Nslookup failing

Hi,

I'm sure this is just me, and some sort of configuration issue (sorry!), but ... from a console / ssh, nslookup is failing (but ping to the same machines works). I do have WAN and LAN bridged, and no DHCP local ... but still, DNS should be sent upstream, right?

Thoughts?

Thanks!

What does "is failing" exactly mean?
What is the contents of "/etc/resolv.conf"?

Good questions ... :-). Failing means,

Server: 127.0.0.1
Address: 127.0.0.1#53

** server can't find wap-study: NXDOMAIN
** server can't find wap-study: NXDOMAIN

And /etc/resolv.conf, seems to point only at the local machine, not the upstream entry I put in the GUI (Luci)?

nameserver 127.0.0.1

Thanks!

Ok, so nslookup is asking dnsmasq on your own router, but dnsmasq cannot resolve the name. Is you do not have an explicit WAN interface, you are not getting a DNS from your ISP, so you should configure it yourself.

At "/etc/config/dhcp" you should have a couple of "list server" lines pointing to your DNSs of choice.

Yep, agreed! And I had set these before (copied below) ... that's the odd part, dnsmasq doesn't seem to be forwarding there? If it did, this would be OK.

list server '192.168.2.1'

Thanks!

This is not a fully-qualified domain name (FQDN), it should fail.

Do you mean wap-study.lan?

Yes, .lan ... but dnsmasq should add this, it's set as a local domain. At least, my other Linux boxes append the local domain.

Thanks!

Did you do this in /etc/config/dhcp

config domain
        option name 'wap-study.lan'
        option ip '192.168.xxx.xxx'

?

Close! option name is not there, but option domain is (with lan stored there). Not enough?

Thanks!

:confused:
I'm confused.

Did you create the entry above, or not?

Sorry, I may have misunderstood your comment. Here is what is in /etc/config/dhcp,

config dnsmasq
        option localise_queries '1'
        option expandhosts '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.auto'
        option nonwildcard '1'
        option domain 'lan'
        list server '192.168.2.1'
        option rebind_protection '0'
        option localservice '0'

config dhcp 'lan'
        option interface 'lan'
        option ignore '1'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'

Add the item you noted above?

Thanks!

You need to disable the rebind protection in dnsmasq to resolve local names.

2 Likes

Agreed! And it's disabled - option rebind_protection '0', above.

FYI, if I force nslookup to query the server directly, that does work.

Thanks!

OK, a bit more debugging ... and I think it is passing the requests upstream. My mistake, it fooled me a bit, because ...

  1. the local domain is not being appended, in spite of expand-hosts being set
  2. it seems like nslookup requests 2 addresses (Address 1 = IPv4, Address 2 = IPv6). No reply happens for the latter. I'd rather not even request it.

Thoughts?

Thanks!

OK, bit more digging - seems #2 is related to this,
https://bugs.openwrt.org/index.php?do=details&task_id=1067&string=nslookup&type[0]=&sev[0]=&pri[0]=&due[0]=&reported[0]=&cat[0]=&status[0]=open&percent[0]=&opened=&dev=&closed=&duedatefrom=&duedateto=&changedfrom=&changedto=&openedfrom=&openedto=&closedfrom=&closedto=

Still can't figure out the bigger one (#1) - appending the local domain ... :-(.

Thanks!

YES, you have to add what I noted above. That's why I told you.

That's how you add a an entry to OpenWrt if you want it to resolve in the manner you described. If .lan isn't your domain name, just use the correct one. Simple.


Alternatively:

ONLY If it's a zone controlled by Microsoft DNS - obviously, you have to enter in there instead.

Yep, I tried this, adding it to /etc/config/dhcp - no joy ... :-(.

Thanks!

  • Did you restart dnsmasq after adding it (or reboot)?
  • Did you clear ALL the caches?

Yes, I did - and I wasn't sure if the ip should be the local machine (i.e. wap-study), or the DNS server on the network ... so I tried both. No luck though.

Thanks!

It should have been the name of wap-study.lan - as that's what you asked for.

I really think you're making this very difficult. I hope you get it working.

In the future, please post your configs to confirm you've made the appropriate entries in your router. As this is getting quite convoluted.