Help! DNSMASQ does not answer local (on the router itself) DNS queries anymore?

vklaffehn · May 16, 2019, 5:24pm

Hi! I'm using OpenWrt 18.06.2 r7676 on my AVM FritzBox 7360 for a while now, it runs haproxy as only additional service and has EXTROOT configured on an 8GB USB stick. It was running fine but crashed today, maybe because for some reason it lost connection to my USB stick. After reboot the stick was not recognized anymore, but I could correct that by plugging the stick into the second USB port. It bootet up fine, but suddenly I have a strange problem : DNS lookups on the router itself always reach out to my ISP DNS, who, obviously, does not know my local hosts added in the config file. From a network client everything works as expected. but my haprox wont start because the host entries of the servers to server could not be resolved? Has anyone an idea where to look?

example :

root@OpenWrt:~# nslookup mailserver.wg
Server:         217.237.149.142
Address:        217.237.149.142#53

** server can't find mailserver.wg: NXDOMAIN
** server can't find mailserver.wg: NXDOMAIN

---------------------------------------------
root@OpenWrt:~# nslookup mailserver.wg 192.168.42.1
Server:         192.168.42.1
Address:        192.168.42.1#53

Name:      mailserver.wg
Address 1: 192.168.42.5
*** Can't find mailserver.wg: No answer
 -----------------------
on a windows client :nslookup mailserver.wg
Server:  OpenWrt.wg
Address:  fde2:9154:64c5::1

Name:    mailserver.wg
Address:  192.168.42.5 
------------------------

nslookup  mailserver.wg 192.168.42.1
Server:  OpenWrt.wg
Address:  192.168.42.1

Name:    mailserver.wg
Address:  192.168.42.5

my /etc/config/dhcp file :


config dnsmasq
	option domainneeded '1'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option expandhosts '1'
	option authoritative '1'
	option readethers '1'
	option leasefile '/opt/dhcp/dhcp.leases'
	option resolvfile '/opt/dhcp/resolv.conf.auto'
	option local '/wg/'
	option domain 'wg'
	list server '/wg.heim/192.168.42.2'
	list rebind_domain 'wg.heim'
	option nonwildcard '0'
	option localservice '0'

config dhcp 'lan'
	option interface 'lan'
	option limit '150'
	option dhcpv6 'server'
	option ra 'server'
	option ra_management '1'
	option start '50'
	option leasetime '24h'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/opt/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

config domain
	option name 'dc01.wg'
	option ip '192.168.42.2'

config domain
	option name 'pve0.wg'
	option ip '192.168.42.250'

config domain
	option name 'egroupware.wg'
	option ip '192.168.42.4'

config domain
	option name 'nextcloud.wg'
	option ip '192.168.42.3'

config domain
	option name 'mailserver.wg'
	option ip '192.168.42.5'

config domain
	option name 'fhemeg.wg'
	option ip '192.168.42.61'

config domain
	option name 'openproject.wg'
	option ip '192.168.42.135'

config domain
	option name 'fritz.wg'
	option ip '192.168.42.8'

config domain
	option name 'fritz.repeater'
	option ip '192.168.42.9'

config domain
	option name 'pve3.wg'
	option ip '192.168.42.7'

anon50098793 · May 16, 2019, 5:29pm

can you post

df -h
logread | grep dnsmasq
cat /proc/partitions
cat /etc/config/fstab

did you run an fsck on that disk?
did you compare the config files on the disk vs config files on the bare router? ( or was it a pure extroot? )

vklaffehn · May 16, 2019, 5:46pm

fstab seems wrong, looks like i copied it to extroot before editing
I totally forgot fsck! And it was all extroot. I got it working again by adding
option dns '192.168.42.1'
to my lan interface, but it worked before without that?

root@OpenWrt:~# df -h
Filesystem                Size      Used Available Use% Mounted on
/dev/root                 3.3M      3.3M         0 100% /rom
tmpfs                    60.6M    748.0K     59.9M   1% /tmp
/dev/sda2                 6.9G    118.0M      6.4G   2% /overlay
overlayfs:/overlay        6.9G    118.0M      6.4G   2% /
tmpfs                   512.0K         0    512.0K   0% /dev

Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: started, version 2.80 cachesize 150
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP no-DHCPv6 no-Lua TFTP no-conntrack no-ipset no-auth no-DNSSEC no-ID loop-detect inotify dumpfile
Thu May 16 19:00:28 2019 daemon.info dnsmasq-dhcp[570]: DHCP, IP range 192.168.42.50 -- 192.168.42.199, lease time 1d
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: using local addresses only for domain test
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: using local addresses only for domain onion
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: using local addresses only for domain localhost
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: using local addresses only for domain local
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: using local addresses only for domain invalid
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: using local addresses only for domain bind
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: using nameserver 192.168.42.2#53 for domain wg.heim
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: using local addresses only for domain wg
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: reading /opt/dhcp/resolv.conf.auto
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: using local addresses only for domain test
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: using local addresses only for domain onion
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: using local addresses only for domain localhost
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: using local addresses only for domain local
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: using local addresses only for domain invalid
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: using local addresses only for domain bind
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: using nameserver 192.168.42.2#53 for domain wg.heim
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: using local addresses only for domain wg
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: using nameserver 217.237.149.142#53
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: using nameserver 217.237.150.205#53
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: using nameserver 2003:180:2:4000::53#53
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: using nameserver 2003:180:2:3000::53#53
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: read /etc/hosts - 4 addresses
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: read /tmp/hosts/dhcp.cfg01411c - 12 addresses
Thu May 16 19:00:28 2019 daemon.info dnsmasq-dhcp[570]: read /etc/ethers - 0 addresses
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: read /etc/hosts - 4 addresses
Thu May 16 19:00:28 2019 daemon.info dnsmasq[570]: read /tmp/hosts/dhcp.cfg01411c - 12 addresses
Thu May 16 19:00:28 2019 daemon.info dnsmasq-dhcp[570]: read /etc/ethers - 0 addresses
Thu May 16 19:00:31 2019 daemon.info dnsmasq[570]: read /etc/hosts - 4 addresses
Thu May 16 19:00:31 2019 daemon.info dnsmasq[570]: read /tmp/hosts/dhcp.cfg01411c - 12 addresses
Thu May 16 19:00:31 2019 daemon.info dnsmasq-dhcp[570]: read /etc/ethers - 0 addresses
Thu May 16 19:05:03 2019 daemon.info dnsmasq[570]: read /etc/hosts - 4 addresses
Thu May 16 19:05:03 2019 daemon.info dnsmasq[570]: read /tmp/hosts/dhcp.cfg01411c - 12 addresses
Thu May 16 19:05:03 2019 daemon.info dnsmasq-dhcp[570]: read /etc/ethers - 0 addresses
Thu May 16 19:05:04 2019 daemon.info dnsmasq[570]: read /etc/hosts - 4 addresses
Thu May 16 19:05:04 2019 daemon.info dnsmasq[570]: read /tmp/hosts/dhcp.cfg01411c - 12 addresses
Thu May 16 19:05:04 2019 daemon.info dnsmasq-dhcp[570]: read /etc/ethers - 0 addresses
Thu May 16 19:09:18 2019 daemon.info dnsmasq[570]: read /etc/hosts - 4 addresses
Thu May 16 19:09:18 2019 daemon.info dnsmasq[570]: read /tmp/hosts/dhcp.cfg01411c - 12 addresses
Thu May 16 19:09:18 2019 daemon.info dnsmasq-dhcp[570]: read /etc/ethers - 0 addresses
Thu May 16 19:10:04 2019 daemon.info dnsmasq[570]: read /etc/hosts - 4 addresses
Thu May 16 19:10:04 2019 daemon.info dnsmasq[570]: read /tmp/hosts/dhcp.cfg01411c - 12 addresses
Thu May 16 19:10:04 2019 daemon.info dnsmasq-dhcp[570]: read /etc/ethers - 0 addresses
Thu May 16 19:19:08 2019 daemon.warn dnsmasq[570]: nameserver 217.237.149.142 refused to do a recursive query
Thu May 16 19:41:28 2019 daemon.warn dnsmasq[570]: nameserver 2003:180:2:3000::53 refused to do a recursive query

root@OpenWrt:~# cat /proc/partitions
major minor  #blocks  name

  31        0        128 mtdblock0
  31        1      15744 mtdblock1
  31        2       1708 mtdblock2
  31        3      14015 mtdblock3
  31        4      10752 mtdblock4
  31        5        256 mtdblock5
  31        6        256 mtdblock6
   8        0    7570752 sda
   8        1     131072 sda1
   8        2    7438656 sda2

root@OpenWrt:~# cat /etc/config/fstab

config global
        option anon_mount '0'
        option delay_root '5'
        option check_fs '0'
        option auto_mount '0'
        option anon_swap '1'
        option auto_swap '1'

config swap
        option device '/dev/sda1'
        option enabled '1'

anon50098793 · May 16, 2019, 6:04pm

yeah, i think it's time for a new router.... or strip some stuff out of a custom build if you have to persist with it;

/dev/root 3.3M 3.3M 0 100% /rom
( guessing "> free" is tight too )
 i think you fixed the missing overlay in fstab ( on rom )....

other than that.... as eluded too above.... config files on the "rom" and "overlay" might vary.... so you need to verify that all seems legit before proceeding at a service level. if the router runs out of resources it will interfere with overlay.....

glad to hear the dns option helped....

vklaffehn · May 16, 2019, 6:54pm

isn't /dev/root always 100% filled? I thought it's squashfs and readonly, and all modified files end up in overlay? The device has 16MB rom and without extroot i got 100% on /dev/root and about 10M free on overay? For now I'll rebuild my config on my seconf 7360 I have lying around Thanks for helping!

anon50098793 · May 16, 2019, 7:30pm

yeah... maybe not flash then, just looked it up, pretty decent!

mk24 · May 16, 2019, 8:35pm

For DNS of local names to work properly on a router that is a LAN device:

set rebind_protection to 0
remove / comment out the local "/name/" option

vklaffehn · May 16, 2019, 8:58pm

thanks, just tried that, but the router itself still asks only the DNS from my ISP. I just installed current snapshot on my second box and rebuild my config, this time without extroot, and even there the local DNS resolving does not work. Having 127.0.0.1 as DNS set on my LAN interface does work.

mk24 · May 16, 2019, 9:01pm

Yes that is how it must be set, as your local router is the only place that knows the local addresses that you configured manually.

The default configuration always resolves using the local instance of dnsmasq, which will then forward to the next server the names it does not know.

lleachii · May 16, 2019, 9:25pm

Not enough information provided.

Please provide your /etc/config/network also
What happens with nslookup from a client?