If you have a Dnsmasq server that isn’t responding to all DNS queries, it’s likely your distro (or you) set the local-service
option. I assume this is to prevent servers from contributing to a DDoS attack or leaking network information; however, this setting is very restrictive and limits responses to the local subnet(s).
If you have a network with a few different subnets, you’ll need to disable this option. Please ensure your firewall is appropriately configured before proceeding.
local-service
may be specified in the /etc/dnsmasq.conf
file or as a command line parameter when the Dnsmasq is started. On Debian, the command line parameter is added when Dnsmasq is started by /etc/init.d/dnsmasq
.
The simple solution is to add
interface=*
to /etc/dnsmasq.conf
, because the interface
, except-interface
, listen-address
, and auth-server
options all cause local-service
to not have an effect.