[SOLVED] DNSmasq installed but not working

[Arius]

I have been running a pi4 DNSmasq DHCP/Nameserver for the LAN and am trying to migrate those services to work on a Linux Mint 19.3 system.
192.168.0.1 Netgear Wireless Router
192.168.0.2 pi4 DNSmasq & DHCP
192.168.0.4 Linux Mint 19.3 (to become new DNSmasq & DHCP server)

Changed the Mint system from using DHCP to static IP:

Code: Select all

Addresses - Manual
Address: 192.168.0.4
Netmask: 255.255.255.0
Gateway: 192.168.0.1
DNS - Automatic
Server: [left blank]

Installed DNSmasq on Mint and copied over the pi4 /etc/dnsmasq.d/home.dns:

Code: Select all

domain-needed
bogus-priv
domain=MyDom
dhcp-range=eno1,192.168.0.100,192.168.0.130,12h
dhcp-option=eno1,3,192.168.0.1
#
# Static IP Assignments
dhcp-host=B8:8A:E3:AA:EA:5F,C8:F7:33:32:80:39,Betty,192.168.0.100
dhcp-host=90:A4:DE:7A:04:86,Onkyo,192.168.0.101

DNSmasq Status showed conflict with port 53 so enabled port=5353 in DNSmasq.conf but tests failed with clients so reverted that and enabled bind-interfaces with no port 53 conflict from DNSmasq Status but still didn't work.

Also tried deleting /etc/resolv.conf symbolic link then creating new file with nameserver=127.0.0.1 but after reboot the network manager changed it to nameserver=127.0.0.53 and tests with clients still failed. This was attempted since the pi4 /etc/resolv.conf is non-linked file and has nameserver=127.0.0.1

[Arius]

After going down complicated attempts I realized that since upstream DNS servers can be defined in /etc/dnsmasq.conf I might be able to dispense with the local resolv using DNSmasq for name resolution and thereby avoid the collisions over 127.0.0.1 and port 53. An additional advantage is that DNSmasq doesn't have to start before systemd-resolved. The setup:

Static IP setup

Code: Select all

Addresses - Manual
Address: 192.168.0.4
Netmask: 255.255.255.0
Gateway: 192.168.0.1
DNS - Automatic
Server: 192.168.0.1

/etc/dnsmasq.conf

Code: Select all

    no-resolv
    server=208.67.220.220
    server=208.67.222.222

/etc/systemd/resolved.conf

Code: Select all

    DNSStubListener=no

/etc/default/dnsmasq

Code: Select all

    ENABLED=1
    CONFIG_DIR=/etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new
    IGNORE_RESOLVCONF=yes

The above works when starting DNSmasq manually; there are no error messages and clients get IP's and can access the internet.

But, setting DNSmasq enabled then rebooting for auto DNSmasq startup shows one DNSmasq error message. Clients get IP's but have no internet access:
dnsmasq[1076]: Ignoring query from non-local network

I have not found a way for DNSmasq to provide more info on the error. Something is happening during startup that is not encountered while logged into the system and manually controlling DNSmasq. I am not running a VPN that some say causes this error.

[t42]

/etc/default/dnsmasq
IGNORE_RESOLVCONF=yes

?

Code: Select all

/etc/default/dnsmasq
ENABLED=1
IGNORE_RESOLVCONF=yes

[Arius]

I actually enabled DNSmasq in /etc/default/dnsmasq but didn't show it in my post you replied to.
That post has been edited to correct that.

I don't know what is causing the DNSmasq error on boot and its auto startup.

[Arius]

After a lot of testing solutions without success I decided to run DNSmasq in a VM with Linux Mint Xfce.
This was a success and running in a VM made maintenance easy without disturbing the host Linux Mint LAN server.
This is how it was configured on Xfce.

192.168.0.1 Netgear Wireless Router
192.168.0.2 pi4 Retired as DNSmasq & DHCP server
192.168.0.4 Linux Mint 19.3 Cinnamon LAN server host
192.168.0.5 Linux Mint 20.3 Xfce VM as new DNSmasq & DHCP server

Changed the Xfce system from using DHCP to static IP:

Code: Select all

Addresses - Manual
Address: 192.168.0.5
Netmask: 255.255.255.0
Gateway: 192.168.0.1
DNS - 1.1.1.1

Installed DNSmasq on Mint and copied over the pi4 /etc/dnsmasq.d/home.dns:

Code: Select all

domain-needed
bogus-priv
domain=MyDom
dhcp-range=eno1,192.168.0.100,192.168.0.130,12h
dhcp-option=eno1,3,192.168.0.1
#
# Static IP Assignments
dhcp-host=B8:8A:E3:AA:EA:5F,C8:F7:33:32:80:39,Betty,192.168.0.100
dhcp-host=90:A4:DE:7A:04:86,Onkyo,192.168.0.101

/etc/dnsmasq.conf

Code: Select all

no-resolv
server=208.67.220.220
server=208.67.222.222
interface=enp0s3
# Set the "all subnets are local" flag
dhcp-option=27,1
# Send an empty WPAD option. This may be REQUIRED to get windows 7 to behave.
dhcp-option=252,"\n"

DNSmasq did not work without interface=enp0s3.
In SYSLOG there are two warning messages:

Code: Select all

dnsmasq[712]: warning: interface enp0s3 does not currently exist
dnsmasq-dhcp[712]: DHCP packet received on enp0s3 which has no address

Apparently the enp0s3 interface does not exist and DHCP requests are received and ignored until after the netmanager is started.

The dhcp-option=27,1 is to address DNSmasq complaining about subnets in SYSLOG.
dhcp-option=252,"\n" is for my Windows clients - I am not sure if it is necessary.

/etc/systemd/resolved.conf

Code: Select all

DNSStubListener=no

DNSStubListener=no eliminated the resolv and DNSmasq conflict over 127.0.0.1 port 53.

/etc/default/dnsmasq

Code: Select all

ENABLED=1
CONFIG_DIR=/etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new
IGNORE_RESOLVCONF=yes

In Firewall added rules to allow both ways and both protocols for ports 53, 67, and 68 in the VM Xfce and in the hosting Cinnamon server.

[donten]

Persistence furthers!! Good on ya'!

[donten]

BTW, when I installed dnscrypt-proxy,

"Also tried deleting /etc/resolv.conf symbolic link then creating new file with nameserver=127.0.0.1 but after reboot the network manager changed it to nameserver=127.0.0.53 and tests with clients still failed. This was attempted since the pi4 /etc/resolv.conf is non-linked file and has nameserver=127.0.0.1"

you had to set the /etc/resolv.conf file to untouchable using chattr after changing the original.