Hello everyone! My Debian 12/bookworm laptop uses DHCP with NetworkManager which produce an /etc/resolv.conf containing: # Generated by NetworkManager ``` search home nameserver 192.168.1.254 ``` I've setup NetworkManager to use its local dnsmasq instance to add additional name resolution for libvirt and a VPN, according to [1]. My /etc/NetworkManager/conf.d/localdns.conf contains: ``` [main] dns=dnsmasq ``` and my /etc/NetworkManager/dnsmasq.d/local_dnsmasq.conf contains ``` server=/virt/192.168.122.1 server=/122.168.192.in-addr.arpa/192.168.122.1 server=/vpn/10.70.71.1 server=/71.70.10.in-addr.arpa/10.70.71.1 log-queries ``` The name resolutions (and reverse resolutions) for the the *.vpn and *.virt work just fine. But I'm having issues with the *.home domain as soon as set the dns=dnsmasq in /etc/NetworkManager/conf.d/localdns.conf independent of any entries in /etc/NetworkManager/dnsmasq.d/local_dnsmasq.conf After starting (or restarting) NetworkManager either with ``` sudo systemctl reload NetworkManager.service ``` or with ``` sudo nmcli general reload dns-full ``` the name resolution works twice for anyhost.home in the local domain but subsequently fails with NXDOMAIN. Here ist the output of the log-queries output for a successful ``` ping -c 1 nas-server.home PING nas-server.home (192.168.1.103) 56(84) bytes of data. 64 bytes from nas-server.home (192.168.1.103): icmp_seq=1 ttl=64 time=7.47 ms ``` with the corresponding ``` sudo tail -f /var/log/syslog TS HOST systemd[1]: Reloaded NetworkManager.service - Network Manager. TS HOST dnsmasq[169260]: query[A] nas-server.home from 127.0.0.1 TS HOST dnsmasq[169260]: forwarded nas-server.home to 192.168.1.254 TS HOST dnsmasq[169260]: query[AAAA] nas-server.home from 127.0.0.1 TS HOST dnsmasq[169260]: forwarded nas-server.home to 192.168.1.254 TS HOST dnsmasq[169260]: reply nas-server.home is 192.168.1.103 TS HOST dnsmasq[169260]: reply nas-server.home is NXDOMAIN TS HOST dnsmasq[169260]: query[PTR] 103.1.168.192.in-addr.arpa from 127.0.0.1 TS HOST dnsmasq[169260]: forwarded 103.1.168.192.in-addr.arpa to 192.168.1.254 TS HOST dnsmasq[169260]: reply 192.168.1.103 is nas-server.home ``` Notice the IPv6 AAAA query and the two replies with the FQDN. The first subsequent query succeeds again with: ``` ping -c 1 nas-server.home ping: nas-server.home: Name or service not known ``` with the corresponding ``` sudo tail -f /var/log/syslog TS HOST dnsmasq[171213]: query[A] nas-server.home from 127.0.0.1 TS HOST dnsmasq[171213]: cached nas-server.home is NXDOMAIN TS HOST dnsmasq[171213]: query[AAAA] nas-server.home from 127.0.0.1 TS HOST dnsmasq[171213]: cached nas-server.home is NXDOMAIN TS HOST dnsmasq[171213]: query[A] nas-server from 127.0.0.1 TS HOST dnsmasq[171213]: forwarded nas-server to 192.168.1.254 TS HOST dnsmasq[171213]: query[AAAA] nas-server from 127.0.0.1 TS HOST dnsmasq[171213]: forwarded nas-server to 192.168.1.254 TS HOST dnsmasq[171213]: reply nas-server is 192.168.1.103 TS HOST dnsmasq[171213]: reply nas-server is NXDOMAIN TS HOST dnsmasq[171213]: query[PTR] 103.1.168.192.in-addr.arpa from 127.0.0.1 TS HOST dnsmasq[171213]: forwarded 103.1.168.192.in-addr.arpa to 192.168.1.254 TS HOST dnsmasq[171213]: reply 192.168.1.103 is nas-server.home ``` Notice that the FQDN caches with NXDOMAIN are followed up with just the host name and the same two replies, one with the IP and the other with NXDOMAIN. But all subsequent queries will fail with: ``` ping -c 1 nas-server.home ping: nas-server.home: Name or service not known ``` with the corresponding ``` TS HOST dnsmasq[171213]: query[A] nas-server.home from 127.0.0.1 TS HOST dnsmasq[171213]: cached nas-server.home is NXDOMAIN TS HOST dnsmasq[171213]: query[AAAA] nas-server.home from 127.0.0.1 TS HOST dnsmasq[171213]: cached nas-server.home is NXDOMAIN TS HOST dnsmasq[171213]: query[A] nas-server from 127.0.0.1 TS HOST dnsmasq[171213]: cached nas-server is NXDOMAIN TS HOST dnsmasq[171213]: query[AAAA] nas-server from 127.0.0.1 TS HOST dnsmasq[171213]: cached nas-server is NXDOMAIN ``` Once I restart/reload NetworkManager (i.e. clear the cache) I get two successful name resolutions with subsequent requests failing again. I do notice that when querying external domains, they seem to return NODATA-IPv6 instead of NXDOMAIN for what I assume are the AAAA queries. But I have no control of that my ZTE based ISP suppired router will reply for the AAAA queries. I suppose, that the router is returning the wrong reply for its own local domain for AAAA queries. So I guess my question is, can I tell dnsmasq somehow not to cache NXDOMAIN or interpret it as NODATA-IPv6 for queries to the *.home domain? Any other suggestions are also welcome! And in case this isn't it, where is the correct mailing list, to pose suche a question? Thanks, anyone! David [1] https://networkmanager.dev/docs/api/latest/NetworkManager.conf.html -- David Ayers Supporting: Free Software Foundation Europe [] (http://www.fsfe.org) Become a supporter of the FSFE! [][][] Your donation powers important work! || (http://fsfe.org/donate)
Attachment:
signature.asc
Description: This is a digitally signed message part