Skip to main content
Topic solved
This topic has been marked as solved and requires no further attention.
Topic: [SOLVED] Dnsmasq not working as a DoH perhaps neither as a normal resolver (Read 870 times) previous topic - next topic
0 Members and 1 Guest are viewing this topic.

[SOLVED] Dnsmasq not working as a DoH perhaps neither as a normal resolver

Tried to put to work  dnsmasq but fails to do so specifically in my case resolving my dns queries as a DoH so perhaps is not working as a normal resolver either falling back to  dhcpcd. Followed arch wiki made the modifications inside /etc/dnsmasq.conf but it does nothing. I'm using dhcpcd as my network manager and modified that too in order to listen on 127.0.1. But seems that dnsmasq reads from resolv.conf as well but in my case i don't want dhcpcd to read from resolv.conf to speed up things. Also there is an option in dnsmasq.conf to make it not read from resolv.conf but still without any success. It's true that perhaps my other application (NTS secure time) listens on localhost 127.0.0.1 so could be an conflict or something. Tnx for the time for the guys that might be more network savvy and give this one a shot. Cheers  :)

Re: Dnsmasq not working as a DoH perhaps neither as a normal resolver

Reply #1
It's not very clear what you're trying  to do, but I think you've got it wrong. For one, dhcpcd is not a DNS resolver and won't "listen to 127.0.0.1" for such requests.

Re: Dnsmasq not working as a DoH perhaps neither as a normal resolver

Reply #2
check which process is listening on port 53.

Code: [Select]
$sudo netstat -peanut | grep 53

Re: Dnsmasq not working as a DoH perhaps neither as a normal resolver

Reply #3
If dhcpcd is not my resolver i don't know what is then. Inside etc/dhcpcd.conf was an option to disable writing to resolve.conf so since it doesn't use that then what it uses? Is dnsmasq using any special kernel modules or something? It's hard to make some sense of these packages (unbound/dnscrypt/stubby) as all seem to do similar things but differently so can happen conflicts even if i did not see any conflict warnings when i installed. It's possible i think perhaps  firefox uses port 53 to solve dns maybe dnsmasq uses other ports. Also i did not see any special 'knobs' to turn differently for normal dns vs DoH inside dnsmasq.conf. Another thing that puzzled me was when tried stubby it tried to pull unbound also which is weird so i ditched that option thinking dnsmasq better but seems not to be the case.

Re: Dnsmasq not working as a DoH perhaps neither as a normal resolver

Reply #4
 Command 'netstat -peanut | grep 53' returns nothing

Re: Dnsmasq not working as a DoH perhaps neither as a normal resolver

Reply #5
Quote from: Surf3r – on
Command 'netstat -peanut | grep 53' returns nothing

You gotta run the cmd line with root privilege.  If that's what you did, dnsmasq is not running (or configured to listen on another port) in your system.

Re: Dnsmasq not working as a DoH perhaps neither as a normal resolver

Reply #6
So i want to use nextdns and all they have is this to be added to dnsmasq.conf (see print screen)
Adding all those lines does nothing as well. Is anyone actively using dnsmaq. Could be more systemd depended than we know or what??




Those info you see is a temporary nextdns profile so nobody should use it. It's just an example.

Re: Dnsmasq not working as a DoH perhaps neither as a normal resolver

Reply #7
Well i removed dnsmasq for now till i can hear somebody is using it as at this point think is a failed or not maintained. But anyway that command should showed at least other things cos for sure i use port 53 to update my system.

Re: Dnsmasq not working as a DoH perhaps neither as a normal resolver

Reply #8
Code: [Select]
$ sudo netstat -peanut | grep 53
tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      0          16758      822/dnsmasq         
tcp6       0      0 :::53                   :::*                    LISTEN      0          16760      822/dnsmasq         
udp        0      0 0.0.0.0:53              0.0.0.0:*                           0          16757      822/dnsmasq         
udp6       0      0 :::53                   :::*                                0          16759      822/dnsmasq

Re: Dnsmasq not working as a DoH perhaps neither as a normal resolver

Reply #9
Ou cool tnx. So it works. Do you use it as a DoH also or just plaint text? For sure it listens things but still is a long way to declare it as working properly. Remember i saw it listens with netstat -atupln but worked slow not to speak about DoH that did not work at all

Re: Dnsmasq not working as a DoH perhaps neither as a normal resolver

Reply #10
Quote from: Surf3r – on
Ou cool tnx. So it works. Do you use it as a DoH also or just plaint text? For sure it listens things but still is a long way to declare it as working properly. Remember i saw it listens with netstat -atupln but worked slow not to speak about DoH that did not work at all

I use dnsmasq as a simple dns cacher. Not sure if DoH is supported in dnsmasq itself. You may need a wrapper like https-dns-proxy to handle https part.

Re: Dnsmasq not working as a DoH perhaps neither as a normal resolver

Reply #11
That's a good point, i thought about it maybe doesn't even support DoH, not to speak about DoQ (Quick). Think i should try DNSCrypt seems to be the best. Tnx  :)