Enhancement #3054
Reverse dns fails if an internal DNS is configured
| Status: | CLOSED | Start date: | ||
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | - | % Done: | 100% | |
| Category: | nethserver-dnsmasq | |||
| Target version: | v6.6 | |||
| Resolution: | NEEDINFO: | No |
Description
Configuring NethServer with an internal DNS it doesn't resolve inversly internal IP
Step to reproduce:- configure an internal dns
# config show dns dns=configuration NameServers=10.0.0.10,10.0.0.11 - try to resolve an internal name, it works
# dig +short pc-smith.bc.local
10.0.0.121 - try to resolve inversly, it doesn't
This is due to this parameter into dnsmasq.conf
# Never forward addresses in the non-routed address spaces. bogus-priv
Without it works like a charm
Related issues
Associated revisions
dnsmasq.conf: disable bogus-priv if all DNS are in private nets. Refs #3054
dnsmasq.conf: fix bogus-priv template ouput. Refs #3054
History
#1
Updated by Alessio Fattorini over 6 years ago
We can't always disable it, because we can't permit that dnsmasq forwards requests to global dns (like google) but we can check if DNS server configured is into Local Network or not.
#2
Updated by Alessio Fattorini over 6 years ago
- Subject changed from Reverse dns fails if an internal DNS is configured to Reverse dns fails if a different internal DNS server is configured
- Description updated (diff)
#3
Updated by Filippo Carletti over 6 years ago
- Tracker changed from Bug to Enhancement
- Subject changed from Reverse dns fails if a different internal DNS server is configured to Reverse dns fails if an internal DNS is configured
- Description updated (diff)
If both configured dns are in the same network of nethserver we could assume they're internal and remove "bogus-priv" option from dnsmasq.
#4
Updated by Filippo Carletti over 6 years ago
Another option is to add a checkbox to "mark " a dns as private. If private add bogus-priv option.
#5
Updated by Filippo Carletti over 6 years ago
- Status changed from NEW to TRIAGED
- Target version set to v6.6
- % Done changed from 0 to 20
#6
Updated by Filippo Carletti over 6 years ago
- Related to Feature #2717: DNS forward added
#7
Updated by Giacomo Sanchietti over 6 years ago
- NEEDINFO changed from No to Yes
#8
Updated by Filippo Carletti about 6 years ago
- NEEDINFO changed from Yes to No
If both DNS are in one of the following networks, disable bogus-priv:
127.0.0.0/8
192.168.0.0/16
10.0.0.0/8
172.16.0.0/12
169.254.0.0/16
#9
Updated by Giacomo Sanchietti about 6 years ago
- Status changed from TRIAGED to ON_DEV
- Assignee set to Giacomo Sanchietti
- % Done changed from 20 to 30
#10
Updated by Giacomo Sanchietti about 6 years ago
- Status changed from ON_DEV to MODIFIED
- % Done changed from 30 to 60
#11
Updated by Giacomo Sanchietti about 6 years ago
- Status changed from MODIFIED to ON_QA
- Assignee deleted (
Giacomo Sanchietti) - % Done changed from 60 to 70
nethserver-dnsmasq-1.4.3-1.3.gbb5e6d0.ns6.noarch.rpm- nethserver-dnsmasq-1.4.3-1.4.g38e6e67.ns6.noarch.rpm
- Set both dns as private
config setprop dns NameServers 10.0.0.1,192.168.1.1 expand-template /etc/dnsmasq.conf
- Check bogus-priv option is not present
- Set both dns as public
config setprop dns NameServers 8.8.8.8,8.8.4.4 expand-template /etc/dnsmasq.conf
- Check bogus-priv option is present
- Set un dns as public and one as private
config setprop dns NameServers 8.8.8.8,192.168.1.1 expand-template /etc/dnsmasq.conf
- Check bogus-priv option is present
#12
Updated by Filippo Carletti about 6 years ago
- Status changed from ON_QA to VERIFIED
- % Done changed from 70 to 90
All 3 test case passed. I tested a 4th case with only one private dns:
[root@ns65 ~]# config show dns
dns=configuration
NameServers=192.168.5.253
[root@ns65 ~]# host 192.168.5.5
5.5.168.192.in-addr.arpa domain name pointer filippo-eth.nethesis.it.
#13
Updated by Giacomo Sanchietti about 6 years ago
- Status changed from VERIFIED to CLOSED
- % Done changed from 90 to 100
- nethserver-dnsmasq-1.4.4-1.ns6.noarch.rpm