# PBM: dnsmasq doesn't resolve local domain queries [FIXED]

## VinzC

Hi.

I've installed dnsmasq on a Gentoo machine, which should serve as a DNS server for machines on the local network. Generally when I do a dig command against a domain, I get information about the domain:

```
; <<>> DiG 9.4.1-P1 <<>> google.com

;; global options:  printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62960

;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 4, ADDITIONAL: 2

;; QUESTION SECTION:

;google.com.                    IN      A

;; ANSWER SECTION:

google.com.             117     IN      A       64.233.187.99

google.com.             117     IN      A       72.14.207.99

google.com.             117     IN      A       64.233.167.99

;; AUTHORITY SECTION:

google.com.             169775  IN      NS      ns3.google.com.

google.com.             169775  IN      NS      ns2.google.com.

google.com.             169775  IN      NS      ns4.google.com.

google.com.             169775  IN      NS      ns1.google.com.

;; ADDITIONAL SECTION:

ns1.google.com.         170625  IN      A       216.239.32.10

ns2.google.com.         170625  IN      A       216.239.34.10

;; Query time: 61 msec

;; SERVER: 127.0.0.1#53(127.0.0.1)

;; WHEN: Wed Jul  2 12:10:23 2008

;; MSG SIZE  rcvd: 180
```

I get these results on my Gentoo machine with dnsmasq too. But when I want to do the same with my local domain, I get no results -- from the same machine as well as from machines on the local network, which dnsmasq is supposed to serve:

```
; <<>> DiG 9.4.1-P1 <<>> mydomain.local

;; global options:  printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62920

;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:

;mydomain.local.                  IN      A

;; Query time: 0 msec

;; SERVER: 127.0.0.1#53(127.0.0.1)

;; WHEN: Wed Jul  2 12:12:13 2008

;; MSG SIZE  rcvd: 30
```

I also get the same (absence) of response with the MX record I (hope I) have defined in dnsmasq.conf:

```
; <<>> DiG 9.4.1-P1 <<>> mydomain.local

;; global options:  printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62920

;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:

;mydomain.local.                  IN      MX

;; Query time: 0 msec

;; SERVER: 127.0.0.1#53(127.0.0.1)

;; WHEN: Wed Jul  2 12:12:13 2008

;; MSG SIZE  rcvd: 30
```

I'm especially interrested in having the MX record served correctly in my local domain. Here's dnsmasq.conf:

```
domain-needed

bogus-priv

filterwin2k

local=/mydomain.local/

listen-address=127.0.0.1,192.168.1.8

expand-hosts

domain=mydomain.local

dhcp-range=192.168.1.100,192.168.1.199,12h

dhcp-option=option:router,192.168.45.1

dhcp-option=42,0.0.0.0

dhcp-option=19,0           # option ip-forwarding off

dhcp-option=44,0.0.0.0     # set netbios-over-TCP/IP nameserver(s) aka WINS server(s)

dhcp-option=45,0.0.0.0     # netbios datagram distribution server

dhcp-option=46,8           # netbios node type

dhcp-option=47             # empty netbios scope.

mx-target=mailhost.mydomain.local

localmx

log-queries

log-dhcp
```

And here's the log trace when I query my local domain:

```
Jul  2 12:12:13 teraknor dnsmasq[18746]: query[A] mydomain.local from 127.0.0.1

Jul  2 12:12:13 teraknor dnsmasq[18746]: config mydomain.local is NXDOMAIN-IPv4

Jul  2 12:15:39 teraknor dnsmasq[18746]: query[MX] mydomain.local from 127.0.0.1

Jul  2 12:15:39 teraknor dnsmasq[18746]: config mydomain.local is NXDOMAIN
```

As a side note: I have also queried another local domain (e.g. olympe.local) with dig and I get a valid response only at the first query. Subsequent queries are empty until I restart dnsmasq:

```
; <<>> DiG 9.4.1-P1 <<>> olympe.local

;; global options:  printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6854

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:

;olympe.local.                  IN      A

;; AUTHORITY SECTION:

olympe.local.           86400   IN      SOA     athena.olympe.local. admin.olympe. 2008063098 28800 7200 864000 86400

;; Query time: 1 msec

;; SERVER: 127.0.0.1#53(127.0.0.1)

;; WHEN: Wed Jul  2 12:02:05 2008

;; MSG SIZE  rcvd: 85
```

```
; <<>> DiG 9.4.1-P1 <<>> olympe.local

;; global options:  printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23476

;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:

;olympe.local.                  IN      A

;; Query time: 0 msec

;; SERVER: 127.0.0.1#53(127.0.0.1)

;; WHEN: Wed Jul  2 12:02:08 2008

;; MSG SIZE  rcvd: 30
```

And here's the log:

```
Jul  2 12:00:15 teraknor dnsmasq[18527]: query[A] olympe.local from 127.0.0.1

Jul  2 12:00:15 teraknor dnsmasq[18527]: forwarded olympe.local to 192.168.45.1

Jul  2 12:00:15 teraknor dnsmasq[18527]: reply olympe.local is NODATA-IPv4

Jul  2 12:00:52 teraknor dnsmasq[18527]: query[A] olympe.local from 127.0.0.1

Jul  2 12:00:52 teraknor dnsmasq[18527]: cached olympe.local is NODATA-IPv4
```

Does anyone have an idea on what's going wrong?

----------

## VinzC

I finally found! Reading dnsmasq.conf once again and a couple of pages of the documentation on how dig and DNS work did help.

First of all, the following command: dig domain.name performs a query for a A record that would be called domain.name. Also dig seems to return the entire SOA record for a query against a domain name.

In my case I've had to add the following lines to make dig mydomain.local return something:

```
server=/mydomain.local/192.168.1.8

address=/mydomain.local/192.168.1.8
```

Don't know which one matters most though but it works -- note dig does *not* return any SOA record since these lines only define A records, if I've understood.

```
; <<>> DiG 9.4.1-P1 <<>> mydomain.local

;; global options:  printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20443

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:

;mydomain.local.                  IN      A

;; ANSWER SECTION:

mydomain.local.           0       IN      A       192.168.1.8

;; Query time: 0 msec

;; SERVER: 127.0.0.1#53(127.0.0.1)

;; WHEN: Wed Jul  2 13:40:51 2008

;; MSG SIZE  rcvd: 46
```

This looks to me more of a workaround than a real fix since there seems to be no support for SOA records in dnsmasq.

Next, to make dig mydomain.local MX return the appropriate mail server address, I've had to add the following line to dnsmasq.conf:

```
mx-host=mydomain.local,mailhost.mydomain.local,10
```

```
; <<>> DiG 9.4.1-P1 <<>> mydomain.local MX

;; global options:  printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53408

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; QUESTION SECTION:

;mydomain.local.                  IN      MX

;; ANSWER SECTION:

mydomain.local.           0       IN      MX      10 mailhost.mydomain.local.

;; ADDITIONAL SECTION:

mailhost.mydomain.local.  0       IN      A       192.168.1.32

;; Query time: 0 msec

;; SERVER: 127.0.0.1#53(127.0.0.1)

;; WHEN: Wed Jul  2 13:39:43 2008

;; MSG SIZE  rcvd: 83
```

My mistake was to assume dnsmasq would create all those records internally but it doesn't.

----------

