Dnsmasq and named race/bug?

Karl_K · February 26, 2017, 10:22pm

Hi !

I use a wndr3700 with Lede 17.01.
I installed bind9 (named) and make it listen on port 54 by adding listen-on port 54 { 127.0.0.1; }; to /etc/bin/named.conf.Then i set dns servers to 127.0.0.1#54 in luci/dns
This allows me to be independent of a commercial DNS provider which might censor/track.

This setup worked fine in openwrt, dnsmasq listened on port 53 and forwarded requests to named on port 54.

However, in lede there seems to be a problem with named, it occupies port 53 in addition to port 54. Then dnsmasq fails to start as port 53 is occupied leading to this:
root@LEDE-KG-Firewall:~# netstat -pntl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 843/uhttpd
tcp 0 0 0.0.0.0:4949 0.0.0.0:* LISTEN 848/xinetd
tcp 0 0 127.0.0.1:54 0.0.0.0:* LISTEN 1429/named
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 824/dropbear
tcp 0 0 :::80 :::* LISTEN 843/uhttpd
tcp 0 0 :::53 :::* LISTEN 1429/named
tcp 0 0 :::22 :::* LISTEN 824/dropbear

as you can see named occupies port 53, dnsmasq is not running.

If i stop named, start dnsmasq and then restart named it works:
root@LEDE-KG-Firewall:/etc/bind# netstat -pntl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 843/uhttpd
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 2569/dnsmasq
tcp 0 0 0.0.0.0:4949 0.0.0.0:* LISTEN 848/xinetd
tcp 0 0 127.0.0.1:54 0.0.0.0:* LISTEN 2583/named
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 824/dropbear
tcp 0 0 :::80 :::* LISTEN 843/uhttpd
tcp 0 0 :::53 :::* LISTEN 2569/dnsmasq
tcp 0 0 :::22 :::* LISTEN 824/dropbear

What i dont understand is that dnsmasq is started as S19dnsmasq and named as S50named, so dnsmasq should always be first !

Any ideas what could be wrong ? As i said before, this setup worked nicely in OpenWRT.

Thanks,
Karl

Karl_K · February 26, 2017, 10:28pm

Ok, it seems i can work around this issue by moving the named link to S99:
mv S50named S99named
and additionally changing
START=50 to START=99 in /etc/init.d/named

still very weird...

felipee07 · February 27, 2017, 12:42pm

Why did you install named at first place ? You can forward dnsmasq to google dns if you want to.

ploek · May 31, 2017, 10:10pm

I had the same problem just now, I figured out what the issue is:
named binds to port 53 by default, without you having to specify listen-on it in the config file at all.
You did add listen-on port for IPv4. However, named also speaks IPv6, so without you telling it explicitely to bind to a certain IPv6 port with listen-on-v6 port 54 { ::1; };, it will use 53 there and thus prevent dnsmasq from using that port.