View Full Version : [ubuntu] LAN DNS requests not relayed to tun0

February 11th, 2012, 12:23 PM

I've a problem with my hotspot.
I use Chillispot as Captive Portal and Bind9 as DNS on the same server, behind a Wifi router. My WLAN is and my router is wired to my eth0 interface.

When I start Chillispot, it creates a tun0 interface ( and keep my eth0 without IP (it's normal). Chillispot gives correct IP config to my client (by DHCP):
Suffix : wifi.univ-nantes.fr
IP :
Gateway :

I restart bind9 to make it listen on new tun0 IP (
When I try a dig, all is right :

root@TutWifi:~# dig portail1.wifi.univ-nantes.fr @

; <<>> DiG 9.7.0-P1 <<>> portail1.wifi.univ-nantes.fr @
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63708
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;portail1.wifi.univ-nantes.fr. IN A

portail1.wifi.univ-nantes.fr. 604800 IN A

wifi.univ-nantes.fr. 604800 IN NS ns.wifi.univ-nantes.fr.

ns.wifi.univ-nantes.fr. 604800 IN A

;; Query time: 0 msec
;; WHEN: Sat Feb 11 11:47:47 2012
;; MSG SIZE rcvd: 95

Client can successfully ping the DNS (which is the gateway).
But when he tries to do a nslookup, he have a timeout error.

Some issues :
I config a public DNS2 in chillispot config file.
Client have my as primary and public as secondary.
When I launch Wireshark on tun0 interface, and try a nslookup on my client :
- No request at all for my (but I can see it on eth0)
- I have all requests and responses for my secondary public DNS !! (on tun0 and eth0 for sure)

- If I try to ping my, I can see it on tun0, so it seems to be DNS request not relayed.

I've found a temporary solution :
- Create a virtual interface : ifconfig eth0:0 netmask up
- Restart bind9 to listen on this new interface
- Add as primary DNS into chilli config file
And now I can see DNS requests on my tun0 interface...

I think this is not a good solution, so I will be very happy if someone can tell me which is the problem !!!

Thank you so much,

February 12th, 2012, 02:26 PM
Do you have the correct IPs specified in the "listen-on" directive in named.conf?

February 12th, 2012, 07:47 PM
Yes, my named.conf.local contains :

zone "wifi.univ-nantes.fr" {
type master;
file "/etc/bind/db.wifi.univ-nantes.fr";
zone "14.168.192.in-addr.arpa" {
type master;
notify no;
file "/etc/bind/db.14.168.192";

February 12th, 2012, 08:06 PM
I'm talking about the "listen-on" directive that is usually in the options{} section at the top of named.conf. On my DNS server it looks like this:

options {
directory "/var/named";
listen-on {;;; };
pid-file "/var/run/named/named.pid";

[other stuff]

I have two interfaces on this server besides localhost ( One is the address assigned to eth0 on the local machine; the other,, is this machine's end of an OpenVPN tunnel. All these interfaces, or the keyword "any;" (with the semicolon), must appear in the listen-on directive; BIND will ignore requests sent to any other interfaces.

February 29th, 2012, 10:28 PM

Sorry for my late answer.

Bind9 listen on ANY interfaces.
Problem isn't already solved, I must send an IP of a virtual adapter to my clients which isn't very nice.. :(