DNSMASQ just partly replays DNS queries

sisyphos · 10-14-2015, 03:46 PM

Hi,

hope someone could help.

It seems dnsmasq is not recognizing not all of my DNS requests. That's quite bad, because I would like to block some domains dnsmasq's address=/../.. feature. For that I have to ensure that all DNS-Requests are answered from dnsmasq -- what is not the case.

This is my setup.

Code:

             Router-from-ISP     Ubuntu-Router (DNSMASQ)     
Internet <---> 192.168.0.1 <-----> 192.168.0.253 (br0:1)    Clients (Windows, Android, Linux)
                                   192.168.1.1 (br0) <-----> 192.168.1.100-192.168.1.100.150

One might ask "why"? I can not change the router, because the cable provider only allow their own devices. But the router from ISP does only allow some settings, e.g., blocking some urls or adding a route is not possible. That's why I want to realize DNS-caching by my own. I can not manually configure the clients; DHCP is all what I can do for them.

This is configuration of Ubuntu-Router:

1. Interfaces

Code:

auto lo
iface lo inet loopback
auto br0
iface br0 inet static
	bridge_ports p1p1 wlan1
        address 192.168.2.1
        network 192.168.2.0
        netmask 255.255.255.0
	broadcast 192.168.2.255
auto br0:1
iface br0:1 inet static
	address 192.168.0.253
        netmask 255.255.255.0
	broadcast 192.168.0.255
        network 192.168.0.0
	gateway 192.168.0.1
up /sbin/iptables -F
 up /sbin/iptables -X
  up /sbin/iptables -t nat -F
up /sbin/iptables -A FORWARD -o br0:1 -i br0 -m conntrack --ctstate NEW -j ACCEPT
 up /sbin/iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
  up /sbin/iptables -A POSTROUTING -t nat -j MASQUERADE
up /etc/init.d/hostapd restart
 up /etc/init.d/dnsmasq restart

2. Resolv.conf

Code:

nameserver 127.0.0.1
nameserver 192.168.0.1

3. dnsmasq.conf

Code:

address=/double-click.net/127.0.0.1
address=/doubleclick.net/127.0.0.1
address=/doubleclickbygoogle.com/127.0.0.1
address=/doubleclickbygoogle.net/127.0.0.1
address=/google-analytics.com/127.0.0.1
address=/google-analytics.net/127.0.0.1
address=/ssl.google-analytics.com/127.0.0.1
address=/googleanalytics.com/127.0.0.1
address=/googleanalytics.net/127.0.0.1
address=/facebook.com/127.0.0.1
interface=lo
interface=br0
server=192.168.0.1
listen-address=127.0.0.1
listen-address=::1
listen-address=192.168.2.1
dhcp-range=192.168.2.200,192.168.2.250,255.255.255.0,12h
dhcp-option=121,192.168.2.0/24,192.192.168.2.1
log-queries
log-dhcp

4. syctrl.conf

Code:

net.ipv4.ip_forward=1
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
net.ipv6.conf.br0.disable_ipv6 = 1
net.ipv6.conf.br0:1.disable_ipv6 = 1

What happens now is something like this: If I connect one client via DHCP dnsmasq is logging this:

Code:

Oct 14 22:34:43 sithonia dnsmasq-dhcp[1047]: 1863487321 Klient stellt Name bereit: santorin
Oct 14 22:34:43 sithonia dnsmasq-dhcp[1047]: 1863487321 DHCPREQUEST(br0) 192.168.2.231 a0:88:b4:75:69:94 
Oct 14 22:34:43 sithonia dnsmasq-dhcp[1047]: 1863487321 Marken: br0
Oct 14 22:34:43 sithonia dnsmasq-dhcp[1047]: 1863487321 DHCPACK(br0) 192.168.2.231 a0:88:b4:75:69:94 santorin
Oct 14 22:34:43 sithonia dnsmasq-dhcp[1047]: 1863487321 angeforderte Optionen: 1:netmask, 28:broadcast, 2:time-offset, 3:router, 
Oct 14 22:34:43 sithonia dnsmasq-dhcp[1047]: 1863487321 angeforderte Optionen: 15:domain-name, 6:dns-server, 119:domain-search, 
Oct 14 22:34:43 sithonia dnsmasq-dhcp[1047]: 1863487321 angeforderte Optionen: 12:hostname, 44:netbios-ns, 47:netbios-scope, 
Oct 14 22:34:43 sithonia dnsmasq-dhcp[1047]: 1863487321 angeforderte Optionen: 26:mtu, 121:classless-static-route, 42:ntp-server, 
Oct 14 22:34:43 sithonia dnsmasq-dhcp[1047]: 1863487321 angeforderte Optionen: 121:classless-static-route, 249, 33:static-route, 
Oct 14 22:34:43 sithonia dnsmasq-dhcp[1047]: 1863487321 angeforderte Optionen: 252, 42:ntp-server
Oct 14 22:34:43 sithonia dnsmasq-dhcp[1047]: 1863487321 Nächster Server: 192.168.2.1
Oct 14 22:34:43 sithonia dnsmasq-dhcp[1047]: 1863487321 sent size:  1 option: 53 message-type  5
Oct 14 22:34:43 sithonia dnsmasq-dhcp[1047]: 1863487321 sent size:  4 option: 54 server-identifier  192.168.2.1
Oct 14 22:34:43 sithonia dnsmasq-dhcp[1047]: 1863487321 sent size:  4 option: 51 lease-time  12h
Oct 14 22:34:43 sithonia dnsmasq-dhcp[1047]: 1863487321 sent size:  4 option: 58 T1  6h
Oct 14 22:34:43 sithonia dnsmasq-dhcp[1047]: 1863487321 sent size:  4 option: 59 T2  10h30m
Oct 14 22:34:43 sithonia dnsmasq-dhcp[1047]: 1863487321 sent size:  4 option:  1 netmask  255.255.255.0
Oct 14 22:34:43 sithonia dnsmasq-dhcp[1047]: 1863487321 sent size:  4 option: 28 broadcast  192.168.2.255
Oct 14 22:34:43 sithonia dnsmasq-dhcp[1047]: 1863487321 sent size:  4 option:  3 router  192.168.2.1
Oct 14 22:34:43 sithonia dnsmasq-dhcp[1047]: 1863487321 sent size:  4 option:  6 dns-server  192.168.2.1
Oct 14 22:34:43 sithonia dnsmasq-dhcp[1047]: 1863487321 sent size:  8 option: 12 hostname  santorin

This looks from my point of view very well. But if I browse the internet on the client, just some of dns queries apper in the internet:

Code:

Oct 14 22:19:34 sithonia dnsmasq[1072]: query[A] button.flattr.com from 192.168.2.231
Oct 14 22:19:34 sithonia dnsmasq[1072]: forwarded button.flattr.com to 192.168.0.1
Oct 14 22:19:34 sithonia dnsmasq[1072]: reply button.flattr.com is 104.20.15.50

In this case the server was "taz.de" but just some buttons apper in the dnsmasq log. And I can browse "facebook.com" which I turned to Ubuntu-Routers IP.

Any idea why dns queries are only partly answered by dnsmasq?

ondoho · 10-19-2015, 01:21 AM

hello,
i'm not really good with these things, but...

i know dnsmasq a little. very little.
but, again...
if all you want to do is block some domains, why don't you do it through the /etc/hosts file?

(if you think that's an option, we can give more advice with that)