Likley BUG - dnsmasq - Query DNS servers sequentially not working as expected

[gspannu]

dnsmasq option for "Query DNS servers sequentially" is not working as expected in 25.1.b_20-amd64

A fairly simple setup:

192.168.1.111 is a PiHole machine on the same LAN
8.8.8.8 is the external Google DNS

The two DNS servers are defined in System > Settings > General in this order
- 192.168.1.111
- 8.8.8.8

The underlying idea is that OPNsense should first try and resolve the DNS query using PiHole (192.168.1.111) and ONLY if it fails, should then resolve the query using the next DNS server i.e. Google (8.8.8.8)


Working behaviour:

• dnsmasq receives the queries from clients.
• DNS queries are forwarded to 192.168.1.111
• No queries are forwarded to 8.8.8.8 (as the query DNS server sequentially is set).

- Verified this with dnsmasq logs. All good.
- Just as information, if the 'Query DNS server sequentially' flag is unset, queries are forwarded to both upstream servers, exactly as expected.
All good so far.

Problematic behaviour:

• Turn the PiHole machine (192.168.1.111) off or remove network cable (i.e. make PiHole inaccessible)
• dnsmasq should forward query to 192.168.1.111 (It does, all good)
• On failing to resolve the query (i.e. timeout), dnsmasq should now forward the query to 8.8.8.8, but it never does.
• No query is ever sent to 8.8.8.8

- Essentially, all DNS queries from clients now start to fail and dnsmasq never forwards any queries to the next DNS server (8.8.8.8)

As info, this setup was working fine until 24.7 (from what I recall)

-----------------------------------------

Additional information:

• Unbound is running on port 53535 (I know not needed, but should not be relevant for the use case)
• Also using a custom dnsmasq config file (/usr/local/etc/dnsmasq.conf.d/0-myfile.conf).
• It contains two entries so that PiHole can identify the client correctly.

Code Select Expand

add-mac
add-subnet=32,128