dnsmasq is not resolving local hostnames

Question

I have a local Linux server running dnsmasq for my LAN. It has been working without issues for the last several years. I keep the operating system and packages regularly updated. After yesterday's routine update, I am now getting errors from machines on the LAN when they attempt to resolve most local hostnames. I suspect I may have had a working configuration that was in some way flawed, and the update exposed my flaw; I'm not finding reports of this problem after the update, so I assume I have a mistake somewhere.

This is the error I am getting on most of the clients:

# ping myfileserver
ping: myfileserver: Name or service not known

However, if I ping the address of myfileserver, it succeeds:

# ping 192.168.1.2
PING 192.168.1.2 (192.168.1.2) 56(84) bytes of data.
64 bytes from 192.168.1.2: icmp_seq=1 ttl=64 time=0.325 ms
64 bytes from 192.168.1.2: icmp_seq=2 ttl=64 time=0.239 ms

Here is resolv.conf on the clients:

# cat /etc/resolv.conf
# Generated by NetworkManager
search mylan
nameserver 192.168.1.1

192.168.1.1 is the address of my dnsmasq server.

I may be overlooking something obvious, but drill shows that the client is getting a response from the dnsmasq server that contains the proper hostname and local IP address.

# drill myfileserver
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 40614
;; flags: qr aa rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 
;; QUESTION SECTION:
;; myfileserver.     IN      A

;; ANSWER SECTION:
myfileserver.        0       IN      A       192.168.1.2

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 0 msec
;; SERVER: 192.168.1.1
;; WHEN: Wed Oct 24 00:12:18 2018
;; MSG SIZE  rcvd: 41

On the server, systemd shows the dnsmasq process is starting and running normally:

systemctl status dnsmasq.service 
dnsmasq.service - A lightweight DHCP and caching DNS server
Loaded: loaded (/usr/lib/systemd/system/dnsmasq.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2018-10-24 00:08:13 EDT
    Docs: man:dnsmasq(8)
Process: 28230 ExecStartPre=/usr/bin/dnsmasq --test (code=exited, status=0/SUCCESS)
Main PID: 28231 (dnsmasq)
    Tasks: 1 (limit: 4915)
Memory: 1.4M
CGroup: /system.slice/dnsmasq.service
        └─28231 /usr/bin/dnsmasq -k --enable-dbus --user=dnsmasq --pid-file

Here's the log output from dnsmasq starting up on the server. There are no errors.

Oct 23 01:50:48 mydnsmasqd systemd[1]: Starting A lightweight DHCP and caching DNS server...
Oct 23 01:50:48 mydnsmasqd dnsmasq[768]: dnsmasq: syntax check OK.
Oct 23 01:50:48 mydnsmasqd systemd[1]: Started A lightweight DHCP and caching DNS server.
Oct 23 01:50:48 mydnsmasqd dnsmasq[772]: started, version 2.80 cachesize 5000
Oct 23 01:50:48 mydnsmasqd dnsmasq[772]: compile time options: IPv6 GNU-getopt DBus i18n IDN2 DHCP DHCPv6 no-Lua TFTP conntrack ipset auth DNSSEC loop-detect inotify du>
Oct 23 01:50:48 mydnsmasqd dnsmasq[772]: DBus support enabled: connected to system bus
Oct 23 01:50:48 mydnsmasqd dnsmasq-dhcp[772]: DHCP, IP range 192.168.10.100 -- 192.168.10.200, lease time 1d
Oct 23 01:50:48 mydnsmasqd dnsmasq[772]: using local addresses only for domain mylan
Oct 23 01:50:48 mydnsmasqd dnsmasq[772]: reading /etc/resolv-custom.conf
Oct 23 01:50:48 mydnsmasqd dnsmasq[772]: using local addresses only for domain mylan
Oct 23 01:50:48 mydnsmasqd dnsmasq[772]: using nameserver 8.8.8.8#53
Oct 23 01:50:48 mydnsmasqd dnsmasq[772]: using nameserver 8.8.4.4#53
Oct 23 01:50:48 mydnsmasqd dnsmasq[772]: read /etc/hosts - 72 addresses

During troubleshooting, I changed dnsmasq config, and restarted it. The log again shows no errors on starting and my various config changes had no impact on this issue. The dnsmasq configuration was not changed when this problem began. It is a relatively plain vanilla config, but during troubleshooting I simplified it to almost nothing. Here's what I have now (leaving out the interface binding part, which is clearly not relevant):

# grep -v '^#' /etc/dnsmasq.conf
resolv-file=/etc/resolv-custom.conf
dhcp-range=set:eth0,192.168.10.100, 192.168.10.200, 24h
cache-size=5000
no-negcache
conf-dir=/etc/dnsmasq.d,.bak

# cat /etc/resolv-custom.conf
search mylan
domain mylan
nameserver 8.8.8.8
nameserver 8.8.4.4

All machines are running Arch Linux, 4.18.10-arch1-1-ARCH Dnsmasq version 2.80

Answer 1

The default value for ndots changed around the time you asked this question.

The new value is 1, meaning that unless a query name contains at least one dot it's suffixed with each value of the search list in turn until a match is found.

I believe the old approach was to perform a query of the name "as is", and only if that failed were the suffixes listed in search list tried one by one.

Old situation

• myfileserver - passed to dnsmasq which found a match
• noname - passed to dnsmasq, which wouldn't match, so noname.mylan would be passed to dnsmasq for lookup; that probably would also fail to match so NXDOMAIN would be returned

New situation

• myfileserver - fewer than one dot so automatically qualified with mylan; myfileserver.mylan passed to dnsmasq, which will fail to match (as it's expecting to be asked only for myfileserver)

Either of these solutions would work:

• set ndots=0 in your /etc/resolv.conf to revert to the previous behaviour (probably not recommended)

• modify your /etc/hosts to have the mylan suffix

    192.168.1.2  myfileserver.mylan  myfileserver
  

Answer 2

Your hosts file is very populated with 72 hosts, this is likely a formatting issue in your hosts file of which DNSMasq will skip, please see the following answer from StackOverflow

Putting 123.123.123.12 container.test into a new file, e.g. /etc/dnsmasq.hosts

Pointed dnsmasq to the new file by adding addn-hosts=/etc/dnsmasq.hosts to /etc/dnsmasq.conf