Non-localhost dnsmasq breaks DNS on Ubuntu 12.10

I recently upgraded to Linux Mint 14 “nadia”, which is based on Ubuntu 12.10. I use dnsmasq as a local DHCP server and DNS resolver for virtual machines. Installing dnsmasq on Linux Mint 14 broke host DNS resolution. The issue is easily reproducible: stop dnsmasq, DNS stops working. Start dnsmasq, and it works again.

The Solution

For the “tl;dr” crowd, here’s the solution. Add the following undocumented variable to /etc/default/dnsmasq:

DNSMASQ_EXCEPT=lo

And restart dnsmasq:

service dnsmasq restart

The Problem

Using your own dnsmasq server has been difficult since Ubuntu 12.04, because network manager runs a local dnsmasq resolver on localhost. The solution, to add bind-interfaces to dnsmasq.conf, is documented here. As of Ubuntu 12.10, this is now done by default in /etc/dnsmasq.d/network-manager.

However, Ubuntu 12.10 introduces a new problem. The /etc/init.dnsmasq script registers 127.0.0.1 as a resolver with resolvconf, which manages the DNS server list in /etc/resolv.conf. It does this regardless of the configured listening interfaces in the dnsmasq configuration. So even if you aren’t listening on localhost, it’ll tell resolvconf that it is. This wasn’t a problem before, since the dnsmasq instance started by network manager listens on 127.0.0.1. But as of Ubuntu 12.10, network manager’s dnsmasq listens on 127.0.1.1. So when then dnsmasq init script starts, it tells resolvconf that a DNS server exists on 127.0.0.1 even though it doesn’t. Then resolvconf chooses that as the best choice resolver, and poof – no DNS.

This is only a problem if you run an instance of dnsmasq which does not listen on localhost, as I describe in Using host networking and NAT with VirtualBox, v2.0.

The best solution is to add real support for updating resolvconf to dnsmasq. Barring that, someone should fix /etc/init.d/dnsmasq to be more careful about what it tells resolvconf. However, my solution works just fine. It forces /etc/init.d/dnsmasq not to inform resolvconf that it is available to answer DNS on localhost. This keeps DHCP and DNS for your virtual machines separate from DNS for the host operating system.

Tags: , , , ,

Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.