Re: fallback DNS server

Beniamino Galvani schreef op 21-07-2016 10:10:
On Thu, Jul 21, 2016 at 09:54:03AM +0200, Nicolas Bock wrote:
How do I check that dnsmasq is using the server? NetworkManager started
dnsmasq with

/usr/sbin/dnsmasq --no-resolv --keep-in-foreground --no-hosts
--bind-interfaces --pid-file=/run/NetworkManager/
--listen-address= --cache-size=400 --conf-file=/dev/null
--proxy-dnssec --enable-dbus=org.freedesktop.NetworkManager.dnsmasq

and in /etc/NetworkManager/dnsmasq.d is only the file I dropped in there
with the fallback DNS servers.

NetworkManager logs should contain messages from dnsmasq and there
should be lines as:

  dnsmasq[7295]: using nameserver
  dnsmasq[7295]: using nameserver

telling you which servers are in use.

If you want to be paranoid, you can temporarily add the "log-queries"
option in a configuration snippet in /etc/NetworkManager/dnsmasq.d and
restart NM. After that, NM logs will show all the queries sent by
dnsmasq to each server.


Is there a way to find out about the running configuration of DNSmasq?

The trouble I have is that with /etc/resolv.conf you can see clearly what the nameservers are but it is a mystery when it is getting used by NM. Apart from seeing some logs.

DNSmasq really doesn't have options for retrieving the current configuration. Stuff like the OpenVPN "learn" script uses an exernal file followed by -HUP to feed more stuff into DNSmasq. That in itself is more usable for a user not knowing what is going on than some DBus command. I really don't know how to use DBus, its syntax is too complex.

But DNSMasq was not designed around dbus in that sense, or being designed around giving state information on the command line. It puts leases in some file and updates that, it doesn't tell you when you ask for it.

I wish it could just read the stuff from a file instead of using DBus, but yeah.

(Actually, of course, it can, just fine).

This is the OpenVPN learn script, or part of it:

case "$1" in

     /usr/bin/awk '
# update/uncomment address|FQDN with new record, drop any duplicates:
         $1 == "'"$IP"'" || $1 == "#'"$IP"'" || $2 == "'"$FQDN"'" \
             { if (!m) print "'"$IP"'\t'"$FQDN"'"; m=1; next }
         { print }
END { if (!m) print "'"$IP"'\t'"$FQDN"'" } # add new address to end
     ' "$HOSTS" > "$t" && cat "$t" > "$HOSTS"

     /usr/bin/awk '
# no FQDN, comment out all matching addresses (should only be one)
         $1 == "'"$IP"'" { print "#" $0; next }
         { print }
     ' "$HOSTS" > "$t" && cat "$t" > "$HOSTS"


After which it just does:

# signal dnsmasq to reread hosts file
/bin/kill -HUP $(cat /var/run/

It's of course pleasant that you can use dnsmasq locally to have access to multiple sources (such as VPN and regular internet).

But I just don't know how to troubleshoot when something goes wrong because resolv.conf only shows and nothing else.

Is there a command to get the list of nameservers actually getting used by the current system?

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]