dnsmasq not working after reboot

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
0
down vote

favorite












After rebooting, dnsmasq service is running, but does not respond to remote requests (trying using "dig @10.0.0.1 stackexchange.com" from another machine). The log looks good in my opinion:



Aug 11 17:41:04 srvname systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server...
Aug 11 17:41:04 srvname dnsmasq[488]: dnsmasq: syntax check OK.
Aug 11 17:41:04 srvname dnsmasq[530]: started, version 2.76 cachesize 150
Aug 11 17:41:04 srvname dnsmasq[530]: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ips
Aug 11 17:41:04 srvname dnsmasq[530]: DNS service limited to local subnets
Aug 11 17:41:04 srvname dnsmasq[530]: using nameserver 208.67.222.222#53
Aug 11 17:41:04 srvname dnsmasq[530]: using nameserver 208.67.220.220#53
Aug 11 17:41:04 srvname dnsmasq[530]: read /etc/hosts - 5 addresses
Aug 11 17:41:04 srvname systemd[1]: Started dnsmasq - A lightweight DHCP and caching DNS server.
Aug 11 17:41:21 srvname dnsmasq[530]: Ignoring query from non-local network


I have no idea where the last line comes from but it is there immediately after reboot before I do anything.



If I restart the dnsmasq service, I get the same log entries except for the last line and then it is reachable for all machines on the network - all is fine.



dnsmasq config:



domain-needed
bogus-priv
no-resolv
server=208.67.220.220
server=208.67.222.222
address=/homeserver.mydomain.com/10.0.0.99


The last line is so that machines on my local network will be able to find the server itself using its domain name. My internet router won't forward requests for homeserver.mydomain.com from the local network to 10.0.0.99 on its own (this is a feature some routers have and some (like mine) do not).



In addition to this config I filter out malware servers from a list.



relevant iptables config (iptables-persistent file):



-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -p udp -m udp --sport 53 -j ACCEPT


I have found two possible solutions so far, however I don't know how to implement them:




  • in an earlier question someone mentions that disabling IPv6 helped them with a similar issue. However, I am not sure how to do that.

  • A friend suggested that the order in which the services are started might be the issue and to move dnsmasq to the end so it starts last. However, I am also not sure how to modify this. What I tried already was to put into /etc/network/interfaces the following line: "post-up /usr/sbin/service dnsmasq restart" (attempting to force the reboot after the network comes up). However, that did not help either.

OS: Debian GNU/Linux 9 (stretch)

Kernel: Linux 4.9.0-8-amd64 #1 SMP Debian 4.9.110-3+deb9u4 (2018-08-21) x86_64 GNU/Linux

Hardware: Asus VivoMini Intel N3000










share|improve this question



















  • 1




    Please add info about your config to your question -- you can get it egrep -hrv '^#|^$' /etc/dnsmasq.* (of course, edit out any sensitive stuff). Try adding except-interface=ethX to the config (where ethX is an interface you don't need dnsmasq to listen on) -- the errors suggest that local-service is in effect and the machine you're querying from is not on the same subnet.
    – mosvy
    Sep 22 at 21:51










  • @mosvy: I added details. I only have one eth-interface and all machines are on the same subnet, so I don't think this is the issue.
    – RolandU
    Sep 26 at 4:56










  • For one reason or another, dnsmasq seems to believe that they're not on the same subnet -- that's what should be investigated. In the meanwhile, you could try adding interface=you_ethX to the config. Read about --local-service in the manpage for how it interacts with except-interface and interface ( the --local-service option is given directly on the command line of dnsmasq in debian, have a look at /etc/init.d/dnsmasq).
    – mosvy
    Sep 26 at 9:10











  • Please notice that you can use except-interface with an interface that doesn't exist, eg. except-interface=no_such_if will also turn off the local-service option.
    – mosvy
    Sep 26 at 11:03















up vote
0
down vote

favorite












After rebooting, dnsmasq service is running, but does not respond to remote requests (trying using "dig @10.0.0.1 stackexchange.com" from another machine). The log looks good in my opinion:



Aug 11 17:41:04 srvname systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server...
Aug 11 17:41:04 srvname dnsmasq[488]: dnsmasq: syntax check OK.
Aug 11 17:41:04 srvname dnsmasq[530]: started, version 2.76 cachesize 150
Aug 11 17:41:04 srvname dnsmasq[530]: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ips
Aug 11 17:41:04 srvname dnsmasq[530]: DNS service limited to local subnets
Aug 11 17:41:04 srvname dnsmasq[530]: using nameserver 208.67.222.222#53
Aug 11 17:41:04 srvname dnsmasq[530]: using nameserver 208.67.220.220#53
Aug 11 17:41:04 srvname dnsmasq[530]: read /etc/hosts - 5 addresses
Aug 11 17:41:04 srvname systemd[1]: Started dnsmasq - A lightweight DHCP and caching DNS server.
Aug 11 17:41:21 srvname dnsmasq[530]: Ignoring query from non-local network


I have no idea where the last line comes from but it is there immediately after reboot before I do anything.



If I restart the dnsmasq service, I get the same log entries except for the last line and then it is reachable for all machines on the network - all is fine.



dnsmasq config:



domain-needed
bogus-priv
no-resolv
server=208.67.220.220
server=208.67.222.222
address=/homeserver.mydomain.com/10.0.0.99


The last line is so that machines on my local network will be able to find the server itself using its domain name. My internet router won't forward requests for homeserver.mydomain.com from the local network to 10.0.0.99 on its own (this is a feature some routers have and some (like mine) do not).



In addition to this config I filter out malware servers from a list.



relevant iptables config (iptables-persistent file):



-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -p udp -m udp --sport 53 -j ACCEPT


I have found two possible solutions so far, however I don't know how to implement them:




  • in an earlier question someone mentions that disabling IPv6 helped them with a similar issue. However, I am not sure how to do that.

  • A friend suggested that the order in which the services are started might be the issue and to move dnsmasq to the end so it starts last. However, I am also not sure how to modify this. What I tried already was to put into /etc/network/interfaces the following line: "post-up /usr/sbin/service dnsmasq restart" (attempting to force the reboot after the network comes up). However, that did not help either.

OS: Debian GNU/Linux 9 (stretch)

Kernel: Linux 4.9.0-8-amd64 #1 SMP Debian 4.9.110-3+deb9u4 (2018-08-21) x86_64 GNU/Linux

Hardware: Asus VivoMini Intel N3000










share|improve this question



















  • 1




    Please add info about your config to your question -- you can get it egrep -hrv '^#|^$' /etc/dnsmasq.* (of course, edit out any sensitive stuff). Try adding except-interface=ethX to the config (where ethX is an interface you don't need dnsmasq to listen on) -- the errors suggest that local-service is in effect and the machine you're querying from is not on the same subnet.
    – mosvy
    Sep 22 at 21:51










  • @mosvy: I added details. I only have one eth-interface and all machines are on the same subnet, so I don't think this is the issue.
    – RolandU
    Sep 26 at 4:56










  • For one reason or another, dnsmasq seems to believe that they're not on the same subnet -- that's what should be investigated. In the meanwhile, you could try adding interface=you_ethX to the config. Read about --local-service in the manpage for how it interacts with except-interface and interface ( the --local-service option is given directly on the command line of dnsmasq in debian, have a look at /etc/init.d/dnsmasq).
    – mosvy
    Sep 26 at 9:10











  • Please notice that you can use except-interface with an interface that doesn't exist, eg. except-interface=no_such_if will also turn off the local-service option.
    – mosvy
    Sep 26 at 11:03













up vote
0
down vote

favorite









up vote
0
down vote

favorite











After rebooting, dnsmasq service is running, but does not respond to remote requests (trying using "dig @10.0.0.1 stackexchange.com" from another machine). The log looks good in my opinion:



Aug 11 17:41:04 srvname systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server...
Aug 11 17:41:04 srvname dnsmasq[488]: dnsmasq: syntax check OK.
Aug 11 17:41:04 srvname dnsmasq[530]: started, version 2.76 cachesize 150
Aug 11 17:41:04 srvname dnsmasq[530]: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ips
Aug 11 17:41:04 srvname dnsmasq[530]: DNS service limited to local subnets
Aug 11 17:41:04 srvname dnsmasq[530]: using nameserver 208.67.222.222#53
Aug 11 17:41:04 srvname dnsmasq[530]: using nameserver 208.67.220.220#53
Aug 11 17:41:04 srvname dnsmasq[530]: read /etc/hosts - 5 addresses
Aug 11 17:41:04 srvname systemd[1]: Started dnsmasq - A lightweight DHCP and caching DNS server.
Aug 11 17:41:21 srvname dnsmasq[530]: Ignoring query from non-local network


I have no idea where the last line comes from but it is there immediately after reboot before I do anything.



If I restart the dnsmasq service, I get the same log entries except for the last line and then it is reachable for all machines on the network - all is fine.



dnsmasq config:



domain-needed
bogus-priv
no-resolv
server=208.67.220.220
server=208.67.222.222
address=/homeserver.mydomain.com/10.0.0.99


The last line is so that machines on my local network will be able to find the server itself using its domain name. My internet router won't forward requests for homeserver.mydomain.com from the local network to 10.0.0.99 on its own (this is a feature some routers have and some (like mine) do not).



In addition to this config I filter out malware servers from a list.



relevant iptables config (iptables-persistent file):



-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -p udp -m udp --sport 53 -j ACCEPT


I have found two possible solutions so far, however I don't know how to implement them:




  • in an earlier question someone mentions that disabling IPv6 helped them with a similar issue. However, I am not sure how to do that.

  • A friend suggested that the order in which the services are started might be the issue and to move dnsmasq to the end so it starts last. However, I am also not sure how to modify this. What I tried already was to put into /etc/network/interfaces the following line: "post-up /usr/sbin/service dnsmasq restart" (attempting to force the reboot after the network comes up). However, that did not help either.

OS: Debian GNU/Linux 9 (stretch)

Kernel: Linux 4.9.0-8-amd64 #1 SMP Debian 4.9.110-3+deb9u4 (2018-08-21) x86_64 GNU/Linux

Hardware: Asus VivoMini Intel N3000










share|improve this question















After rebooting, dnsmasq service is running, but does not respond to remote requests (trying using "dig @10.0.0.1 stackexchange.com" from another machine). The log looks good in my opinion:



Aug 11 17:41:04 srvname systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server...
Aug 11 17:41:04 srvname dnsmasq[488]: dnsmasq: syntax check OK.
Aug 11 17:41:04 srvname dnsmasq[530]: started, version 2.76 cachesize 150
Aug 11 17:41:04 srvname dnsmasq[530]: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ips
Aug 11 17:41:04 srvname dnsmasq[530]: DNS service limited to local subnets
Aug 11 17:41:04 srvname dnsmasq[530]: using nameserver 208.67.222.222#53
Aug 11 17:41:04 srvname dnsmasq[530]: using nameserver 208.67.220.220#53
Aug 11 17:41:04 srvname dnsmasq[530]: read /etc/hosts - 5 addresses
Aug 11 17:41:04 srvname systemd[1]: Started dnsmasq - A lightweight DHCP and caching DNS server.
Aug 11 17:41:21 srvname dnsmasq[530]: Ignoring query from non-local network


I have no idea where the last line comes from but it is there immediately after reboot before I do anything.



If I restart the dnsmasq service, I get the same log entries except for the last line and then it is reachable for all machines on the network - all is fine.



dnsmasq config:



domain-needed
bogus-priv
no-resolv
server=208.67.220.220
server=208.67.222.222
address=/homeserver.mydomain.com/10.0.0.99


The last line is so that machines on my local network will be able to find the server itself using its domain name. My internet router won't forward requests for homeserver.mydomain.com from the local network to 10.0.0.99 on its own (this is a feature some routers have and some (like mine) do not).



In addition to this config I filter out malware servers from a list.



relevant iptables config (iptables-persistent file):



-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -p udp -m udp --sport 53 -j ACCEPT


I have found two possible solutions so far, however I don't know how to implement them:




  • in an earlier question someone mentions that disabling IPv6 helped them with a similar issue. However, I am not sure how to do that.

  • A friend suggested that the order in which the services are started might be the issue and to move dnsmasq to the end so it starts last. However, I am also not sure how to modify this. What I tried already was to put into /etc/network/interfaces the following line: "post-up /usr/sbin/service dnsmasq restart" (attempting to force the reboot after the network comes up). However, that did not help either.

OS: Debian GNU/Linux 9 (stretch)

Kernel: Linux 4.9.0-8-amd64 #1 SMP Debian 4.9.110-3+deb9u4 (2018-08-21) x86_64 GNU/Linux

Hardware: Asus VivoMini Intel N3000







dns services reboot dnsmasq






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Sep 23 at 7:41

























asked Sep 22 at 19:06









RolandU

165




165







  • 1




    Please add info about your config to your question -- you can get it egrep -hrv '^#|^$' /etc/dnsmasq.* (of course, edit out any sensitive stuff). Try adding except-interface=ethX to the config (where ethX is an interface you don't need dnsmasq to listen on) -- the errors suggest that local-service is in effect and the machine you're querying from is not on the same subnet.
    – mosvy
    Sep 22 at 21:51










  • @mosvy: I added details. I only have one eth-interface and all machines are on the same subnet, so I don't think this is the issue.
    – RolandU
    Sep 26 at 4:56










  • For one reason or another, dnsmasq seems to believe that they're not on the same subnet -- that's what should be investigated. In the meanwhile, you could try adding interface=you_ethX to the config. Read about --local-service in the manpage for how it interacts with except-interface and interface ( the --local-service option is given directly on the command line of dnsmasq in debian, have a look at /etc/init.d/dnsmasq).
    – mosvy
    Sep 26 at 9:10











  • Please notice that you can use except-interface with an interface that doesn't exist, eg. except-interface=no_such_if will also turn off the local-service option.
    – mosvy
    Sep 26 at 11:03













  • 1




    Please add info about your config to your question -- you can get it egrep -hrv '^#|^$' /etc/dnsmasq.* (of course, edit out any sensitive stuff). Try adding except-interface=ethX to the config (where ethX is an interface you don't need dnsmasq to listen on) -- the errors suggest that local-service is in effect and the machine you're querying from is not on the same subnet.
    – mosvy
    Sep 22 at 21:51










  • @mosvy: I added details. I only have one eth-interface and all machines are on the same subnet, so I don't think this is the issue.
    – RolandU
    Sep 26 at 4:56










  • For one reason or another, dnsmasq seems to believe that they're not on the same subnet -- that's what should be investigated. In the meanwhile, you could try adding interface=you_ethX to the config. Read about --local-service in the manpage for how it interacts with except-interface and interface ( the --local-service option is given directly on the command line of dnsmasq in debian, have a look at /etc/init.d/dnsmasq).
    – mosvy
    Sep 26 at 9:10











  • Please notice that you can use except-interface with an interface that doesn't exist, eg. except-interface=no_such_if will also turn off the local-service option.
    – mosvy
    Sep 26 at 11:03








1




1




Please add info about your config to your question -- you can get it egrep -hrv '^#|^$' /etc/dnsmasq.* (of course, edit out any sensitive stuff). Try adding except-interface=ethX to the config (where ethX is an interface you don't need dnsmasq to listen on) -- the errors suggest that local-service is in effect and the machine you're querying from is not on the same subnet.
– mosvy
Sep 22 at 21:51




Please add info about your config to your question -- you can get it egrep -hrv '^#|^$' /etc/dnsmasq.* (of course, edit out any sensitive stuff). Try adding except-interface=ethX to the config (where ethX is an interface you don't need dnsmasq to listen on) -- the errors suggest that local-service is in effect and the machine you're querying from is not on the same subnet.
– mosvy
Sep 22 at 21:51












@mosvy: I added details. I only have one eth-interface and all machines are on the same subnet, so I don't think this is the issue.
– RolandU
Sep 26 at 4:56




@mosvy: I added details. I only have one eth-interface and all machines are on the same subnet, so I don't think this is the issue.
– RolandU
Sep 26 at 4:56












For one reason or another, dnsmasq seems to believe that they're not on the same subnet -- that's what should be investigated. In the meanwhile, you could try adding interface=you_ethX to the config. Read about --local-service in the manpage for how it interacts with except-interface and interface ( the --local-service option is given directly on the command line of dnsmasq in debian, have a look at /etc/init.d/dnsmasq).
– mosvy
Sep 26 at 9:10





For one reason or another, dnsmasq seems to believe that they're not on the same subnet -- that's what should be investigated. In the meanwhile, you could try adding interface=you_ethX to the config. Read about --local-service in the manpage for how it interacts with except-interface and interface ( the --local-service option is given directly on the command line of dnsmasq in debian, have a look at /etc/init.d/dnsmasq).
– mosvy
Sep 26 at 9:10













Please notice that you can use except-interface with an interface that doesn't exist, eg. except-interface=no_such_if will also turn off the local-service option.
– mosvy
Sep 26 at 11:03





Please notice that you can use except-interface with an interface that doesn't exist, eg. except-interface=no_such_if will also turn off the local-service option.
– mosvy
Sep 26 at 11:03











1 Answer
1






active

oldest

votes

















up vote
1
down vote



accepted










adding interface=eth0 to dnsmasq.conf as suggested by mosvy solved the issue.






share|improve this answer








New contributor




RolandU is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

















    Your Answer







    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "106"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    convertImagesToLinks: false,
    noModals: false,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













     

    draft saved


    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f470745%2fdnsmasq-not-working-after-reboot%23new-answer', 'question_page');

    );

    Post as a guest






























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes








    up vote
    1
    down vote



    accepted










    adding interface=eth0 to dnsmasq.conf as suggested by mosvy solved the issue.






    share|improve this answer








    New contributor




    RolandU is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.





















      up vote
      1
      down vote



      accepted










      adding interface=eth0 to dnsmasq.conf as suggested by mosvy solved the issue.






      share|improve this answer








      New contributor




      RolandU is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.



















        up vote
        1
        down vote



        accepted







        up vote
        1
        down vote



        accepted






        adding interface=eth0 to dnsmasq.conf as suggested by mosvy solved the issue.






        share|improve this answer








        New contributor




        RolandU is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.









        adding interface=eth0 to dnsmasq.conf as suggested by mosvy solved the issue.







        share|improve this answer








        New contributor




        RolandU is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.









        share|improve this answer



        share|improve this answer






        New contributor




        RolandU is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.









        answered Sep 29 at 9:25









        RolandU

        165




        165




        New contributor




        RolandU is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.





        New contributor





        RolandU is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.






        RolandU is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.



























             

            draft saved


            draft discarded















































             


            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f470745%2fdnsmasq-not-working-after-reboot%23new-answer', 'question_page');

            );

            Post as a guest













































































            Popular posts from this blog

            How to check contact read email or not when send email to Individual?

            Displaying single band from multi-band raster using QGIS

            How many registers does an x86_64 CPU actually have?