How to change NextDNS rewrite into dnsmasq address entry?

[XIII]

I'm trying to change my NextDNS rewrite (router.mydomain.com to 192.168.1.1) into a dnsmasq entry (which I believe makes more sense, since it will work locally only anyway).

This is what I added in /jffs/configs/dnsmasq.conf.add:

address=/router.mydomain.com/192.168.1.1

This is what I added in /jffs/nextdns/nextdns.conf.add (see here):

forwarder mydomain.com=192.168.1.1

Then I executed this:

nextdns restart
service restart_dnsmasq

However:

➜ nslookup router.mydomain.com
Server:    45.90.28.35
Address 1: 45.90.28.35 dns1.nextdns.io

nslookup: can't resolve 'router.mydomain.com'

What am I doing wrong? How can I fix it?

(Once fixed I also want to "rewrite" homebridge.mydomain.com to 192.168.1.123 using an extra line in nextdns.conf.add)

 

[dave14305]

Where are you running the nslookup? Router or client? Router will use WAN DNS by default, not dnsmasq. If it was from a client, then DHCP DNS must be set to NextDNS instead of router IP (or blank).

 

[XIII]

I executed nslookup on the router, but it does not work on a Raspberry Pi either...

(@pi) ➜ nslookup router.mydomain.com
Server:        192.168.1.1
Address:    192.168.1.1#53

Name:    router.mydomain.com
Address: 192.168.1.1
** server can't find router.mydomain.com: REFUSED

My router runs the NextDNS CLI and has this in the configuration file as well (with home.lan being my local network, configured in my router):

forwarder home.lan=192.168.1.1

A lookup (on the Pi) does work for other entries defined by dnsmasq:

(@pi) ➜ nslookup homey
Server:        192.168.1.1
Address:    192.168.1.1#53

Name:    homey.home.lan
Address: 192.168.1.121

(@pi) ➜ nslookup homey.home.lan
Server:        192.168.1.1
Address:    192.168.1.1#53

Name:    homey.home.lan
Address: 192.168.1.121

PS: a lookup of the Pi, on the router, seems to work:

(@router) ➜ nslookup pi
Server:    45.90.28.35
Address 1: 45.90.28.35 dns1.nextdns.io

Name:      pi-hb
Address 1: 192.168.1.122 pi.home.lan

 

[dave14305]

What firmware version? dnsmasq 2.86 has been problematic due to the rewrite of the server and address handling. There have been quite a few unreleased bug fixes to-date.

If your address statement works in dnsmasq, then nextdns should never see the query. If it doesn’t work and it forwards upstream to nextdns, you might get in a forwarding loop.

 

[XIII]

Asuswrt-Merlin 386.4 (final), with dnsmasq version 2.86...

 

[XIII]

I see this in the hosts file:

192.168.1.1 router.asus.com

I also expected this:

192.168.1.1 router.mydomain.com

However, that's not there.

Is my expectation wrong?

EDIT: If I add that line manually, the nslookup works. I thought the dnsmasq.conf.add should take care of this?

 

[dave14305]

I see this in the hosts file:

192.168.1.1 router.asus.com

I also expected this:

192.168.1.1 router.mydomain.com

However, that's not there.

Is my expectation wrong?

EDIT: If I add that line manually, the nslookup works. I thought the dnsmasq.conf.add should take care of this?

dnsmasq.conf.add adds lines to dnsmasq.conf. hosts.add would append hosts entries to hosts.

 

[Zastoff]

Tried it without the NextDNS client?

 

[XIII]

Tried it without the NextDNS client?

No, and I can't experiment right now.

But I will try Dave's suggestion later tonight.

 

[dave14305]

Just to add another data point, on dnsmasq 2.85 on my OpenWrt router, if I add address=/router.mydomain.com/192.168.1.1 to the dnsmasq configuration, it resolves just fine from a client. So I’m still suspicious that 2.86 has broken something.

But the hosts file method should work instead.

 

[ColinTaylor]

Just to add another data point, on dnsmasq 2.85 on my OpenWrt router, if I add address=/router.mydomain.com/192.168.1.1 to the dnsmasq configuration, it resolves just fine from a client. So I’m still suspicious that 2.86 has broken something.

Just tested that on my router and it works fine.

 

[dave14305]

Just tested that on my router and it works fine.

That would leave us with user error, or a NextDNS issue?

 

[XIII]

I tried the hosts.add file instead and that works for me (even without the forwarder line in the NextDNS config file).

If I find some spare time I might test the dnsmasq.conf.add solution again, but if it’s a user error I might never find out the root cause…

 

[dave14305]

I tried the hosts.add file instead and that works for me (even without the forwarder line in the NextDNS config file).

If I find some spare time I might test the dnsmasq.conf.add solution again, but if it’s a user error I might never find out the root cause…

Is there anything else in dnsmasq.conf.add related to mydomain.com? Anything that could conflict?

 

[XIII]

This is the only line in /jffs/configs/dnsmasq.conf.add before I started experimenting:

dhcp-option=lan,42,192.168.1.1 # ntpMerlin

 

[XIII]

I tried dnsmasq.conf.add instead of hosts.add again and now it works (on clients only), so I guess it was a user error earlier today after all...

The difference I observed so far is that via dnsmasq.conf.add the mapping only works on clients, but via hosts.add the mapping works for clients and the router itself.

Besides that, is there any reason I should prefer one approach above the other?