You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
For up-stream name resolution dnsmasq normally uses the name servers in the resolvfile, unless noresolv is true (and then a up-stream DNS server should explicitly have been configured).
The file /etc/resolv.conf defines the name servers to be used by processes that run on the router. This file is a soft link to /tmp/resolv.conf.
The dnsmasq init script dnsmasq_start() routine normally writes the file /tmp/resolv.conf and sets the name server to 127.0.0.1; the dnsmasq_stop() routine restores /tmp/resolv.conf to its previous state (being a soft link to /tmp/resolv.conf.auto)
These init script routines execute these steps only when UCI dhcp.dnsmasq.resolvfile equals '/tmp/resolv.conf.auto', but resolvfile only defaults to that value when UCI dhcp.dnsmasq.noresolv is not set to '1'.
Not using the local running DNS service when noresolv is true does not make sence; the semantics of that config value do not imply this.
The latter may typically occur when using unbound as DNS service with dnsmasq as dpcp-link (see unbound documentation).
work-around: explicitly set UCI dhcp.dnsmasq.resolvfile to '/tmp/resolv.conf.auto'.
possible fixes:
Write (and restore) /tmp/resolv.conf also when noresolv is true, e.g. guard it with:
The dnsmasq init patch submitted was discussed by @jow and @dedeckeh and they decided to not merge the patch because:
As already mentioned by me he mentioned the use case of DNAT (thus not
listening on port 53); also in his opinion we should first create a
resolv service which allows to change the resolv file in an atomic way
and then adapt the services.
A possible fix for the port rewrite use-case has been proposed (an extra UCI option) and for the atomicity issue none truly but the changes that issue (also with the current version) occurs seems small.
See [[http://lists.infradead.org/pipermail/lede-dev/2017-June/008107.html|"[LEDE-DEV] [PATCH v4] dnsmasq: manage resolv.conf iff when listening on 127.0.0.1#53"]]
After this another v5 of the patch was submitted that changed some minor issues, but did not solve the two issues above.
Related to the issue of atomicity of setting resolv.conf is likely another issue, that of synchronisation of setting the resolv.conf file only after the resolver really has been started. Currently no such thing is guaranteed after the call to procd_close_instance(). Also see [[http://lists.infradead.org/pipermail/lede-dev/2017-July/008249.html|[LEDE-DEV] Procd questions]]
por:
For up-stream name resolution dnsmasq normally uses the name servers in the resolvfile, unless noresolv is true (and then a up-stream DNS server should explicitly have been configured).
The file /etc/resolv.conf defines the name servers to be used by processes that run on the router. This file is a soft link to /tmp/resolv.conf.
The dnsmasq init script dnsmasq_start() routine normally writes the file /tmp/resolv.conf and sets the name server to 127.0.0.1; the dnsmasq_stop() routine restores /tmp/resolv.conf to its previous state (being a soft link to /tmp/resolv.conf.auto)
These init script routines execute these steps only when UCI dhcp.dnsmasq.resolvfile equals '/tmp/resolv.conf.auto', but resolvfile only defaults to that value when UCI dhcp.dnsmasq.noresolv is not set to '1'.
Not using the local running DNS service when noresolv is true does not make sence; the semantics of that config value do not imply this.
The latter may typically occur when using unbound as DNS service with dnsmasq as dpcp-link (see unbound documentation).
work-around: explicitly set UCI dhcp.dnsmasq.resolvfile to '/tmp/resolv.conf.auto'.
possible fixes:
Write (and restore) /tmp/resolv.conf also when noresolv is true, e.g. guard it with:
[ "$noreolv" -eq '1' -o "$resolvfile" = "/tmp/resolv.conf.auto" ]
or, probably a better fix, just test if a service runs on 127.0.0.1:53; advise on how to accomplish that are welcome.
The text was updated successfully, but these errors were encountered: