Forum » Omrežja in internet » Dnsmasq problem
Dnsmasq problem
poweroff ::
Na OrangePi Zero postavljam wifi access point. Gor teče Armbian Bionic.
wlan0 vmesnik ima fiksni IP: 172.16.0.1.
Postavil sem hostap, dela super, se povežem na omrežje, dobim IP naslov in lahko pingam 172.16.0.1.
Ne dela pa DNS resolving. Lahko pa recimo pingam 8.8.8.8. Za DNS uporabljam dnsmasq.
Tole je konfiguracija:
cat /etc/dnsmasq.conf
Tole je vsebina v configu omenjenih datotek:
cat /etc/dnsmasq/resolv.conf
cat /etc/dnsmasq/hosts.conf
Kakšna ideja kje je težava? Iz same OrangePi Zero naprave lahko normalno pingam katerikoli FQDN... Dnsmasq pa sicer čisto lepo teče:
sudo service dnsmasq status
wlan0 vmesnik ima fiksni IP: 172.16.0.1.
Postavil sem hostap, dela super, se povežem na omrežje, dobim IP naslov in lahko pingam 172.16.0.1.
Ne dela pa DNS resolving. Lahko pa recimo pingam 8.8.8.8. Za DNS uporabljam dnsmasq.
Tole je konfiguracija:
cat /etc/dnsmasq.conf
port=53 domain-needed bogus-priv resolv-file=/etc/dnsmasq/resolv.conf interface=wlan0 listen-address=172.16.0.1 bind-interfaces addn-hosts=/etc/dnsmasq/hosts.conf dhcp-range=172.16.0.50,172.16.0.150,12h dhcp-leasefile=/var/lib/misc/dnsmasq.leases
Tole je vsebina v configu omenjenih datotek:
cat /etc/dnsmasq/resolv.conf
nameserver 127.0.0.1 nameserver 8.8.8.8 nameserver 8.8.4.4
cat /etc/dnsmasq/hosts.conf
172.16.0.1 orangepi.wifi 172.16.0.1 www.orangepi.wifi
Kakšna ideja kje je težava? Iz same OrangePi Zero naprave lahko normalno pingam katerikoli FQDN... Dnsmasq pa sicer čisto lepo teče:
sudo service dnsmasq status
● dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server Loaded: loaded (/lib/systemd/system/dnsmasq.service; enabled; vendor preset: enabled) Active: active (running) since Wed 2019-03-06 20:44:16 UTC; 6min ago Process: 1775 ExecStop=/etc/init.d/dnsmasq systemd-stop-resolvconf (code=exited, status=0/SUCCESS) Process: 1809 ExecStartPost=/etc/init.d/dnsmasq systemd-start-resolvconf (code=exited, status=0/SUCCESS) Process: 1804 ExecStart=/etc/init.d/dnsmasq systemd-exec (code=exited, status=0/SUCCESS) Process: 1803 ExecStartPre=/usr/sbin/dnsmasq --test (code=exited, status=0/SUCCESS) Main PID: 1808 (dnsmasq) Tasks: 14 (limit: 855) CGroup: /system.slice/dnsmasq.service ├─1808 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -r /run/dnsmasq/resolv.conf -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service ├─1902 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -r /run/dnsmasq/resolv.conf -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service ├─1903 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -r /run/dnsmasq/resolv.conf -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service ├─1904 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -r /run/dnsmasq/resolv.conf -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service ├─1905 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -r /run/dnsmasq/resolv.conf -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service ├─1906 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -r /run/dnsmasq/resolv.conf -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service ├─1907 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -r /run/dnsmasq/resolv.conf -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service ├─1908 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -r /run/dnsmasq/resolv.conf -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service ├─1909 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -r /run/dnsmasq/resolv.conf -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service ├─1910 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -r /run/dnsmasq/resolv.conf -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service ├─1911 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -r /run/dnsmasq/resolv.conf -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service ├─1912 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -r /run/dnsmasq/resolv.conf -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service ├─1913 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -r /run/dnsmasq/resolv.conf -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service └─1914 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -r /run/dnsmasq/resolv.conf -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service Mar 06 20:44:14 orangepizero dnsmasq[1808]: read /etc/dnsmasq/hosts.conf - 2 addresses Mar 06 20:44:15 orangepizero dnsmasq[1808]: reading /run/dnsmasq/resolv.conf Mar 06 20:44:15 orangepizero dnsmasq[1808]: using nameserver 8.8.8.8#53 Mar 06 20:44:15 orangepizero dnsmasq[1808]: using nameserver 127.0.0.53#53 Mar 06 20:44:15 orangepizero dnsmasq[1809]: /etc/resolvconf/update.d/libc: Warning: /etc/resolv.conf is not a symbolic link to /run/resolvconf/resolv.conf Mar 06 20:44:16 orangepizero systemd[1]: Started dnsmasq - A lightweight DHCP and caching DNS server. Mar 06 20:44:44 orangepizero dnsmasq-dhcp[1808]: DHCPREQUEST(wlan0) 172.16.0.110 XXXXXXxxxxx Mar 06 20:44:44 orangepizero dnsmasq-dhcp[1808]: DHCPACK(wlan0) 172.16.0.110 XXXXXXxxxxx XxXx Mar 06 20:48:24 orangepizero dnsmasq-dhcp[1808]: DHCPREQUEST(wlan0) 172.16.0.74 XXXXXXxxxxx Mar 06 20:48:24 orangepizero dnsmasq-dhcp[1808]: DHCPACK(wlan0) 172.16.0.74 XXXXXXxxxxx XxXx
sudo poweroff
poweroff ::
Še tole, ko se povežem gor, ping orangepi.wifi ne vrne rezultatov... Oz., ping: orangepi.wifi: Ime ali storitev ni poznana
nmap 172.16.0.1
pa pravi takole:
nmap 172.16.0.1
pa pravi takole:
Starting Nmap 7.60 ( https://nmap.org ) at 2019-03-06 22:01 CET Nmap scan report for <strong>orangepi.wifi</strong> (172.16.0.1) Host is up (0.015s latency). Not shown: 998 closed ports PORT STATE SERVICE 22/tcp open ssh 53/tcp open domain Nmap done: 1 IP address (1 host up) scanned in 5.16 seconds
sudo poweroff
BlaY0 ::
V /etc/dnsmasq.conf daš:
...v /etc/dnsmasq/resolv.conf pa samo:
...in si zmagal.
domain=orangepi.wifi no-resolve server 8.8.8.8 server 8.8.4.4 local=/orangepi.wifi/
...v /etc/dnsmasq/resolv.conf pa samo:
nameserver 127.0.0.1
...in si zmagal.
Zgodovina sprememb…
- spremenilo: BlaY0 ()
poweroff ::
Niti ne...
Če ne dam:
Se Dnsmasq ne zažene:
sudo service dnsmasq status
Če ne dam:
interface=wlan0 listen-address=172.16.0.1 bind-interfaces
Se Dnsmasq ne zažene:
sudo service dnsmasq status
? dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server Loaded: loaded (/lib/systemd/system/dnsmasq.service; enabled; vendor preset: enabled) Active: failed (Result: exit-code) since Wed 2019-03-06 22:37:30 UTC; 2s ago Process: 1695 ExecStop=/etc/init.d/dnsmasq systemd-stop-resolvconf (code=exited, status=0/SUCCESS) Process: 1622 ExecStartPost=/etc/init.d/dnsmasq systemd-start-resolvconf (code=exited, status=0/SUCCESS) Process: 1776 ExecStart=/etc/init.d/dnsmasq systemd-exec (code=exited, status=2) Process: 1775 ExecStartPre=/usr/sbin/dnsmasq --test (code=exited, status=0/SUCCESS) Main PID: 1621 (code=exited, status=0/SUCCESS) Mar 06 22:37:30 orangepizero systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server... Mar 06 22:37:30 orangepizero dnsmasq[1775]: dnsmasq: syntax check OK. Mar 06 22:37:30 orangepizero dnsmasq[1776]: dnsmasq: failed to create listening socket for port 53: Address already in use Mar 06 22:37:30 orangepizero dnsmasq[1776]: failed to create listening socket for port 53: Address already in use Mar 06 22:37:30 orangepizero dnsmasq[1776]: FAILED to start up Mar 06 22:37:30 orangepizero systemd[1]: dnsmasq.service: Control process exited, code=exited status=2 Mar 06 22:37:30 orangepizero systemd[1]: dnsmasq.service: Failed with result 'exit-code'. Mar 06 22:37:30 orangepizero systemd[1]: Failed to start dnsmasq - A lightweight DHCP and caching DNS server.
sudo poweroff
BlaY0 ::
Pardon, dodaš, ne daš. Sem mislil da bo to samoumevno pa zgleda ni
Kje imaš pa bridge v katerem je wlan in eth interface? AP brez bridgea bo bolj švoh uporaben...
Kje imaš pa bridge v katerem je wlan in eth interface? AP brez bridgea bo bolj švoh uporaben...
poweroff ::
Ja, sem tudi dodal, pa sicer service dela, ne pushne pa DNS serverjev.
Drugace imam posredovanje prometa reseno z iptables... kot receno na klientu ping na 8.8.8.8 dela, ping na www.google.com pa ne.
Drugace imam posredovanje prometa reseno z iptables... kot receno na klientu ping na 8.8.8.8 dela, ping na www.google.com pa ne.
sudo poweroff
Zgodovina sprememb…
- spremenilo: poweroff ()
poweroff ::
Se pravi takole:
in:
sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
in:
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE sudo iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT sudo iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT
sudo poweroff
poweroff ::
Torej, trenutni /etc/dnsmasq.conf:
Vse skupaj sicer zaženem takole (kot root):
# Configuration file for dnsmasq. port=53 domain-needed bogus-priv resolv-file=/etc/dnsmasq/resolv.conf no-resolv server=8.8.8.8 server=8.8.4.4 interface=wlan0 listen-address=172.16.0.1 bind-interfaces addn-hosts=/etc/dnsmasq/hosts.conf dhcp-range=172.16.0.50,172.16.0.150,12h dhcp-leasefile=/var/lib/misc/dnsmasq.leases domain=orangepi.wifi local=/orangepi.wifi/
Vse skupaj sicer zaženem takole (kot root):
nmcli radio wifi off rfkill unblock wlan ifconfig wlan0 172.16.0.1 netmask 255.255.255.0 broadcast 172.16.0.255 service dnsmasq restart /usr/sbin/hostapd /etc/hostapd/hostapd.conf
sudo poweroff
BlaY0 ::
A:
dig @172.16.0.1 -x 8.8.8.8...vrne kaj? Kaj pa vrne:
nmap --script broadcast-dhcp-discover
Zgodovina sprememb…
- spremenilo: BlaY0 ()
poweroff ::
Oboje sem pognal pri sebi (ko sem bil povezan na Wifi), ter Na OrangePi. V obeh primerih je isto:
Enako v obeh primerih:
dig @172.16.0.1 -x 8.8.8.8
; <<>> DiG 9.11.3-1ubuntu1.5-Ubuntu <<>> @172.16.0.1 -x 8.8.8.8 ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53355 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;8.8.8.8.in-addr.arpa. IN PTR ;; ANSWER SECTION: 8.8.8.8.in-addr.arpa. 20689 IN PTR google-public-dns-a.google.com. ;; Query time: 60 msec ;; SERVER: 172.16.0.1#53(172.16.0.1) ;; WHEN: Fri Mar 08 22:07:24 UTC 2019 ;; MSG SIZE rcvd: 93
Enako v obeh primerih:
sudo nmap --script broadcast-dhcp-discover
Starting Nmap 7.60 ( https://nmap.org ) at 2019-03-08 22:09 UTC WARNING: No targets were specified, so 0 hosts scanned. Nmap done: 0 IP addresses (0 hosts up) scanned in 12.31 seconds
sudo poweroff
poweroff ::
Če kaj pomaga tole... ko na OPi zaženem OpenVPN (ki nastavi default route, itd.), mi le-ta javi tole:
Očitno je torej nekaj čudnega tudi z resolvconf...
/etc/resolvconf/update.d/libc: Warning: /etc/resolv.conf is not a symbolic link to /run/resolvconf/resolv.conf
Očitno je torej nekaj čudnega tudi z resolvconf...
sudo poweroff
BlaY0 ::
Sej ti OK resolva.
OK, nmpa ti ne izpiše dhcpoferja... poglej v /etc/resolv.conf (na WiFi klientu) če ti kaj nastavi... če je notri samo 127.0.0.1 potem poglej kam ti dhclient zapiše lease file in vanj poglej kaj ti dnsmasq servira za domain-name-servers. Če ni 172.16.0.1, potem ga forcaj tako da v dnsmasq.conf dodaš:
OK, nmpa ti ne izpiše dhcpoferja... poglej v /etc/resolv.conf (na WiFi klientu) če ti kaj nastavi... če je notri samo 127.0.0.1 potem poglej kam ti dhclient zapiše lease file in vanj poglej kaj ti dnsmasq servira za domain-name-servers. Če ni 172.16.0.1, potem ga forcaj tako da v dnsmasq.conf dodaš:
dhcp-option=6,172,16,0,1
Zgodovina sprememb…
- spremenilo: BlaY0 ()
poweroff ::
Hmm, očitno mi nastavi (v Foobuntu ima sedaj kontrolo nad resolv.conf NetworkManager):
In v bistvu zdaj dela... mogoče tudi zato, ker sem še enkrat eksplicitno rekel:
oz:
cat /run/systemd/resolve/resolv.conf
nameserver 172.16.0.1 nameserver 8.8.8.8 search orangepi.wifi
In v bistvu zdaj dela... mogoče tudi zato, ker sem še enkrat eksplicitno rekel:
nano /etc/NetworkManager/NetworkManager.conf
[main] plugins=ifupdown,keyfile [ifupdown] managed=false [keyfile] unmanaged-devices=mac:aa:aa:bb:bb:ab:ba
oz:
[keyfile] unmanaged-devices=interface-name:wlan0
sudo poweroff
BlaY0 ::
Kolikor vem, če je NetworkManager managed, potem ti za DNS resolving skrbi lokalni dnsmasq in imaš posledično v resolv.conf datoteki samo 127.0.0.1, zato sem ti pa napisal da poglej v DHCP lease file če hočeš videti kakšen dhcpoffer dobiš.
Vredno ogleda ...
Tema | Ogledi | Zadnje sporočilo | |
---|---|---|---|
Tema | Ogledi | Zadnje sporočilo | |
» | [Alternatvni Firmware za router] Vprašanja in težaveOddelek: Operacijski sistemi | 1567 (837) | BivšiUser2 |
» | dnsmasq problemOddelek: Omrežja in internet | 1884 (1624) | poweroff |
» | Orodje za analizo PCAP datotekOddelek: Omrežja in internet | 1126 (1063) | poweroff |
» | DHCP serverOddelek: Omrežja in internet | 1485 (1295) | aleksander10 |
» | osnove routingaOddelek: Omrežja in internet | 1271 (1035) | bjelakrez |