[Freedombox-discuss] UPDATE: Dnsmasq starts reliably on both interfaces, but...
A. F. Cano
afc54 at comcast.net
Thu Oct 21 20:12:21 BST 2021
On Sat, Oct 16, 2021 at 10:24:17PM -0700, Sunil Mohan Adapa wrote:
> On 10/16/21 10:25, A. F. Cano wrote:
> [...]
> > Ok, so this seems to have worked.
>
> Reboot a few times perhaps to ensure that fix indeed is working.
After multiple reboots after multiple updates, dnsmasq starts reliably
on both interfaces:
$ ps aux | grep dns
nobody 647 0.0 0.0 14020 3992 ? S Oct19 0:00 /usr/sbin/dnsmasq --conf-file=/dev/null --no-hosts --keep-in-foreground --bind-interfaces --except-interface=lo --clear-on-reload --strict-order --listen-address=192.168.224.27 --dhcp-range=192.168.224.36,192.168.224.254,60m --dhcp-lease-max=50 --dhcp-leasefile=/var/lib/NetworkManager/dnsmasq-enp2s0.leases --pid-file=/run/nm-dnsmasq-enp2s0.pid --conf-dir=/etc/NetworkManager/dnsmasq-shared.d
nobody 662 0.0 0.1 14020 4520 ? S Oct19 0:01 /usr/sbin/dnsmasq --conf-file=/dev/null --no-hosts --keep-in-foreground --bind-interfaces --except-interface=lo --clear-on-reload --strict-order --listen-address=192.168.200.27 --dhcp-range=192.168.200.36,192.168.200.254,60m --dhcp-lease-max=50 --dhcp-leasefile=/var/lib/NetworkManager/dnsmasq-enp3s0.leases --pid-file=/run/nm-dnsmasq-enp3s0.pid --conf-dir=/etc/NetworkManager/dnsmasq-shared.d
So now internal machines get assigned addresses from the ranges
specified. However, from the first paragraph in the dnsmasq man page:
Dnsmasq accepts DNS queries and either answers them from a small, lo‐
cal, cache or forwards them to a real, recursive, DNS server. It loads
the contents of /etc/hosts so that local hostnames which do not appear
in the global DNS can be resolved and also answers DNS queries for DHCP
configured hosts. It can also act as the authoritative DNS server for
one or more domains, allowing local names to appear in the global DNS.
It can be configured to do DNSSEC validation.
"It loads the contents of /etc/hosts so that local hostnames which do
not appear in the global DNS..."
This is exactly what I wanted. In fact I have added all my local hosts
to the FreedomBox /etc/hosts file, in the form of:
192.168.224.19 <local-machine-name>.local <local-machine-name>
but those IP numbers are ignored and local machines are assigned high
numbers (178 in the case of the machine above), even after I changed the
19 to 39, so it would be inside the range of 36-254 as specified in the
command line arguments, and rebooted. Something is not working as the
manual says it should.
> [...]
> I don't know if dnsmasq can do this but if it can, then the one that is
> spawned by Network Manager can be configured using a little trick[1] (just
> note the configuration file and write your own configuration in there).
This seems to address another issue. I only have 37 entries in
/etc/hosts, some of which are not in use at the moment.
> [...]
Also, the "no route to host" issue remains. I have to turn off the
firewall for anything to get out/in. I've noticed the problem with imap
and fetchmail, matrix/Element and Quassel. Web traffic works ok but
only because it goes through privoxy on the FreedomBox.
There is also the issue of communicating between the 2 internal
interfaces. Nothing seems to get through between them and turning off
the firewall doesn't affect this. I can't do unison syncs or ssh
between machines on the 2 sub-nets, not even ping.
>From a machine on the 192.168.200.x sub-net:
ping 192.168.224.178
PING 192.168.224.178 (192.168.224.178) 56(84) bytes of data.
>From 192.168.200.27 icmp_seq=1 Destination Port Unreachable
>From 192.168.200.27 icmp_seq=2 Destination Port Unreachable
>From 192.168.200.27 icmp_seq=3 Destination Port Unreachable
27 is the FreedomBox.
Any ideas? anyone? Thanks.
Augustine
> Links:
>
> 1) https://en.m.wikibooks.org/wiki/FreedomBox_for_Communities/Network_Configuration#Configuring_DHCP_Leases_and_Range
>
> --
> Sunil
More information about the Freedombox-discuss
mailing list