On both 19.07.0 and 19.07.1 on a fresh install dnsmasq has failed to do dns lookups. Now I can cure the problem my creating
Is this a know problem, is it becuase I mention DNSSEC in the config?
N.B. Same problem with both dnsmasq and dnsmasq-full
Can you show this config???
/etc/config/dhcp I have:
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option nonegcache '0'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option nonwildcard '1'
option localservice '1'
option dnssec '0'
option dnsseccheckunsigned '0'
So I have dnssec=0 and dnsseccheckunsigned=0 so both disabled.
History: in 18:06 openwrt time frame, on desk top computers systemd set dnssec to allow-downgrade. On arm machines this gave many users problems, as DNS didn't work - due to DNSSEC issues. When looking into this (I didn't have a problem), I installed dnsmasq-full, and set on DNSSEC with the above both set to 1. When I was going to move to 19:07, I set both to zero, so assumed that DNSSEC was then disabled, so I would be OK with just dnsmasq.
Alas no, so updated to dnsmasq-full - and still the errors. Went back to my notes on 18.06, and the said create
/usr/share/dnsmasq/trust-anchors.conf. Which is now populated (in dnsmasq-full) to:
# The root DNSSEC trust anchor, valid as at 10/02/2017
# Note that this is a DS record (ie a hash of the root Zone Signing Key)
# If was downloaded from https://data.iana.org/root-anchors/root-anchors.xml
Which is what dnsmasq propulated it with ...