1

I just finished configuring dnsmasq on a local machine and it seems to work fine when resolving domains using itself. When I point another machine on the network to use the dnsmasq machine as its sole DNS server, I can't get any domain to resolve at all.

My config files look like this (am I missing something?):

resolv.conf

nameserver 127.0.0.1

dnsmasq.conf

# resolv File
resolv-file=/etc/resolv.conf

# DNS Servers
server=131.191.7.5
server=131.191.7.12

# Domain Overrides
address=/mydomain.com/192.168.2.253
address=/one.mydomain.com/192.168.2.253
address=/two.mydomain.com/192.168.2.253
address=/thismachine.local/192.168.2.253

When I run "sudo lsof -i | grep LISTEN" I can see dnsmasq listening on port 53:

dnsmasq   189         nobody    4u  IPv4 0x05bf8338      0t0    TCP localhost:domain (LISTEN)
dnsmasq   189         nobody    6u  IPv6 0x05bf31f0      0t0    TCP uberserve.local:domain (LISTEN)
dnsmasq   189         nobody    8u  IPv6 0x05bf2f80      0t0    TCP localhost:domain (LISTEN)
dnsmasq   189         nobody   10u  IPv6 0x05bf2d10      0t0    TCP localhost:domain (LISTEN)
Wilco
  • 365
  • 5
  • 17

1 Answers1

3

What's your firewall look like on the dnsmasq box?

Check inbound port 53.

Run a packet trace on your new dnsmasq box on port 53 and see what's happening.

You can force a client to use your dnsmasq box like so:

dig www.google.com @dnsmasboxip

dmourati
  • 25,540
  • 2
  • 42
  • 72
  • So port 53 is definitely being blocked somehow, but I don't have any firewalls or utilities blocking it. Are there any recommended places to check in OS X for the culprit? – Wilco Apr 07 '11 at 04:16
  • 1
    Try here: http://support.apple.com/kb/ht1810 – dmourati Apr 07 '11 at 04:25
  • Currently I have Apple's included firewall completely disabled. – Wilco Apr 07 '11 at 04:29
  • How about: lsof -i4udp – dmourati Apr 07 '11 at 04:57
  • Hmmm, I don't see anything for dnsmasq for that. Is it weird that it seems to be listening on port 53 with TCP and not UDP? – Wilco Apr 07 '11 at 05:10
  • DNS is a bit tricky in that uses UDP and TCP with UDP being the common case and TCP used for special cases. Your clients will be sending outbound UDP to port 53 on the server. You can verify this with a "tcpdump port 53 and udp" with the appropriate -i argument on your server. – dmourati Apr 07 '11 at 05:31