9

I have two interfaces:

  • wlan0 - Wi-Fi client configured via DHCP;
  • wlan1- static IP address, running hostapd to act as access point, running dnsmasq to give out IP addresses and service DNS requests on that interface.

Unfortunately, it seems that when dnsmasq runs, something overwrites the resolv.conf and sets the local dnsmasq to take over for the local queries. Here is the resolv.conf after dnsmasq has run...

pi@raspberrypi:~$ cat /etc/resolv.conf
# Generated by resolvconf
domain home
nameserver 127.0.0.1

dnsmasq is only bound to wlan1, and in any case was never configured to take over as the local name resolver.

If I kill dnsmasq and then refresh the DHCP lease, then the resolv.conf file has the correct DNS servers as configured via DHCP.

I think this might be the result of an interaction with resolv.conf, but I am not sure.

I can not figure out who is overwriting the local machine DNS server configuration to point to the local dnsmasq server, or how to correctly prevent this from happening.

Note that the reason I want to have dnsmasq only answer DNS requests on wlan1 is because I want to set that interface up to create a captive portal for configuring the SSID on the wlan0 interface though a web page, and the software running on the machine will use the wlan0 connection to get out to the internet.

Greenonline
  • 2,740
  • 4
  • 23
  • 36
bigjosh
  • 280
  • 1
  • 2
  • 8

2 Answers2

9

It appears that the /etc/init.d/dnsmasq script will automatically add the local machine as a resolver unless the lo adapter is explicitly disabled...

start_resolvconf()
{
# If interface "lo" is explicitly disabled in /etc/default/dnsmasq
# Then dnsmasq won't be providing local DNS, so don't add it to
# the resolvconf server set.

        for interface in $DNSMASQ_EXCEPT
        do
                [ $interface = lo ] && return
        done

        if [ -x /sbin/resolvconf ] ; then
                echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo.$NAME
        fi

        for interface in $DNSMASQ_EXCEPT
        do
                [ $interface = lo ] && return
        done

        if [ -x /sbin/resolvconf ] ; then
                echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo.$NAME
        fi
        return 0
}

This seems to conflict with info in the dnsmasq documentation...

Making the nameserver machine use dnsmasq.

In the simple configuration described above, processes local to the machine will not use dnsmasq, since they get their information about which nameservers to use from /etc/resolv.conf, which is set to the upstream nameservers. To fix this, simply replace the nameserver in /etc/resolv.conf with the local address 127.0.0.1 and give the address(es) of the upstream nameserver(s) to dnsmasq directly. You can do this using either the server option, or by putting them into another file, and telling dnsmasq about its location with the resolv-file option.

So to prevent dnsmasq from clobbering a local dns requests, we must explicitly add the line...

DNSMASQ_EXCEPT=lo

...to the file /etc/default/dnsmasq. Note that we do this for no other reason other than to prevent the init script from calling resolvconf. Also note that adding except-interface=lo line to the /etc/dnsmasq/conf file will not have the desired effect because the init script does not check the contents of that file.

bigjosh
  • 280
  • 1
  • 2
  • 8
  • 1
    /etc/default/dnsmasq now has an option to un-hash at the end, which does the job: IGNORE_RESOLVCONF=yes. – Maynard Aug 08 '16 at 13:53
  • 1
    I've found that uncommenting IGNORE_RESOLVCONF=yes doesn't actually do anything, adding DNSMASQ_EXCEPT=lo actually fixed the problem. This was on rasbian 2018-03-13 with dnsmasq 2.76. – mtfurlan Apr 16 '18 at 19:38
0

I had a similar problem,I connected to a network over wifi and /etc/resolv.conf was set up correctly with domain name and dns severs from the DHCP server.

I wanted dnsmasq to serve a local lan with DHCP and DNS so I installed it and added the domain and address ranges etc. When I started dnsmasq, /etc/resolv.conf was rewritten and nothing could be resolved. I discovered that upon startup dnsmasq read /etc/resolv.conf, and added the contents to it's local information. However, it then read the /etc/resolv.conf again and this flushed all of the dns server information leaving it pointing at itself.

The fix is to change the configuration to read the dns information from the location which resolvconf places it for dnsmasq. See /etc/resolvconf/update.d/dnsmasq

I added a config file to /etc/dnsmasq.d with the following content

# make dnsmasq read the correct file location for the resolvconf updates
#
resolv-file=/run/dnsmasq/resolv.conf

I also set IGNORE_RESOLVCONF=yes but I don't know if it makes any difference.

I hope this helps someone, it took me some time to figure out what was going on, systemctl status dnsmasq showed me the double read.

SEWTGIYWTKHNTDS
  • 458
  • 3
  • 8