© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
7020100
(Get the code!)
On 13/06/12 11:07, Thomas Hood wrote:
> OK, so the ::1 idea fails as a quick hack. The alternatives seem to be
> as follows.
>
> 1. Either we accept that nm-dnsmasq is incompatible with every standalone nameserver and enforce this in a better way;
> 2. or we force every standalone nameserver into bind-interfaces mode and move nm-dnsmasq's listen address to something other than 127.0.0.1;
> 3. or we make nm-dnsmasq listen on another port number (using the --port option) and enhance glibc to support accessing nameservers at ports other than 53.
>
> Have I forgotten any?
>
> #3 is the most attractive option but requires the most work and won't
> happen soon. In the short term the choice is between #1 and #2.
>
For completeness, there's a #4 which is to dump
bind-interfaces
except-interface=lo
into /etc/dnsmasq.d, but that won't work for other nameservers (though
something analogous would, I expect)
If you can make #2 happen without breaking things, that would seem to be
worth doing, I guess the main problem is that you need dnsmasq 2.61 or a
backport of the relevant code to 2.59.
Simon.