From owner-freebsd-questions@FreeBSD.ORG Mon Mar 16 22:06:57 2015 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 58396A21 for ; Mon, 16 Mar 2015 22:06:57 +0000 (UTC) Received: from webmail.dweimer.net (24-240-198-187.static.stls.mo.charter.com [24.240.198.187]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 09973E43 for ; Mon, 16 Mar 2015 22:06:56 +0000 (UTC) Received: from www.dweimer.net (webmail [192.168.5.2]) by webmail.dweimer.net (8.14.9/8.14.9) with ESMTP id t2GLnh3T069151 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for ; Mon, 16 Mar 2015 16:49:43 -0500 (CDT) (envelope-from dweimer@dweimer.net) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Mon, 16 Mar 2015 16:49:43 -0500 From: dweimer To: FreeBSD Questions Subject: Problems getting result from DNSMASQ service Organization: dweimer.net Reply-To: dweimer@dweimer.net Mail-Reply-To: dweimer@dweimer.net Message-ID: X-Sender: dweimer@dweimer.net User-Agent: Roundcube Webmail/1.1.0 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Mar 2015 22:06:57 -0000 I am trying to setup DNSMASQ to use as a resolver for NGINX so that I can return a a result form the local hosts file for a reverse proxy resolution. I installed DNSMASQ from ports and configured it, it appears to be running correctly, but the client just times out. If I run it in foreground and watch it, DNSMASQ receives the query, forwards it to upstream server and sends reply. # dnsmasq -d -q dnsmasq: started, version 2.72 cachesize 150 dnsmasq: compile time options: IPv6 GNU-getopt no-DBus i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth DNSSEC loop-detect dnsmasq: reading /etc/resolv.conf dnsmasq: ignoring nameserver 10.50.20.6 - local interface dnsmasq: using nameserver 10.50.20.5#53 dnsmasq: using nameserver 10.50.20.4#53 dnsmasq: read /etc/hosts - 3 addresses dnsmasq: query[A] www.yahoo.com from 10.50.20.4 dnsmasq: forwarded www.yahoo.com to 10.50.20.5 dnsmasq: forwarded www.yahoo.com to 10.50.20.4 dnsmasq: reply www.yahoo.com is dnsmasq: reply fd-fp3.wg1.b.yahoo.com is 98.139.180.149 dnsmasq: reply fd-fp3.wg1.b.yahoo.com is 98.139.183.24 dnsmasq: query[A] www.yahoo.com from 10.50.20.4 dnsmasq: cached www.yahoo.com is dnsmasq: cached fd-fp3.wg1.b.yahoo.com is 98.139.183.24 dnsmasq: cached fd-fp3.wg1.b.yahoo.com is 98.139.180.149 dnsmasq: query[A] www.yahoo.com from 10.50.20.4 dnsmasq: cached www.yahoo.com is dnsmasq: cached fd-fp3.wg1.b.yahoo.com is 98.139.180.149 dnsmasq: cached fd-fp3.wg1.b.yahoo.com is 98.139.183.24 The client doesn't get it though. # nslookup > server 10.50.20.6 Default server: 10.50.20.6 Address: 10.50.20.6#53 > www.yahoo.com ;; connection timed out; no servers could be reached Does anyone have any Ideas what I am missing, I tried searching online but I can't seem to find anyone else that has had this problem. I don't have any firewall between the devices, I get the same result running the query from the same machine as DNSMASQ service. I am running the service in a jail though, maybe that is having some sort of impact on the results? -- Thanks, Dean E. Weimer http://www.dweimer.net/