0

Currently 2.86-1.1ubuntu0.3 is running on ubuntu 22.04.

I used

listen-address=127.0.0.1
listen-address=[public-ip-1]
listen-address=[public-ip-2]
port=53

But dnsmasq binds on all IPs:

netstat -tulpn | grep dnsmasq
tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      3641/dnsmasq
tcp6       0      0 :::53                   :::*                    LISTEN      3641/dnsmasq
udp        0      0 0.0.0.0:53              0.0.0.0:*                           3641/dnsmasq
udp6       0      0 :::53                   :::*                                3641/dnsmasq

On another server with ubuntu 20.04 it runs as expected.

Every little hint will be helpful.

Thilo Schwarz
  • 103
  • 3

1 Answers1

1

This is expected behavior. From the documentation of the bind-interfaces option:

On systems which support it, dnsmasq binds the wildcard address, even when it is listening on only some interfaces. It then discards requests that it shouldn't reply to. This has the advantage of working even when interfaces come and go and change address. This option forces dnsmasq to really bind only the interfaces it is listening on. About the only time when this is useful is when running another nameserver (or another instance of dnsmasq) on the same machine. Setting this option also enables multiple instances of dnsmasq which provide DHCP service to run in the same machine.

(from the dnsmasq man page, emphasis mine)

larsks
  • 43,623
  • 14
  • 121
  • 180
  • Thanx @larsks, but I'm a bit confused. ```bind-interfaces``` isn't use in my config. Could you give me an example, how to bind dnsmasq just on one or more IPs? – Thilo Schwarz Jun 06 '23 at 14:00
  • `dnsmaq` is binding to the wildcard address **because** you're not using `bind-interfaces`. Try adding that to your config and see if you get the behavior you want. – larsks Jun 06 '23 at 14:31
  • Stupid me, thanx a lot, @larsks! – Thilo Schwarz Jun 06 '23 at 15:57