Comment 67 for bug 959037

With the latest dnsmasq code the two dnsmasq instances appear to work correctly in all combinations. I just tested as follows.

* With both dnsmasqs running, nm-dnsmasq forwards to the upstream nameservers and listens on 127.0.0.2; standalone dnsmasq forwards to 127.0.0.2 and listens on 127.0.0.1; the resolver consults 127.0.0.1. (That is, /etc/resolv.conf contains "nameserver 127.0.0.1".)
* Stop standalone dnsmasq (/etc/init.d/dnsmasq stop) and the resolver consults 127.0.0.2.
* Comment out "dns=dnsmasq" and restart network-manager. With neither dnsmasq running the resolver consults the upstream nameservers.
* Start standalone dnsmasq (/etc/init.d/dnsmasq start). It forwards to upstream nameservers and listens on 127.0.0.1. The resolver consults 127.0.0.1.

In all cases name resolving works fine.

Summary of what was required:

* Get the latest dnsmasq from Simon's git repo.
* Patch two lines in n-m: (1) listen on 127.0.0.2 instead of 127.0.0.1 and (2) register 127.0.0.2 instead of 127.0.0.1 with resolvconf.
* Do something to cause standalone dnsmasq to be started with the bind-interfaces option.

The latter "something" could be to include a /etc/dnsmasq.d/ file in the network-manager package, but this is less than ideal because the file will continue to exist even if the admin comments out "dns=dnsmasq" in /etc/NetworkManager/NetworkManager.conf. I wonder if it would be a good idea to hack standalone dnsmasq's initscript so that it adds the bind-interfaces option if "dns=dnsmasq" is present in NetworkManager.conf. Or something like that --- something such that the admin only has to change one thing to switch between

    standalone dnsmasq in unbound mode

and

    standalone dnsmasq in bind-interfaces mode and nm-dnsmasq