bang

If you’ve ever set up DNS forwarding on a Ubiquiti EdgeRouter and have your own internal authoritative DNS servers, then you may have noticed that it doesn’t quite work right. If you look up the hostname of your router via the EdgeRouter, you’ll always get back an address of 127.0.1.1.

WTF?!

The Problem

EdgeOS makes use of dnsmasq for its DNS server needs. For the most part this works well and is very flexible. It allows you to set up a cached DNS forwarder and do all sorts of nifty DNS routing. Unfortunately, the default options are a little wonky.

By default, dnsmasq will read /etc/hosts and use what it finds there to answer DNS queries. While this may be good for some scenarios, it’s terrible in others. For example, the edgerouter adds default hosts entries for the router itself, that look like this:

Due to the dnsmasq options, it picks these up and will always answer queries for the router’s hostname with an unreachable loopback IP address.

Because there’s no place like 127.0.1.1…

The Fix

Dealing with this is thankfully simple. Just turn one option on, and you’re set:

This sets the –no-hosts option on dnsmasq, which prevents it from reading /etc/hosts at all. Now your DNS forwarder will completely ignore anything it finds in there and simply forward the request to your configured DNS servers. It’s also worth noting that the DHCP/DNS integration works through a different mechanism, so that will still work just fine if you choose to use it.

The other suggestions I’ve seen involve setting interface parameters to force a static DNS mapping, but this has the advantage of forwarding the DNS request to your actual nameservers.

Hopefully this will help someone out there. It’s been annoying me for a few days now as I set up my folks’ network…

TUN/TAP Demystified

May 21, 2016

Have you ever wondered what the Linux TUN/TAP driver is for? Wonder no more! After spending most of last weekend tweaking the NuttX Simulator network support, I now have a pretty good idea of what TUN/TAP is, what it’s useful for, and how it works.

Might as well pass it on, right?

It’s been a busy week. I lost many hours to the American Idol finale. Had to keep up on The Voice, of course. Then add in the massive (and very painful) project we’re in the middle of at the ever-dreaded job… The little time remaining was devoted to “final” tweaks to my internal network, and a major rework of my Amazon VPC in the hope of making my Amazon budget go a bit further.

It’s with the latter task that this story starts.