dnsmasq not working after reboot
Clash Royale CLAN TAG#URR8PPP
up vote
0
down vote
favorite
After rebooting, dnsmasq service is running, but does not respond to remote requests (trying using "dig @10.0.0.1 stackexchange.com" from another machine). The log looks good in my opinion:
Aug 11 17:41:04 srvname systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server...
Aug 11 17:41:04 srvname dnsmasq[488]: dnsmasq: syntax check OK.
Aug 11 17:41:04 srvname dnsmasq[530]: started, version 2.76 cachesize 150
Aug 11 17:41:04 srvname dnsmasq[530]: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ips
Aug 11 17:41:04 srvname dnsmasq[530]: DNS service limited to local subnets
Aug 11 17:41:04 srvname dnsmasq[530]: using nameserver 208.67.222.222#53
Aug 11 17:41:04 srvname dnsmasq[530]: using nameserver 208.67.220.220#53
Aug 11 17:41:04 srvname dnsmasq[530]: read /etc/hosts - 5 addresses
Aug 11 17:41:04 srvname systemd[1]: Started dnsmasq - A lightweight DHCP and caching DNS server.
Aug 11 17:41:21 srvname dnsmasq[530]: Ignoring query from non-local network
I have no idea where the last line comes from but it is there immediately after reboot before I do anything.
If I restart the dnsmasq service, I get the same log entries except for the last line and then it is reachable for all machines on the network - all is fine.
dnsmasq config:
domain-needed
bogus-priv
no-resolv
server=208.67.220.220
server=208.67.222.222
address=/homeserver.mydomain.com/10.0.0.99
The last line is so that machines on my local network will be able to find the server itself using its domain name. My internet router won't forward requests for homeserver.mydomain.com from the local network to 10.0.0.99 on its own (this is a feature some routers have and some (like mine) do not).
In addition to this config I filter out malware servers from a list.
relevant iptables config (iptables-persistent file):
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -p udp -m udp --sport 53 -j ACCEPT
I have found two possible solutions so far, however I don't know how to implement them:
in an earlier question someone mentions that disabling IPv6 helped them with a similar issue. However, I am not sure how to do that.- A friend suggested that the order in which the services are started might be the issue and to move dnsmasq to the end so it starts last. However, I am also not sure how to modify this. What I tried already was to put into /etc/network/interfaces the following line: "post-up /usr/sbin/service dnsmasq restart" (attempting to force the reboot after the network comes up). However, that did not help either.
OS: Debian GNU/Linux 9 (stretch)
Kernel: Linux 4.9.0-8-amd64 #1 SMP Debian 4.9.110-3+deb9u4 (2018-08-21) x86_64 GNU/Linux
Hardware: Asus VivoMini Intel N3000
dns services reboot dnsmasq
add a comment |Â
up vote
0
down vote
favorite
After rebooting, dnsmasq service is running, but does not respond to remote requests (trying using "dig @10.0.0.1 stackexchange.com" from another machine). The log looks good in my opinion:
Aug 11 17:41:04 srvname systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server...
Aug 11 17:41:04 srvname dnsmasq[488]: dnsmasq: syntax check OK.
Aug 11 17:41:04 srvname dnsmasq[530]: started, version 2.76 cachesize 150
Aug 11 17:41:04 srvname dnsmasq[530]: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ips
Aug 11 17:41:04 srvname dnsmasq[530]: DNS service limited to local subnets
Aug 11 17:41:04 srvname dnsmasq[530]: using nameserver 208.67.222.222#53
Aug 11 17:41:04 srvname dnsmasq[530]: using nameserver 208.67.220.220#53
Aug 11 17:41:04 srvname dnsmasq[530]: read /etc/hosts - 5 addresses
Aug 11 17:41:04 srvname systemd[1]: Started dnsmasq - A lightweight DHCP and caching DNS server.
Aug 11 17:41:21 srvname dnsmasq[530]: Ignoring query from non-local network
I have no idea where the last line comes from but it is there immediately after reboot before I do anything.
If I restart the dnsmasq service, I get the same log entries except for the last line and then it is reachable for all machines on the network - all is fine.
dnsmasq config:
domain-needed
bogus-priv
no-resolv
server=208.67.220.220
server=208.67.222.222
address=/homeserver.mydomain.com/10.0.0.99
The last line is so that machines on my local network will be able to find the server itself using its domain name. My internet router won't forward requests for homeserver.mydomain.com from the local network to 10.0.0.99 on its own (this is a feature some routers have and some (like mine) do not).
In addition to this config I filter out malware servers from a list.
relevant iptables config (iptables-persistent file):
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -p udp -m udp --sport 53 -j ACCEPT
I have found two possible solutions so far, however I don't know how to implement them:
in an earlier question someone mentions that disabling IPv6 helped them with a similar issue. However, I am not sure how to do that.- A friend suggested that the order in which the services are started might be the issue and to move dnsmasq to the end so it starts last. However, I am also not sure how to modify this. What I tried already was to put into /etc/network/interfaces the following line: "post-up /usr/sbin/service dnsmasq restart" (attempting to force the reboot after the network comes up). However, that did not help either.
OS: Debian GNU/Linux 9 (stretch)
Kernel: Linux 4.9.0-8-amd64 #1 SMP Debian 4.9.110-3+deb9u4 (2018-08-21) x86_64 GNU/Linux
Hardware: Asus VivoMini Intel N3000
dns services reboot dnsmasq
1
Please add info about your config to your question -- you can get itegrep -hrv '^#|^$' /etc/dnsmasq.*
(of course, edit out any sensitive stuff). Try addingexcept-interface=ethX
to the config (where ethX is an interface you don't need dnsmasq to listen on) -- the errors suggest thatlocal-service
is in effect and the machine you're querying from is not on the same subnet.
â mosvy
Sep 22 at 21:51
@mosvy: I added details. I only have one eth-interface and all machines are on the same subnet, so I don't think this is the issue.
â RolandU
Sep 26 at 4:56
For one reason or another, dnsmasq seems to believe that they're not on the same subnet -- that's what should be investigated. In the meanwhile, you could try addinginterface=you_ethX
to the config. Read about--local-service
in the manpage for how it interacts withexcept-interface
andinterface
( the--local-service
option is given directly on the command line of dnsmasq in debian, have a look at/etc/init.d/dnsmasq
).
â mosvy
Sep 26 at 9:10
Please notice that you can useexcept-interface
with an interface that doesn't exist, eg.except-interface=no_such_if
will also turn off thelocal-service
option.
â mosvy
Sep 26 at 11:03
add a comment |Â
up vote
0
down vote
favorite
up vote
0
down vote
favorite
After rebooting, dnsmasq service is running, but does not respond to remote requests (trying using "dig @10.0.0.1 stackexchange.com" from another machine). The log looks good in my opinion:
Aug 11 17:41:04 srvname systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server...
Aug 11 17:41:04 srvname dnsmasq[488]: dnsmasq: syntax check OK.
Aug 11 17:41:04 srvname dnsmasq[530]: started, version 2.76 cachesize 150
Aug 11 17:41:04 srvname dnsmasq[530]: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ips
Aug 11 17:41:04 srvname dnsmasq[530]: DNS service limited to local subnets
Aug 11 17:41:04 srvname dnsmasq[530]: using nameserver 208.67.222.222#53
Aug 11 17:41:04 srvname dnsmasq[530]: using nameserver 208.67.220.220#53
Aug 11 17:41:04 srvname dnsmasq[530]: read /etc/hosts - 5 addresses
Aug 11 17:41:04 srvname systemd[1]: Started dnsmasq - A lightweight DHCP and caching DNS server.
Aug 11 17:41:21 srvname dnsmasq[530]: Ignoring query from non-local network
I have no idea where the last line comes from but it is there immediately after reboot before I do anything.
If I restart the dnsmasq service, I get the same log entries except for the last line and then it is reachable for all machines on the network - all is fine.
dnsmasq config:
domain-needed
bogus-priv
no-resolv
server=208.67.220.220
server=208.67.222.222
address=/homeserver.mydomain.com/10.0.0.99
The last line is so that machines on my local network will be able to find the server itself using its domain name. My internet router won't forward requests for homeserver.mydomain.com from the local network to 10.0.0.99 on its own (this is a feature some routers have and some (like mine) do not).
In addition to this config I filter out malware servers from a list.
relevant iptables config (iptables-persistent file):
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -p udp -m udp --sport 53 -j ACCEPT
I have found two possible solutions so far, however I don't know how to implement them:
in an earlier question someone mentions that disabling IPv6 helped them with a similar issue. However, I am not sure how to do that.- A friend suggested that the order in which the services are started might be the issue and to move dnsmasq to the end so it starts last. However, I am also not sure how to modify this. What I tried already was to put into /etc/network/interfaces the following line: "post-up /usr/sbin/service dnsmasq restart" (attempting to force the reboot after the network comes up). However, that did not help either.
OS: Debian GNU/Linux 9 (stretch)
Kernel: Linux 4.9.0-8-amd64 #1 SMP Debian 4.9.110-3+deb9u4 (2018-08-21) x86_64 GNU/Linux
Hardware: Asus VivoMini Intel N3000
dns services reboot dnsmasq
After rebooting, dnsmasq service is running, but does not respond to remote requests (trying using "dig @10.0.0.1 stackexchange.com" from another machine). The log looks good in my opinion:
Aug 11 17:41:04 srvname systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server...
Aug 11 17:41:04 srvname dnsmasq[488]: dnsmasq: syntax check OK.
Aug 11 17:41:04 srvname dnsmasq[530]: started, version 2.76 cachesize 150
Aug 11 17:41:04 srvname dnsmasq[530]: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ips
Aug 11 17:41:04 srvname dnsmasq[530]: DNS service limited to local subnets
Aug 11 17:41:04 srvname dnsmasq[530]: using nameserver 208.67.222.222#53
Aug 11 17:41:04 srvname dnsmasq[530]: using nameserver 208.67.220.220#53
Aug 11 17:41:04 srvname dnsmasq[530]: read /etc/hosts - 5 addresses
Aug 11 17:41:04 srvname systemd[1]: Started dnsmasq - A lightweight DHCP and caching DNS server.
Aug 11 17:41:21 srvname dnsmasq[530]: Ignoring query from non-local network
I have no idea where the last line comes from but it is there immediately after reboot before I do anything.
If I restart the dnsmasq service, I get the same log entries except for the last line and then it is reachable for all machines on the network - all is fine.
dnsmasq config:
domain-needed
bogus-priv
no-resolv
server=208.67.220.220
server=208.67.222.222
address=/homeserver.mydomain.com/10.0.0.99
The last line is so that machines on my local network will be able to find the server itself using its domain name. My internet router won't forward requests for homeserver.mydomain.com from the local network to 10.0.0.99 on its own (this is a feature some routers have and some (like mine) do not).
In addition to this config I filter out malware servers from a list.
relevant iptables config (iptables-persistent file):
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -p udp -m udp --sport 53 -j ACCEPT
I have found two possible solutions so far, however I don't know how to implement them:
in an earlier question someone mentions that disabling IPv6 helped them with a similar issue. However, I am not sure how to do that.- A friend suggested that the order in which the services are started might be the issue and to move dnsmasq to the end so it starts last. However, I am also not sure how to modify this. What I tried already was to put into /etc/network/interfaces the following line: "post-up /usr/sbin/service dnsmasq restart" (attempting to force the reboot after the network comes up). However, that did not help either.
OS: Debian GNU/Linux 9 (stretch)
Kernel: Linux 4.9.0-8-amd64 #1 SMP Debian 4.9.110-3+deb9u4 (2018-08-21) x86_64 GNU/Linux
Hardware: Asus VivoMini Intel N3000
dns services reboot dnsmasq
dns services reboot dnsmasq
edited Sep 23 at 7:41
asked Sep 22 at 19:06
RolandU
165
165
1
Please add info about your config to your question -- you can get itegrep -hrv '^#|^$' /etc/dnsmasq.*
(of course, edit out any sensitive stuff). Try addingexcept-interface=ethX
to the config (where ethX is an interface you don't need dnsmasq to listen on) -- the errors suggest thatlocal-service
is in effect and the machine you're querying from is not on the same subnet.
â mosvy
Sep 22 at 21:51
@mosvy: I added details. I only have one eth-interface and all machines are on the same subnet, so I don't think this is the issue.
â RolandU
Sep 26 at 4:56
For one reason or another, dnsmasq seems to believe that they're not on the same subnet -- that's what should be investigated. In the meanwhile, you could try addinginterface=you_ethX
to the config. Read about--local-service
in the manpage for how it interacts withexcept-interface
andinterface
( the--local-service
option is given directly on the command line of dnsmasq in debian, have a look at/etc/init.d/dnsmasq
).
â mosvy
Sep 26 at 9:10
Please notice that you can useexcept-interface
with an interface that doesn't exist, eg.except-interface=no_such_if
will also turn off thelocal-service
option.
â mosvy
Sep 26 at 11:03
add a comment |Â
1
Please add info about your config to your question -- you can get itegrep -hrv '^#|^$' /etc/dnsmasq.*
(of course, edit out any sensitive stuff). Try addingexcept-interface=ethX
to the config (where ethX is an interface you don't need dnsmasq to listen on) -- the errors suggest thatlocal-service
is in effect and the machine you're querying from is not on the same subnet.
â mosvy
Sep 22 at 21:51
@mosvy: I added details. I only have one eth-interface and all machines are on the same subnet, so I don't think this is the issue.
â RolandU
Sep 26 at 4:56
For one reason or another, dnsmasq seems to believe that they're not on the same subnet -- that's what should be investigated. In the meanwhile, you could try addinginterface=you_ethX
to the config. Read about--local-service
in the manpage for how it interacts withexcept-interface
andinterface
( the--local-service
option is given directly on the command line of dnsmasq in debian, have a look at/etc/init.d/dnsmasq
).
â mosvy
Sep 26 at 9:10
Please notice that you can useexcept-interface
with an interface that doesn't exist, eg.except-interface=no_such_if
will also turn off thelocal-service
option.
â mosvy
Sep 26 at 11:03
1
1
Please add info about your config to your question -- you can get it
egrep -hrv '^#|^$' /etc/dnsmasq.*
(of course, edit out any sensitive stuff). Try adding except-interface=ethX
to the config (where ethX is an interface you don't need dnsmasq to listen on) -- the errors suggest that local-service
is in effect and the machine you're querying from is not on the same subnet.â mosvy
Sep 22 at 21:51
Please add info about your config to your question -- you can get it
egrep -hrv '^#|^$' /etc/dnsmasq.*
(of course, edit out any sensitive stuff). Try adding except-interface=ethX
to the config (where ethX is an interface you don't need dnsmasq to listen on) -- the errors suggest that local-service
is in effect and the machine you're querying from is not on the same subnet.â mosvy
Sep 22 at 21:51
@mosvy: I added details. I only have one eth-interface and all machines are on the same subnet, so I don't think this is the issue.
â RolandU
Sep 26 at 4:56
@mosvy: I added details. I only have one eth-interface and all machines are on the same subnet, so I don't think this is the issue.
â RolandU
Sep 26 at 4:56
For one reason or another, dnsmasq seems to believe that they're not on the same subnet -- that's what should be investigated. In the meanwhile, you could try adding
interface=you_ethX
to the config. Read about --local-service
in the manpage for how it interacts with except-interface
and interface
( the --local-service
option is given directly on the command line of dnsmasq in debian, have a look at /etc/init.d/dnsmasq
).â mosvy
Sep 26 at 9:10
For one reason or another, dnsmasq seems to believe that they're not on the same subnet -- that's what should be investigated. In the meanwhile, you could try adding
interface=you_ethX
to the config. Read about --local-service
in the manpage for how it interacts with except-interface
and interface
( the --local-service
option is given directly on the command line of dnsmasq in debian, have a look at /etc/init.d/dnsmasq
).â mosvy
Sep 26 at 9:10
Please notice that you can use
except-interface
with an interface that doesn't exist, eg. except-interface=no_such_if
will also turn off the local-service
option.â mosvy
Sep 26 at 11:03
Please notice that you can use
except-interface
with an interface that doesn't exist, eg. except-interface=no_such_if
will also turn off the local-service
option.â mosvy
Sep 26 at 11:03
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
1
down vote
accepted
adding interface=eth0
to dnsmasq.conf as suggested by mosvy solved the issue.
New contributor
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
accepted
adding interface=eth0
to dnsmasq.conf as suggested by mosvy solved the issue.
New contributor
add a comment |Â
up vote
1
down vote
accepted
adding interface=eth0
to dnsmasq.conf as suggested by mosvy solved the issue.
New contributor
add a comment |Â
up vote
1
down vote
accepted
up vote
1
down vote
accepted
adding interface=eth0
to dnsmasq.conf as suggested by mosvy solved the issue.
New contributor
adding interface=eth0
to dnsmasq.conf as suggested by mosvy solved the issue.
New contributor
New contributor
answered Sep 29 at 9:25
RolandU
165
165
New contributor
New contributor
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f470745%2fdnsmasq-not-working-after-reboot%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
1
Please add info about your config to your question -- you can get it
egrep -hrv '^#|^$' /etc/dnsmasq.*
(of course, edit out any sensitive stuff). Try addingexcept-interface=ethX
to the config (where ethX is an interface you don't need dnsmasq to listen on) -- the errors suggest thatlocal-service
is in effect and the machine you're querying from is not on the same subnet.â mosvy
Sep 22 at 21:51
@mosvy: I added details. I only have one eth-interface and all machines are on the same subnet, so I don't think this is the issue.
â RolandU
Sep 26 at 4:56
For one reason or another, dnsmasq seems to believe that they're not on the same subnet -- that's what should be investigated. In the meanwhile, you could try adding
interface=you_ethX
to the config. Read about--local-service
in the manpage for how it interacts withexcept-interface
andinterface
( the--local-service
option is given directly on the command line of dnsmasq in debian, have a look at/etc/init.d/dnsmasq
).â mosvy
Sep 26 at 9:10
Please notice that you can use
except-interface
with an interface that doesn't exist, eg.except-interface=no_such_if
will also turn off thelocal-service
option.â mosvy
Sep 26 at 11:03