on DBus control, that would be considered > a more legit API I would not say one is 'more legit' than the other, as both are legitimate uses of valid protocol features; and yours has the advantage that it's easier to parse. Thanks! Amicalement, -- Albert. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Finding actual DNS server used
On 15 January 2017 at 17:15, Albert ARIBAUD wrote: > Hi Weedy, > > Le Sun, 15 Jan 2017 17:04:37 -0500 > Weedy a écrit: > >> On 15 January 2017 at 03:21, Albert ARIBAUD >> wrote: >> > Hi Chris, >> > >> > Le Sat, 14 Jan 2017 19:27:28 + >> > Chris Green a écrit: >> > >> > (re getting dnsmasq to say which upstream servers it uses) >> > >> >> Why is is so difficult to provide this information? At the very >> >> least it would provide a confidence check that all is working as >> >> intended. It might very well help if something isn't working too. >> > >> > It is not difficult at all to get this information. It's just that >> > dnsmasq does not provide any "API" to get it, because it's easy to >> > get it otherwise for diagnosis purposes. >> >> http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html#lbAG >> >> An API of sorts was added some time last year > > I've gone through the NOTES section you are referring to, but I don't > see exactly which API you are referring to. Could you provide more > precise indications? I was talking about "statistics are also available in the DNS as answers to queries of class CHAOS and type TXT in domain bind". Which is why I said API of sorts. You already went into detail on DBus control, that would be considered a more legit API ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Duplicate IPs assigned to devices with similar MAC (same vendor)
How one find what identifier client sent? DNSMASQ logs show names that client provided: Jan 15 08:12:26 dnsmasq-dhcp[13128]: 2689251041 client provides name: nuc_labtest_1 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 client provides name: g5br2d2 On Sun, Jan 15, 2017 at 02:54:18PM +, Simon Kelley wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > The most likely explanation is that both devices are supplying the > same client-id, which trumps MAC address as the system indentifier. > Are they both running the same system image? > > Cheers, > > Simon. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Finding actual DNS server used
On 14 January 2017 at 07:40, Lars Noodén wrote: > How can I get an already running instance of Dnsmasq to tell which DNS > servers it is using to resolve new queries upstream? It's in the man page. Also I think we added special TXT or something queries last year. Sun Jan 15 15:01:00 2017 cron.info crond[976]: USER root pid 9833 cmd killall -USR1 dnsmasq Sun Jan 15 15:01:00 2017 daemon.info dnsmasq[2350]: time 1484510460 Sun Jan 15 15:01:00 2017 daemon.info dnsmasq[2350]: cache size 4096, 0/3244 cache insertions re-used unexpired cache entries. Sun Jan 15 15:01:00 2017 daemon.info dnsmasq[2350]: queries forwarded 1565, queries answered locally 16006 Sun Jan 15 15:01:00 2017 daemon.info dnsmasq[2350]: server 66.163.0.161#53: queries sent 882, retried or failed 9 Sun Jan 15 15:01:00 2017 daemon.info dnsmasq[2350]: server 208.72.120.204#53: queries sent 903, retried or failed 8 Sun Jan 15 15:01:00 2017 daemon.info dnsmasq[2350]: server 205.151.222.251#53: queries sent 316, retried or failed 0 Sun Jan 15 15:01:00 2017 daemon.info dnsmasq[2350]: server 216.254.141.2#53: queries sent 325, retried or failed 4 Sun Jan 15 15:01:00 2017 daemon.info dnsmasq[2350]: server 8.8.4.4#53: queries sent 328, retried or failed 2 Sun Jan 15 15:01:00 2017 daemon.info dnsmasq[2350]: server 206.248.154.170#53: queries sent 330, retried or failed 0 Sun Jan 15 15:01:00 2017 daemon.info dnsmasq[2350]: server 206.248.154.22#53: queries sent 365, retried or failed 6 Why is the thread 20 replies long without answering the original question ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Finding actual DNS server used
On 15 January 2017 at 03:21, Albert ARIBAUD wrote: > Hi Chris, > > Le Sat, 14 Jan 2017 19:27:28 + > Chris Green a écrit: > > (re getting dnsmasq to say which upstream servers it uses) > >> Why is is so difficult to provide this information? At the very least >> it would provide a confidence check that all is working as intended. >> It might very well help if something isn't working too. > > It is not difficult at all to get this information. It's just that > dnsmasq does not provide any "API" to get it, because it's easy to get > it otherwise for diagnosis purposes. http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html#lbAG An API of sorts was added some time last year ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Finding actual DNS server used
Hi Weedy, Le Sun, 15 Jan 2017 17:04:37 -0500 Weedy a écrit: > On 15 January 2017 at 03:21, Albert ARIBAUD > wrote: > > Hi Chris, > > > > Le Sat, 14 Jan 2017 19:27:28 + > > Chris Green a écrit: > > > > (re getting dnsmasq to say which upstream servers it uses) > > > >> Why is is so difficult to provide this information? At the very > >> least it would provide a confidence check that all is working as > >> intended. It might very well help if something isn't working too. > > > > It is not difficult at all to get this information. It's just that > > dnsmasq does not provide any "API" to get it, because it's easy to > > get it otherwise for diagnosis purposes. > > http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html#lbAG > > An API of sorts was added some time last year I've gone through the NOTES section you are referring to, but I don't see exactly which API you are referring to. Could you provide more precise indications? Amicalement, -- Albert. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Finding actual DNS server used
Hi Chris, Le Sun, 15 Jan 2017 20:31:28 + Chris Green a écrit: > On Sun, Jan 15, 2017 at 04:54:11PM +0100, Albert ARIBAUD wrote: > > Bonjour, > > > > Le Sun, 15 Jan 2017 12:36:47 + > > Chris Green a écrit: > > > > > On Sun, Jan 15, 2017 at 12:14:42PM +0100, Albert ARIBAUD wrote: > > > > > > - read the configuration file(s) dnsmasq uses and find > > > > > > "server=" lines in it, and read the /etc/resolv* tree, if > > > > > > dnsmasq uses them, and that will give the list of servers > > > > > > dnmasq uses at any point in time. > > > > > > > > > > > There aren't any! These are systems where dnsmasq is run by > > > > > Network Manager rather than directly, thus there is no spcific > > > > > dnsmasq configuration file. > > > > > > > > ... and then the configuration is known from the dnsmasq process > > > > command line. So let me amend my statement above: "... read the > > > > configuration options, from the dnsmasq process command line if > > > > it contains any, and from the configuration file or files if > > > > applicable". > > > chris@t430$ ps -ef | grep dnsmasq > > > nobody1579 1031 0 Jan14 ? > > > 00:00:01 /usr/sbin/dnsmasq --no-resolv --keep-in-foreground > > > --no-hosts --bind-interfaces > > > --pid-file=/var/run/NetworkManager/dnsmasq.pid > > > --listen-address=127.0.1.1 --cache-size=0 --conf-file=/dev/null > > > --proxy-dnssec > > > --enable-dbus=org.freedesktop.NetworkManager.dnsmasq > > > --conf-dir=/etc/NetworkManager/dnsmasq.d chris@t430$ > > > > > > > > > ... and there's nothing in /etc/NetworkManager/dnsmasq.d > > > > Then Network Manager sets the DNS via DBus, as the configuration > > (on command line) allows it. You can most probably find which DNS > > servers are set by spying on DBus, using dbus-monitor. You can even > > set up a bash script which shows a list of them in real time. > > > Is there any description anywhere of how to do this? A ready-made solution with zero effort? Non, there is none. A solution with some effort? In my case, 10 minutes of searching how to filter dbus-monitor by interface, starting with near-zero knowledge of DBus, and strictly zero knowledge of dbus-monitor, and ending up with the following proof-of-concept running on my machine: 1. Run this command in a shell: sudo dbus-monitor --system \ "interface=org.freedesktop.NetworkManager.dnsmasq" (your interface may not be the same. Run dbus-send --system --dest=org.freedesktop.DBus --type=method_call --print-reply /org/freedesktop/DBus org.freedesktop.DBus.ListNames | grep dnsmasq and you'll know the interface to use. 2. Force a connection renewal through Network Manager (or by unplugging and replugging the client's RJ45 if that's how it gets network access). 3. See the dbus-monitor running in the shell display dumps of the SetServersEx method calls, complete with server IPs as arguments. If you want to automate that, you'll need to do some parsing. Or maybe use Python, which provides a dbus module; this should make extracting the method arguments easier. Amicalement, -- Albert. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Finding actual DNS server used
On Sun, Jan 15, 2017 at 04:54:11PM +0100, Albert ARIBAUD wrote: > Bonjour, > > Le Sun, 15 Jan 2017 12:36:47 + > Chris Green a écrit: > > > On Sun, Jan 15, 2017 at 12:14:42PM +0100, Albert ARIBAUD wrote: > > > > > - read the configuration file(s) dnsmasq uses and find "server=" > > > > > lines in it, and read the /etc/resolv* tree, if dnsmasq uses > > > > > them, and that will give the list of servers dnmasq uses at any > > > > > point in time. > > > > > > > > > There aren't any! These are systems where dnsmasq is run by > > > > Network Manager rather than directly, thus there is no spcific > > > > dnsmasq configuration file. > > > > > > ... and then the configuration is known from the dnsmasq process > > > command line. So let me amend my statement above: "... read the > > > configuration options, from the dnsmasq process command line if it > > > contains any, and from the configuration file or files if > > > applicable". > > chris@t430$ ps -ef | grep dnsmasq > > nobody1579 1031 0 Jan14 ?00:00:01 /usr/sbin/dnsmasq > > --no-resolv --keep-in-foreground --no-hosts --bind-interfaces > > --pid-file=/var/run/NetworkManager/dnsmasq.pid > > --listen-address=127.0.1.1 --cache-size=0 --conf-file=/dev/null > > --proxy-dnssec > > --enable-dbus=org.freedesktop.NetworkManager.dnsmasq > > --conf-dir=/etc/NetworkManager/dnsmasq.d chris@t430$ > > > > > > ... and there's nothing in /etc/NetworkManager/dnsmasq.d > > Then Network Manager sets the DNS via DBus, as the configuration > (on command line) allows it. You can most probably find which DNS > servers are set by spying on DBus, using dbus-monitor. You can even set > up a bash script which shows a list of them in real time. > Is there any description anywhere of how to do this? -- Chris Green ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] Fwd: dhcpv6 and clients in Oracle VirtualBox
Hi, VirtualBox exchanges the source/destination mac of all client packets to the mac of the host and vice versa. If a config entry is searched by dnsmasq, first the duid will be compared. If no matching entry is found, the mac address is used instead. Since no duid is configured for my clients in VirtualBox, dnsmasq searches for a matching mac. The packet contains the host's mac, dnsmasq uses the config entry for the host. The client gets the name of the host. Dnsmasq can not use the source mac of a packet to configure something. Regards Hartmut Weitergeleitete Nachricht Betreff: dhcpv6 and clients in Oracle VirtualBox Datum: Thu, 12 Jan 2017 17:26:59 +0100 Von: e9hack An: dnsmasq-discuss@lists.thekelleys.org.uk Hi, I've some trouble with clients in VirtualBox (Linux and Windows 10). The host runs Windows 7. I create dhcp-host entries for all machines: dhcp-host=aa:aa:aa:aa:aa:aa,id:00:01:00:01:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa,192.168.255.100,[::0:0:1234:100],host-windows dhcp-host=bb:bb:bb:bb:bb:bb,192.168.255.110,[::0:0:1234:110],vbox-windows dhcp-host=cc:cc:cc:cc:cc:cc,192.168.255.120,vbox-linux If I start a client in VirtualBox, it does hi-jack the dhcp6 name of the host. Both windows machines are using the same iaid. With 'ipconfig /renew6', I can retrieve the name for ipv6. All machines provide a name by its own. It is the same name, which is configured for dnsmasq. If I add a duid and a ipv6 address, it doesn't occur. The ipv4 name isn't affected. The second dhcp-host entry maybe wrong, because it contains an ipv6 address but no duid. Regards, Hartmut ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Finding actual DNS server used
Bonjour, Le Sun, 15 Jan 2017 12:36:47 + Chris Green a écrit: > On Sun, Jan 15, 2017 at 12:14:42PM +0100, Albert ARIBAUD wrote: > > > > - read the configuration file(s) dnsmasq uses and find "server=" > > > > lines in it, and read the /etc/resolv* tree, if dnsmasq uses > > > > them, and that will give the list of servers dnmasq uses at any > > > > point in time. > > > > > > > There aren't any! These are systems where dnsmasq is run by > > > Network Manager rather than directly, thus there is no spcific > > > dnsmasq configuration file. > > > > ... and then the configuration is known from the dnsmasq process > > command line. So let me amend my statement above: "... read the > > configuration options, from the dnsmasq process command line if it > > contains any, and from the configuration file or files if > > applicable". > chris@t430$ ps -ef | grep dnsmasq > nobody1579 1031 0 Jan14 ?00:00:01 /usr/sbin/dnsmasq > --no-resolv --keep-in-foreground --no-hosts --bind-interfaces > --pid-file=/var/run/NetworkManager/dnsmasq.pid > --listen-address=127.0.1.1 --cache-size=0 --conf-file=/dev/null > --proxy-dnssec > --enable-dbus=org.freedesktop.NetworkManager.dnsmasq > --conf-dir=/etc/NetworkManager/dnsmasq.d chris@t430$ > > > ... and there's nothing in /etc/NetworkManager/dnsmasq.d Then Network Manager sets the DNS via DBus, as the configuration (on command line) allows it. You can most probably find which DNS servers are set by spying on DBus, using dbus-monitor. You can even set up a bash script which shows a list of them in real time. Amicalement, -- Albert. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Duplicate IPs assigned to devices with similar MAC (same vendor)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 The most likely explanation is that both devices are supplying the same client-id, which trumps MAC address as the system indentifier. Are they both running the same system image? Cheers, Simon. On 14/01/17 16:28, Oleg Brodkin wrote: > # dnsmasq --version Dnsmasq version 2.76 Copyright (c) 2000-2016 > Simon Kelley # Lease time 48 hours > > DNSMASQ server has been in our office for last 4-5 years, and > mostly no issues with assigning IPs. Except there are two recent > devices in our lab from the same vendor, and the server dishes them > out duplicate IPs. Any ideas on what is going on and how to fix it? > Thank you > > Oleg > > -- DEVICE 1 Jan 13 17:33:23 dnsmasq-dhcp[12864]: 328676717 sent > size: 4 option: 54 server-identifier 10.111.222.6 Jan 13 17:33:23 > dnsmasq-dhcp[12864]: 328676717 sent size: 4 option: 1 netmask > 255.255.248.0 Jan 13 17:33:23 dnsmasq-dhcp[12864]: 328676717 sent > size: 4 option: 28 broadcast 10.111.223.255 Jan 13 17:33:23 > dnsmasq-dhcp[12864]: 328676717 sent size: 16 option: 15 domain-name > xxx.com Jan 13 17:33:23 dnsmasq-dhcp[12864]: 328676717 sent size: > 4 option: 6 dns-server 10.111.222.6 Jan 13 17:33:23 > dnsmasq-dhcp[12864]: 328676717 sent size: 4 option: 3 router > 10.111.222.1 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 > available DHCP range: 10.111.216.10 -- 10.111.219.250 Jan 13 > 17:33:35 dnsmasq-dhcp[12864]: 792419227 client provides name: > g5br2d2 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 > DHCPDISCOVER(eth0) f4:4d:30:60:73:40 Jan 13 17:33:35 > dnsmasq-dhcp[12864]: 792419227 tags: eth0 Jan 13 17:33:35 > dnsmasq-dhcp[12864]: 792419227 DHCPOFFER(eth0) 10.111.218.130 > f4:4d:30:60:73:40 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 > requested options: 1:netmask, 3:router, 12:hostname, > 15:domain-name, Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 > requested options: 6:dns-server, 33:static-route, > 121:classless-static-route, Jan 13 17:33:35 dnsmasq-dhcp[12864]: > 792419227 requested options: 42:ntp-server, 101 Jan 13 17:33:35 > dnsmasq-dhcp[12864]: 792419227 next server: 10.111.222.6 Jan 13 > 17:33:35 dnsmasq-dhcp[12864]: 792419227 sent size: 1 option: 53 > message-type 2 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 sent > size: 4 option: 54 server-identifier 10.111.222.6 Jan 13 17:33:35 > dnsmasq-dhcp[12864]: 792419227 sent size: 4 option: 51 lease-time > 2d Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 sent size: 4 > option: 58 T1 1d -- Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 > sent size: 4 option: 1 netmask 255.255.248.0 Jan 13 17:33:35 > dnsmasq-dhcp[12864]: 792419227 sent size: 4 option: 28 broadcast > 10.111.223.255 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 sent > size: 16 option: 15 domain-name xxx.com Jan 13 17:33:35 > dnsmasq-dhcp[12864]: 792419227 sent size: 8 option: 42 ntp-server > 10.111.222.18, 10.111.222.22 Jan 13 17:33:35 dnsmasq-dhcp[12864]: > 792419227 sent size: 4 option: 6 dns-server 10.111.222.6 Jan 13 > 17:33:35 dnsmasq-dhcp[12864]: 792419227 sent size: 4 option: 3 > router 10.111.222.1 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 > available DHCP range: 10.111.216.10 -- 10.111.219.250 Jan 13 > 17:33:35 dnsmasq-dhcp[12864]: 792419227 client provides name: > g5br2d2 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 > DHCPREQUEST(eth0) 10.111.218.130 f4:4d:30:60:73:40 Jan 13 17:33:35 > dnsmasq-dhcp[12864]: 792419227 tags: eth0 Jan 13 17:33:35 > dnsmasq-dhcp[12864]: 792419227 DHCPACK(eth0) 10.111.218.130 > f4:4d:30:60:73:40 g5br2d2 Jan 13 17:33:35 dnsmasq-dhcp[12864]: > 792419227 requested options: 1:netmask, 3:router, 12:hostname, > 15:domain-name, Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 > requested options: 6:dns-server, 33:static-route, > 121:classless-static-route, Jan 13 17:33:35 dnsmasq-dhcp[12864]: > 792419227 requested options: 42:ntp-server, 101 Jan 13 17:33:35 > dnsmasq-dhcp[12864]: 792419227 next server: 10.111.222.6 Jan 13 > 17:33:35 dnsmasq-dhcp[12864]: 792419227 sent size: 1 option: 53 > message-type 5 Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 sent > size: 4 option: 54 server-identifier 10.111.222.6 Jan 13 17:33:35 > dnsmasq-dhcp[12864]: 792419227 sent size: 4 option: 51 lease-time > 2d Jan 13 17:33:35 dnsmasq-dhcp[12864]: 792419227 sent size: 4 > option: 58 T1 1d > > > -- DEVICE 2 Jan 13 14:12:23 dnsmasq-dhcp[12619]: 457454147 sent > size: 4 option: 54 server-identifier 10.111.222.6 Jan 13 14:12:23 > dnsmasq-dhcp[12619]: 457454147 sent size: 4 option: 1 netmask > 255.255.248.0 Jan 13 14:12:23 dnsmasq-dhcp[12619]: 457454147 sent > size: 4 option: 28 broadcast 10.111.223.255 Jan 13 14:12:23 > dnsmasq-dhcp[12619]: 457454147 sent size: 16 option: 15 domain-name > xxx.com Jan 13 14:12:23 dnsmasq-dhcp[12619]: 457454147 sent size: > 4 option: 6 dns-server 10.111.222.6 Jan 13 14:12:23 > dnsmasq-dhcp[12619]: 457454147 sent size: 4 option: 3 router > 10.111.222.1 Jan 13 14:12:31 dnsmasq-dhcp[12619]:
Re: [Dnsmasq-discuss] Finding actual DNS server used
On Sun, Jan 15, 2017 at 12:14:42PM +0100, Albert ARIBAUD wrote: > > > - read the configuration file(s) dnsmasq uses and find "server=" > > > lines in it, and read the /etc/resolv* tree, if dnsmasq uses them, > > > and that will give the list of servers dnmasq uses at any point in > > > time. > > > > > There aren't any! These are systems where dnsmasq is run by Network > > Manager rather than directly, thus there is no spcific dnsmasq > > configuration file. > > ... and then the configuration is known from the dnsmasq process command > line. So let me amend my statement above: "... read the configuration > options, from the dnsmasq process command line if it contains any, and > from the configuration file or files if applicable". > chris@t430$ ps -ef | grep dnsmasq nobody1579 1031 0 Jan14 ?00:00:01 /usr/sbin/dnsmasq --no-resolv --keep-in-foreground --no-hosts --bind-interfaces --pid-file=/var/run/NetworkManager/dnsmasq.pid --listen-address=127.0.1.1 --cache-size=0 --conf-file=/dev/null --proxy-dnssec --enable-dbus=org.freedesktop.NetworkManager.dnsmasq --conf-dir=/etc/NetworkManager/dnsmasq.d chris@t430$ ... and there's nothing in /etc/NetworkManager/dnsmasq.d -- Chris Green ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Finding actual DNS server used
Hi Chris, Le Sun, 15 Jan 2017 09:53:00 + Chris Green a écrit: > On Sun, Jan 15, 2017 at 09:21:25AM +0100, Albert ARIBAUD wrote: > > Hi Chris, > > > > Le Sat, 14 Jan 2017 19:27:28 + > > Chris Green a écrit: > > > > (re getting dnsmasq to say which upstream servers it uses) > > > > > Why is is so difficult to provide this information? At the very > > > least it would provide a confidence check that all is working as > > > intended. It might very well help if something isn't working > > > too. > > > > It is not difficult at all to get this information. It's just that > > dnsmasq does not provide any "API" to get it, because it's easy to > > get it otherwise for diagnosis purposes. > > > > For diagnosis, the operator can: > > > > - read the configuration file(s) dnsmasq uses and find "server=" > > lines in it, and read the /etc/resolv* tree, if dnsmasq uses them, > > and that will give the list of servers dnmasq uses at any point in > > time. > > > There aren't any! These are systems where dnsmasq is run by Network > Manager rather than directly, thus there is no spcific dnsmasq > configuration file. ... and then the configuration is known from the dnsmasq process command line. So let me amend my statement above: "... read the configuration options, from the dnsmasq process command line if it contains any, and from the configuration file or files if applicable". > > - log DNS queries, which will give the additional info about > > which client actually queried dnsmasq, which queries were cached > > vs sent upstream (to which server), and what the answer was. > > > > - run tcpdump or wireshark on the dnsmasq host or on the DNS client > > (or both for troubleshooting e.g. timing-related issues). This will > > give a full view of DNS exchanges on the considerd machine, to the > > last bit, litterally. > > > > So, from a diagnosis point of view, pulling the actual list of > > servers from a running dnsmasq is not that much of a need. > > > It would be a whole lot easier than the above though wouldn't it? It would be more straightforward, but not a whole lot easier: the tcpdump command is dead simple, as is reading the wireshark log. > To 'log DNS queries' one may have to actually stop and start the > system and that may well make the problem one is trying to look at > disappear. So would modifying the dnsmasq code to add diagnostics-related features, actually. :) Seriously, though: diagnostics always run the risk of affecting the issue anyway. Even doing a tcpdump could stop a time-sensitive bug fom appearing. So I don't personally consider the 'debugging risks affecting the issue' criterion much. Besides, in my empirical experience, the specific act of turning logging on for DNS or DHCP never affected any issue I ever came across, except in the sense that it helped pinpoint the root cause, but of course YMMV. Note: if stopping/starting the dnsmasq server [without any logging added or removed] makes Lars' client work again, then it is valuable input to diagnosing the issue. > Both tcpdump and wireshark are quite esoteric utilities, it would take > quite a bit of knowledge of using them to extract the required > information. I would disagree on the 'esoteric' point, or at least I would make a difference between becoming generally proficient with tcpdump/wireshark and using it for a given purpose. Indeed, if trying to master all of tcpdump/wireshark's features, these tool will look quite esoteric. But one does not need to /master/ tcpdump in order to get a capture of DNS traffic; one does just need to install the tools (which is *not* esoteric) and to know which commands to run (and finding thes commands it not an esoteric task either; it takes less than a minute's googling). Granted, that won't make this person a tcpdump guru, but it will get the DNS diagnostic job done. > Surely there's a case for something that simply lists the upstream DNS > servers that a dnsmasq instance is using. Which would it be? For DNS troubleshooting, equally simple tools can be used (and put to good profit later on for other network issues). Amicalement, -- Albert. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Finding actual DNS server used
On Sun, Jan 15, 2017 at 09:21:25AM +0100, Albert ARIBAUD wrote: > Hi Chris, > > Le Sat, 14 Jan 2017 19:27:28 + > Chris Green a écrit: > > (re getting dnsmasq to say which upstream servers it uses) > > > Why is is so difficult to provide this information? At the very least > > it would provide a confidence check that all is working as intended. > > It might very well help if something isn't working too. > > It is not difficult at all to get this information. It's just that > dnsmasq does not provide any "API" to get it, because it's easy to get > it otherwise for diagnosis purposes. > > For diagnosis, the operator can: > > - read the configuration file(s) dnsmasq uses and find "server=" > lines in it, and read the /etc/resolv* tree, if dnsmasq uses them, > and that will give the list of servers dnmasq uses at any point in > time. > There aren't any! These are systems where dnsmasq is run by Network Manager rather than directly, thus there is no spcific dnsmasq configuration file. > - log DNS queries, which will give the additional info about > which client actually queried dnsmasq, which queries were cached vs > sent upstream (to which server), and what the answer was. > > - run tcpdump or wireshark on the dnsmasq host or on the DNS client (or > both for troubleshooting e.g. timing-related issues). This will give > a full view of DNS exchanges on the considerd machine, to the last > bit, litterally. > > So, from a diagnosis point of view, pulling the actual list of servers > from a running dnsmasq is not that much of a need. > It would be a whole lot easier than the above though wouldn't it? To 'log DNS queries' one may have to actually stop and start the system and that may well make the problem one is trying to look at disappear. Both tcpdump and wireshark are quite esoteric utilities, it would take quite a bit of knowledge of using them to extract the required information. Surely there's a case for something that simply lists the upstream DNS servers that a dnsmasq instance is using. -- Chris Green ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Finding actual DNS server used
On Sat, Jan 14, 2017 at 05:43:38PM -0500, Jim Alles wrote: >As far as the desktop OS, a user can override the DNS entries that DHCP >provides. Not easily on most modern systems. This is really where we came in! All my xubuntu Linux boxes have the following in /etc/resolv.conf :- # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 127.0.1.1 search zbmc.eu I.e. the nameserver is 'me' and somewhere in the guts of the Network Manager and dnsmasq configuration is something that specifies the upstream server. It's definitely *not* trivial to change the DNS being used. -- Chris Green ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Finding actual DNS server used
Le Sun, 15 Jan 2017 09:58:38 +0100 Albert ARIBAUD a écrit: > Speaking of which, my first hunch re your problem is that it's not a > dnsmasq problem, but a problem with the client's networking > configuration. I suspect it connects through some VPN and gets an > additional (or replacement) DNS, and that at some point the VPN > connection goes bad and the client reverts (in part or in full) to its > original DNS. ... or it could be that the VPN connection still runs OK but your client screwed up its DNS setup upon renewal of its local DHCP lease. Amicalement, -- Albert. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Finding actual DNS server used
Hi Lars, Le Sun, 15 Jan 2017 10:21:01 +0200 Lars Noodén a écrit: > On 01/15/2017 09:55 AM, Albert ARIBAUD wrote: > > Hi Lars, > > > > Le Sat, 14 Jan 2017 20:18:13 +0200 > > Lars Noodén a écrit: > >... > >> Because it's not my system and it is remote, I > >> have to go step by step, slowly. > > > > ... Do you mean that you have good control of the remote system but > > have to go there physically to run tests, or that you do not have > > control of the system and must ask someone else to perform tests > > there? This makes a difference in the way you can run your tests > > I have to describe the steps in e-mail and they are then carried out > on site by a non-technical person. Argh. > >> Since everything on that system, in > >> regards to DNS, is going via Dnsmasq, I'd like to see what it has > >> loaded and is using. > > > > This bring me back to your description of the bug above: "somewhere > > early on the DNS fails". What do you mean with that? Did you check > > that the client keeps sinding DNS requests to your dnsmasq? > > The client application (Blink) will apparently default to Google's DNS > if it cannot connect to the server right away. What's happening is > that half the time DNS replies, half the time it times out. Thus the > client can start to register with the SIP server, but then fails to > publish its presence or be able to initiate a call. > > > ... Or is > > it that they come back from your dnsmasq with an error code for > > domains which you know your dns should resolve properly? > > It seems to be this -- sometimes. > > So is the short answer that there's no direct or easy way to poll a > running Dnsmasq instance and see what it's pointing to? If so, then > I'll not bother the list more with this issue. However, may I put in > a feature request if there is a wish list? See my other replies, but I'll make the main suggestion: the way to get the info you want (and more, which might be useful for your diagnostics) is to run tcpdump on the dnsmasq host on the "any' interface (or run two tcpdumps, one on the interface used to talk to the client, one on the interface used to talk to the Internet) with a capture filter set for DHCP and DNS protocols, and write the capture into a file (or two, if running two tcpdump instances). Then if you have two captures you can use Wireshark's mergecap tool to merge them into a single one. Last, you open the single capture file in Wireshark and see: - whether your client was sent out a DHCP reply configuring DNS servers - which DNS requests your client sent to dnsmasq - which DNS requests your dnsmasq sent to which upstream server - which DNS replies your dnsmasq received from which upstream server - which DNS replies your client received from dnsmasq That's the info you're asking for (of course, I assume you have control of the host running dnsmasq) and much more. The method can be useful for diagnosing other network or protocol issues as well. Speaking of which, my first hunch re your problem is that it's not a dnsmasq problem, but a problem with the client's networking configuration. I suspect it connects through some VPN and gets an additional (or replacement) DNS, and that at some point the VPN connection goes bad and the client reverts (in part or in full) to its original DNS. In any case, the test above will give you a hint about that too: if you see that the client stops sending requests at some point, you can pretty much conclude it stopped using your dnsmasq as its DNS (you can even know when it last did, and compare that with logs from the client if you can get the non-tech person to do it. BTW: I suspect there is no way to get the non-tech person to install a remote access client (even ssh would be enough) and also no way for you to get root privileges on it? > Regards, > /Lars Amicalement, -- Albert. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Finding actual DNS server used
On 01/15/2017 09:55 AM, Albert ARIBAUD wrote: > Hi Lars, > > Le Sat, 14 Jan 2017 20:18:13 +0200 > Lars Noodén a écrit: >... >> Because it's not my system and it is remote, I >> have to go step by step, slowly. > > ... Do you mean that you have good control of the remote system but > have to go there physically to run tests, or that you do not have > control of the system and must ask someone else to perform tests there? > This makes a difference in the way you can run your tests I have to describe the steps in e-mail and they are then carried out on site by a non-technical person. >> Since everything on that system, in >> regards to DNS, is going via Dnsmasq, I'd like to see what it has >> loaded and is using. > > This bring me back to your description of the bug above: "somewhere > early on the DNS fails". What do you mean with that? Did you check > that the client keeps sinding DNS requests to your dnsmasq? The client application (Blink) will apparently default to Google's DNS if it cannot connect to the server right away. What's happening is that half the time DNS replies, half the time it times out. Thus the client can start to register with the SIP server, but then fails to publish its presence or be able to initiate a call. > ... Or is > it that they come back from your dnsmasq with an error code for domains > which you know your dns should resolve properly? It seems to be this -- sometimes. So is the short answer that there's no direct or easy way to poll a running Dnsmasq instance and see what it's pointing to? If so, then I'll not bother the list more with this issue. However, may I put in a feature request if there is a wish list? Regards, /Lars ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Finding actual DNS server used
On 01/15/2017 10:21 AM, Albert ARIBAUD wrote: > I feel that Lars' question was more "How can I troubleshoot my possibly > dnsmasq-related issue?" rather than "How can I find which servers my > dnsmasq uses?", I am interested in the latter. This is the first time I have asked on the list but it is not the first time I have tried to find an answer to this question over the years. I'm quite pleased with dnsmasq, just not well-versed in all its capabilities and so finally ask on the list if it is possible to show which DNS servers are being used. As mentioned in the first message, /etc/resolv.conf is not of use here. Regards, Lars ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Finding actual DNS server used
Hi Lars, Le Sat, 14 Jan 2017 20:18:13 +0200 Lars Noodén a écrit: > On 01/14/2017 06:06 PM, Chris Green wrote: > > On Sat, Jan 14, 2017 at 03:40:52PM +0100, Albert ARIBAUD wrote: > [snip] > >> Or maybe I am missing something. What is your use case? > >> > > Well for one it's useful to be able to check whether dnsmasq is > > using a sensible DNS server. > [snip] > > That's what I'm aiming for. There is an application on a remote > computer that is failing because it appears to initially get a working > nameserver but then somewhere early on the DNS fails. Since the DNS symptom is on the client, I would investigate the client, not the server, in the first place, because maybe you're chasing the issue in the wrong place. However... > I think it > would help the diagnosis to see which nameservers dnsmasq is actually > calling or caching. > > Because it's not my system and it is remote, I > have to go step by step, slowly. ... Do you mean that you have good control of the remote system but have to go there physically to run tests, or that you do not have control of the system and must ask someone else to perform tests there? This makes a difference in the way you can run your tests > Since everything on that system, in > regards to DNS, is going via Dnsmasq, I'd like to see what it has > loaded and is using. This bring me back to your description of the bug above: "somewhere early on the DNS fails". What do you mean with that? Did you check that the client keeps sinding DNS requests to your dnsmasq? (Sorry for asking questions which might seem to have an obvious answer to you, but nowhere in the discussion can I find a definitive indication, and the devil is in the details) Or is it that answers stop coming back? Or is it that they come back from your dnsmasq with an error code for domains which you know your dns should resolve properly? Or something else? If you don't have full control of the remote client, I suggest you check the logs of your dnsmasq (assuming you have set the log-queries option in its configuration). The log will tell you which domains are queried, which replies are from cache and which are forwarded to which upstream server. IOW, it will give you what you want (which are the upstream servers your dnsmasq uses) and more (which one it actually used for resolving request from your remote client, and what the answer was). But if you have control over the remote machine, I would rather run wireshirk (or tcpdump into a file, then copy the file over, then open it in wireshark for ease of analysis) to catch all DHCP- and DNS-related traffic there. This way, you'll miss the internal dnsmasq info (of couse) but you'll get more info like which DHCP server this client relies on (is it only your dnsmasq?) and which DNS it consults (again, it might stop being dnsmasq for all one knows so far). HTH, > Regards, > Lars > > > ___ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss Amicalement, -- Albert. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Finding actual DNS server used
Hi Chris, Le Sat, 14 Jan 2017 19:27:28 + Chris Green a écrit: (re getting dnsmasq to say which upstream servers it uses) > Why is is so difficult to provide this information? At the very least > it would provide a confidence check that all is working as intended. > It might very well help if something isn't working too. It is not difficult at all to get this information. It's just that dnsmasq does not provide any "API" to get it, because it's easy to get it otherwise for diagnosis purposes. For diagnosis, the operator can: - read the configuration file(s) dnsmasq uses and find "server=" lines in it, and read the /etc/resolv* tree, if dnsmasq uses them, and that will give the list of servers dnmasq uses at any point in time. - log DNS queries, which will give the additional info about which client actually queried dnsmasq, which queries were cached vs sent upstream (to which server), and what the answer was. - run tcpdump or wireshark on the dnsmasq host or on the DNS client (or both for troubleshooting e.g. timing-related issues). This will give a full view of DNS exchanges on the considerd machine, to the last bit, litterally. So, from a diagnosis point of view, pulling the actual list of servers from a running dnsmasq is not that much of a need. I don't mean to say that such an "API" would be unneeded for other requirements than network troubleshooting, and if it existed, I would use and suggest it for troubleshooting too; but here, I mean to say that helping solving Lars' problem does not require such an "API". I feel that Lars' question was more "How can I troubleshoot my possibly dnsmasq-related issue?" rather than "How can I find which servers my dnsmasq uses?", and for this, we have the means above, which emcompass the one Lars asks for and go well beyond -- plus, the first step to troubleshooting an issue is to get the situation as precise as possible, possibly ignoring the initially assumed cause (here the list of upstream servers may be actually correct and the issue may be on the client side, so the "API" question should be set aside, and getting a more precise view of the issue should come first). > For example if my machine can't connect to another machine on the LAN > but can see the outside world it suggests it's getting DNS from > something other than my Pi DNS server. If I could check what DNS it > is using then it would confirm that either it has got it's DNS set up > from somewhere else or that it has got the right DNS (the Pi) but that > the Pi is set up wrong somehow. This case can be tested (and boy do I know it) with the host command on the client as Jim suggested (although I personally use dig). Amicalement, -- Albert. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
