dnsmasq forwarding - Ask Ubuntu
i trying understand how dnsmasq's forwarding works. read manual this:
"[...]dnsmasq accepts dns queries , either answers them small, local, cache or forwards them real, recursive, dns server.[...]"
so far understand if dns-request machine asks dnsmasq ip adress given domain. if dnsmasq cannot answer dnsmasq forward request "to real, recursive, dns server."
how forwarding work? tried answer question myself way of googling did not answer question.
when @ via wireshark see kind of pattern:
127.0.0.1 -> 127.0.1.1 (standard query) 192.168.1.2 -> 192.168.1.1 (standard query) 192.168.1.1 -> 192.168.1.2 (standard query response) 127.0.1.1 -> 127.0.0.1 (standard query response)
can explain going on there?
edit:
what asking how dnsmasq know answer of 192.168.1.1 is. in fact 192.168.1.1 tells 192.168.1.2 ip address. how 127.0.1.1 know ip address? how information transferred?
i expect this:
192.168.1.1 -> 127.0.1.1 or 192.168.1.2 -> 127.0.1.1
i expect there routing going on transfer information not.
wireshark works somewhere between network , transport on tcp/ip model. you're not seeing data being exchanged @ application level, why wireshark output doesn't make sense when you're trying watch dns. you're seeing packets flow , direction after application has determined occur. have watch dnsmasq information you're looking for. if add -q
script starts dnsmasq send log syslog
.
here example output able find.
jan 17 23:33:15 server001 dnsmasq[10708]: query[a] sgi.com 192.168.0.20 jan 17 23:33:15 server001 dnsmasq[10708]: forwarded sgi.com 127.0.0.2 jan 17 23:33:15 server001 dnsmasq[10708]: query[aaaa] sgi.com 192.168.0.20 jan 17 23:33:15 server001 dnsmasq[10708]: forwarded sgi.com 127.0.0.2 jan 17 23:33:15 server001 dnsmasq[10708]: dnssec-query[ds] sgi.com 127.0.0.2 jan 17 23:33:15 server001 dnsmasq[10708]: dnssec-query[ds] sgi.com 127.0.0.2 jan 17 23:33:15 server001 dnsmasq[10708]: validation result insecure jan 17 23:33:15 server001 dnsmasq[10708]: reply sgi.com 192.48.138.174 jan 17 23:33:15 server001 dnsmasq[10708]: validation result insecure jan 17 23:33:15 server001 dnsmasq[10708]: reply sgi.com nodata-ipv6
Comments
Post a Comment