Hello everyone,
i successfully installed the dnsmasq-full package.
This is my configuration:
config dnsmasq
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option nonegcache '0'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option nonwildcard '1'
option localservice '1'
option serversfile '/tmp/adb_list.overall'
option dnssec '0'
option dnsseccheckunsigned '0'
After enabling DNSSEC by option dnssec '1'
dns requests fail.
Here an example output of dig:
dig google.com
;; Truncated, retrying in TCP mode.
; <<>> DiG 9.10.3-P4-Ubuntu <<>> posteo.de
;; global options: +cmd
;; connection timed out; no servers could be reached
I guess the reason for this behavior is connected to the responded packet size
Thu Feb 21 22:26:47 2019 daemon.warn dnsmasq[21088]: reducing DNS packet size for nameserver 192.168.178.1 to 1280
Thank you very much for your help and ideas