From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-yk0-x232.google.com (mail-yk0-x232.google.com [IPv6:2607:f8b0:4002:c07::232]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by huchra.bufferbloat.net (Postfix) with ESMTPS id 1E0FD21F3EC for ; Sun, 11 May 2014 05:14:43 -0700 (PDT) Received: by mail-yk0-f178.google.com with SMTP id 20so5082633yks.9 for ; Sun, 11 May 2014 05:14:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-type:content-transfer-encoding; bh=ulvbTSYPcJgrlhiyixjX54fgkzKE1SOJxWjslSvUO2I=; b=gxyZLzEJtFLBqmKtTocBs4xWNYk6230nVHy4n9vALvCRvGV9izd1etz+Zd87gXrB7s TIYmG2oz2Qn00E+CrbchuRrIKAS1g3jsALqEKxIc4Ucu+L+gQxmvFmHr8Jk9YnPZnDfW tmH9NcB9TvRuoTA1DWV19aHohaFHlJ1UF/jnZvqAzSBAKqt79IbGoPe5gw3KFMr3T4sU /l578nYtixI6H7O70Abq/JzPgyv2+5uDmpa2H5dRlNmTJtPx4P+Bq972aBgDtDn6uMAK WwjP+1+P6jb+vQvhNI9UiTWZQc6A1UxSgYSiR19XeRE6XaSFDm5cwUKzIW+iI+C8DtU8 Y7Wg== X-Received: by 10.236.206.137 with SMTP id l9mr31732426yho.105.1399810480328; Sun, 11 May 2014 05:14:40 -0700 (PDT) MIME-Version: 1.0 Sender: white.phoenix@gmail.com Received: by 10.170.114.208 with HTTP; Sun, 11 May 2014 05:14:10 -0700 (PDT) In-Reply-To: References: From: Aristar Date: Sun, 11 May 2014 08:14:10 -0400 X-Google-Sender-Auth: ihhfTa6nBGDBGQrnqpuCLU_Ce5s Message-ID: To: Sebastian Moeller Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Cc: cerowrt-devel Subject: Re: [Cerowrt-devel] Upgraded to 3.10.38-1, DNS issues? X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 May 2014 12:14:43 -0000 Didn't see any release notes for anything newer than 3.10.38-1 so I presumed they might be untested builds, so I didn't want to risk it on my main gateway router. I've been waiting for a stable release but the recent security vuln made 3.7.5 unviable. Looking for the most stable release possible (without security vulns) if anyone has any suggestions On Sun, May 11, 2014 at 7:54 AM, Sebastian Moeller wrote: > Hi Aristar, > > > On May 9, 2014, at 18:17 , Aristar wrote: > >> Okay I figured it out. It was DNSSEC I didn't realize it was enabled >> by default so I had to comment out the lines in /etc/dnsmasq.conf but >> I still had to manually specify a nameservers in a separate config >> under LUCI Network>DHCP and DNS>Resolv and Hosts Files>"Resolve file" >> and all is well again. > > I think Dave changed the default for 3.10.38-2 to avoid the negat= ive proof checks, and that, at least on my system, made automatic DNS confi= guration though my upstream router functional again. I had the same issues = as you with 3.10.38-1 and some earlier ones. So you might want to test the = latest cerowrt to see whether that solves the issue. (I think there was som= e discussion of how DNS recurs or work differently with DNSSEC than dnsmasq= , which operates as a forwarder.) > > Best Regards > Sebastian > >> >> Now to set up dnscrypt-proxy again which actually has a repository now >> and instructions for building from source. (Seems more reliable than >> DNSSEC anyways, though I have not read too much on DNSSEC). >> >> src/gz exopenwrt http://exopenwrt.and.in.net/ar71xx/packages >> >> https://forum.openwrt.org/viewtopic.php?id=3D36380&p=3D1 >> >> >> On Fri, May 9, 2014 at 5:34 AM, Aristar wrote: >>> Sorry if this is a dumb question but I'm not sure what's changed since >>> 3.7.5 but I can't get DNS working. my resolv.conf says 127.0.0.1, the >>> /tmp/resolv.conf.auto has valid dns servers and I can't resolve >>> anything locally on the router via ssh or on any client device. I CAN >>> get dns LOCAL only if I add a dns server to /etc/resolv.conf but >>> clients using nameserver 172.30.42.1 can't >>> >>> Any ideas? I did a fresh install/clean configs and it isn't working >>> out of the box or with any GUI or manual editing I've tried. >> _______________________________________________ >> Cerowrt-devel mailing list >> Cerowrt-devel@lists.bufferbloat.net >> https://lists.bufferbloat.net/listinfo/cerowrt-devel >