Re: ISIPP - Re: bb.barracudacentral.org

[Bill Cole]

On 19 Sep 2017, at 16:40, Chris wrote:

> Here's the output now of the dig +trace
> tcp        0      0
> 127.0.0.1:53            0.0.0.0:*               LISTEN      -          
>      
> tcp        0      0
> 127.0.1.1:53            0.0.0.0:*               LISTEN      -          
>      
> udp        0      0
> 127.0.0.1:53            0.0.0.0:*                           -          
>      
> udp        0      0
> 192.168.122.1:53        0.0.0.0:*                           -          
>      
> udp        0      0
> 127.0.1.1:53            0.0.0.0:*                           -          
>      
> udp        0      0
> 0.0.0.0:5353            0.0.0.0:*                           -          
>      
> udp        0      0
> 0.0.0.0:5353            0.0.0.0:*                           -          
>      
> udp6       0      0
> :::5353                 :::*                                -          
>      
> udp6       0      0
> :::5353                 :::*   

That's netstat output and without the 'p' option it's not very enlightening. 
Also, grepping for ":53 " instead of ":53" will avoid getting the mDNS (5353) 
listeners. Weird to see those on a non-Mac, but I guess avahi is harmless...

> I'm getting different outputs each time I run dig +trace

As you should, for any name in a zone with multiple authoritative nameservers.

[...]
> I've disable dnsmasq in my /etc/NetworkManager/NetworkManager.conf via
> #dns=dnsmasq
>
> However, when restarting the network I see:
> dnsmasq[2323]: reading /etc/resolv.conf
> dnsmasq[2323]: using nameserver 127.0.0.1#53
> dnsmasq[2323]: using nameserver 127.0.0.1#53 
>
> NetworkManager[24113]: <info>  [1505852393.3238]   nameserver
> '192.168.0.1'
> NetworkManager[24113]: <info>  [1505852393.3238]   nameserver
> '205.171.2.226'

If you insist on using NetworkMangler, "dns=none" is better.

Also, that's NOT how you disable dnsmasq. That just tells NetworkMangler how 
exactly to screw up resolv.conf. It is documented in the NetworkManager.conf 
man page...

Since this is a modern Ubuntu, dnsmasq is managed by systemd, so you need to do 
something like:

    systemctl stop dnsmasq
    systemctl disable dnsmasq

And probably:

    apt-get purge dnsmasq

> Unfortunately so far today since I've started trying to work this out
> there have been no queries to isipp by SA. I'll have to see what
> happens when there is one.
>
> I think David I may just be confusing myself more, at least the network
> is still up.

Then I guess a recommendation to also remove BIND and just install Unbound (a 
less complex recursive resolver daemon) instead would be unwelcome...

signature.asc
Description: OpenPGP digital signature