OpenWRT based gateway with dnsmasq and internal server with bind
- by Peter
I have router based on OpenWRT which has dnsmasq 2.59. Inside my local area network I have a NS server bind. This server has internal and external views for a couple of my domains. My router forwards port 53 TCP and UDP from outside IP (router WAN) to this server. For the external clients everything works fine.
In order to organize the internal view, I decided to add the exception to
/etc/dnsmasq.conf
server=/mydomain1.com/192.168.1.1
server=/mydomain2.com/192.168.1.1
server=/mydomain3.com/192.168.1.1
(192.168.1.1 - IP address of the NS server)
According to dnsmasq manstrong text:
More specific domains take precendence over less specific domains, so: --server=/google.com/1.2.3.4 --server=/www.google.com/2.3.4.5 will send queries for *.google.com to 1.2.3.4, except *www.google.com, which will go to 2.3.4.5
this domain name with all the sub-domains is supposed to be forward to my NS server.
Everything works (SOA, NS, MX, CNAME, TXT, SRV etc.) except for A-record:
# nslookup -type=a mydomain1.com
Server: 192.168.1.100
Address: 192.168.1.100#53
*** Can't find mydomain1.com: No answer
192.168.1.100 - IP address of my router (dnsmasq)
However, I can get the answer for the TXT-record query:
# nslookup -type=txt mydomain1.com
Server: 192.168.1.100
Address: 192.168.1.100#53
mydomain1.com text = "v=spf1 include:mydomain1.com -all"
When I just specify the local IP of my NS server (direct access to the server without using dnsmasq) then the results are:
# nslookup -type=a mydomain1.com 192.168.1.1
Server: 192.168.1.1
Address: 192.168.1.1#53
Name: mydomain1.com
Address: 192.168.1.1
There is a similar situation with the MX-record:
C:\>nslookup -type=mx mydomain1.com
Server: router.lan
Address: 192.168.1.100
mydomain1.com MX preference = 10, mail exchanger = mail.mydomain1.com
mydomain1.com nameserver = ns.mydomain1.com
mail.mydomain1.com internet address = 192.168.1.1
ns.mydomain1.com internet address = 192.168.1.1
C:\>nslookup -type=a mail.mydomain1.com
Server: router.lan
Address: 192.168.1.100
*** No address (A) records available for mail.mydomain1.com
This is a dig result:
# dig +nocmd mydomain1.com any +multiline +noall +answer
mydomain1.com. 86400 IN SOA ns.mydomain1.com. hostmaster.mydomain1.com. (
121204007 ; serial
28800 ; refresh (8 hours)
7200 ; retry (2 hours)
604800 ; expire (1 week)
3600 ; minimum (1 hour)
)
mydomain1.com. 86400 IN NS ns.mydomain1.com.
mydomain1.com. 86400 IN A 192.168.1.1
mydomain1.com. 604800 IN MX 10 mail.mydomain1.com.
mydomain1.com. 3600 IN TXT "v=spf1 include:mydomain1.com -all"
When I try to ping:
# ping mydomain1.com
ping: cannot resolve mydomain1.com: Unknown host
Is it a bug of dnsmasq 2.59? How to manage this problem?