Dnsmasq question
 

so what I'm trying to do is this.
I would like a series of url's to resolve to one address.

For example.

inst1.mysite.com
inst2.mysite.com
...
instN.mysite.com

to all resolve to the same IP address.
I accomplished this by using dnsmasq. I only want this on this workstation on my local network so I set the listen-address to 127.0.0.1

dnsmasq.conf
That works as expected. I can resolve *.mysite.com to 10.10.1.100.
I can also ping anything on the internet as in my resolv.dnsmasq file I put in my asus router's IP which handles getting the dns from IP provider and so on.

The problem is this.
When dnsmasq is up and going, the other internal computers on my workstation's subnet no longer resolve. Previously hitting 10.1.1.1 as my nameserver (in resolv.conf) they all resolved flawlessly. As a computer would come online and get it's dhcp address handed to it the router would handle all dns requests going through it for those machines.

But now I get this. In this example I first do a nslookup with dnsmasq off, then I turn it on and do a nslookup.
I'm on Fedora 28. I swear this all worked previously o Fedora 23.

My understanding is that having the 10.1.1.1 listed as an upstream dns serer that it should forward requests it doesn't know about to it, but it is not, but only for local workstations.
Things outside my local network seem to still work fine.
i.e.
My network FU needs some help here ;) So if someone can tell me what's up here I'd appreciate it.

So if you only need those hosts to resolve on your own workstation, why not just put those names/addresses into your local /etc/hosts file, and not run any sort of DNS at all?

because then I have to manage static IP's.
So first off I don't want to have static IP's unless I have to.
Secondly I can spin up vm's, be they websites, or cluster nodes that I'm noodlin with, and it's really handy to just do that and resolv the name, and to not worry about IP clashes.

It's just very odd to me that if, for example, I'm on the 10.1.1.* network on my workstation and that I can not dns resolve any other machine on 10.1.1.* with dnsmasq on, but yet I can resolve everything else. It's like dnsmasq is taking over for router and when the router is referred to for dns lookups that router only passes it upstream and doesn't do it's normal thing of resolving local machines.

not sure why, was hoping some one here might know.

Not sure exactly what you're trying to do, but resolving several urls to one IP address is usually done in the web server configuration, not by using DNS.

Not sure what I was thinking...Yes, you need to set up some kind of name to IP resolution in /etc/hosts or DNS...sorry.

Understand what you're saying, but seems to me like you're doing the same thing in either case.

You'd have to edit things in dnsmasq to reflect any changes...just like you would have to edit /etc/hosts. So you're still editing files to reflect changes that only affect one workstation. Not saving a whole lot of effort, unless multiple machines are accessing DNS on that box, which it sounds like you don't want.

You may want to try:
...in that order, to see if specifying the loopback device by name makes a difference.

So to the later part, didn't make a difference putting the interface line in.
To the former part. To an extent yes you are correct i Have to manage "some" static IP's. The difference is this.
I have an application that I'm working on, where the base url is "mysite.com" (that's not it but works for this reference).
It is a multi-tenant application, and the way the different tenants come in is by putting in their tenant in the url. i.e. "tenant1.mysite.com"
That hits the application it parses out the tenant1 to know who it is and enforce the multi-tenancy rules around that.

So. That means I have a complete variable number of tenants that can grow quite a bit. DNSmasq saves the day here for my development enviro as I can dynamically spin up sites/tenants and it just wildcard's all the *.mysite.com to the same IP.
The pain is, things like, say, my printer which is wireless and totally dynamic could change it's IP and I wouldn't resolve to it anymore. Or my nas backup. (if i had those as host entries) My kids have a few computers on this and I haven't segmented out the network really, my wife uses the home network for her work as well. My experience is static IP's should be used with caution.

So while it's pretty easy for me to manage a handful of static IP's for VM's that I run my application off of using dnsmasq.conf. It would be a pain to static out everything else, I certainly *can* go into my router and bind every last device that I care about to static IP's and segment off that range from dhcp. But that's not a good way to go.
It's just damn odd to me that dnsmasq is working flawlessly except for machines on the same subnet. There seems like there shoudl be a configuration setting to get around this or I did something wrong. I'll keep diggin. tx

Then you're right; there is something VERY odd going on, because that should have bound dnsmasq to lo (a note: did you verify that you had 'lo', and not 'lo0'?), which doesn't exist outside your system.

You could also try to totally block the DNS port 53:
..so any incoming requests on port 53 get dropped.
Understand what you mean. Try the iptables rule too.