Print Page - Possible Bugs in dnsmasq

Title: Possible Bugs in dnsmasq
Post by: Wrigleys on May 16, 2025, 10:25:58 AM

Hi All

I've switched from KEA DHCPv4 and Unbound to dnsmasq DHCP and DNS for simplicity and noticed few things:

Adding a "Domain" in Host Override will be ignored (only the default domain will be applied). The configured Domain attribute (in DHCP ranges) gets applied when the address reservation is in a specific DHCP range. Best pracices would be to set static leases outside of any DHCP ranges.
The option "Query DNS servers sequentially" seems not working correctly. For any DNS resolution I've see all configured nameserver in the Log File of dnsmasq (in my case 4 nameservers will be used for any DNS resolution)
Is it planned to limit logging of dnsmasq? Because actually it logs any DNS request for any configured nameserver including 127.0.0.1 (which mentioned will be ignored)

Regardless, I would like to say THANK YOU to any developer of OPNsense. Your effort is highly appreciated. Awesome development progress during the last 10 years.

Many thanks and kind regards,
Wrigleys

Title: Re: Possible Bugs in dnsmasq
Post by: Monviech (Cedrik) on May 16, 2025, 10:40:07 AM

Hello,

1. I think you can create a dynamic and a static pool and put your reservations into the scope of the static pool to get the domain appended.
2. We tested this before and it seems it worked correctly: https://github.com/opnsense/core/issues/8416
3. If you know what you need changed in terms of logging, please open an issue on github and we can look into it.

Thank you for the feedback :)

Title: Re: Possible Bugs in dnsmasq
Post by: Monviech (Cedrik) on May 16, 2025, 11:05:07 AM

Regarding the logging, I did not see any query logs in my /var/log/dnsmasq/* files.

I've checked the man page, and only if "log-queries" is set, it will log them.

https://github.com/opnsense/core/blob/b2913dbdb7ae947095277749f2cb9399986e27b5/src/opnsense/service/templates/OPNsense/Dnsmasq/dnsmasq.conf#L108-L112

Can you check in "Dnsmasq - General" with "Advanced Mode" enabled, if you set "Log the results of DNS queries"? If yes disable it.

Title: Re: Possible Bugs in dnsmasq
Post by: Wrigleys on May 16, 2025, 05:02:30 PM

Hi Monviech

Thanks for your support.

A DHCP range with Mode "static" only allows a Start address. When I specify the Domain in DHCP range it requires an End address. In addition to, with a "static" DHCP Range of the same Host-IP as Start address (with empty Domain), I'm unable to get the Domain appended in Host Override under "Domain". Seems kind of strange to me.

With logging I mean the Log File listed in GUI Services --> Dnsmasq DNS & DHCP --> Log File. For a single DNS Lookup the following Logs will be added:

2025-05-16T16:56:07 Informational dnsmasq using nameserver 2620:fe::9#53
2025-05-16T16:56:07 Informational dnsmasq using nameserver 2620:fe::fe#53
2025-05-16T16:56:07 Informational dnsmasq using nameserver 149.112.112.112#53
2025-05-16T16:56:07 Informational dnsmasq using nameserver 9.9.9.9#53
2025-05-16T16:56:07 Warning dnsmasq ignoring nameserver 127.0.0.1 - local interface
2025-05-16T16:56:07 Informational dnsmasq reading /etc/resolv.conf

Log the results of DNS queries under "Advanced Mode" is deactivated.

Thanks and cheers,
Wrigleys

OPNsense Forum

English Forums => 25.1, 25.4 Production Series => Topic started by: Wrigleys on May 16, 2025, 10:25:58 AM