[Dnsmasq-discuss] Upstream CNAME records

Andreas Pelme andreas at pelme.se
Wed Jan 25 20:25:14 GMT 2006


Hi,

I am using Dnsmasq for my LAN, but I am having problems with some
lookups.

I have records in /etc/hosts on my router, for example:
192.168.0.2             svn.pelme.se            svn

On the LAN, svn.pelme.se should resolv to 192.168.0.2, but outside, on
the internet, svn.pelme.se is a CNAME for pelme.se.

When I look up svn.pelme.se from a machine on the LAN i get this:
andreas at solros:~$ host svn.pelme.se
svn.pelme.se has address 192.168.0.2
svn.pelme.se is an alias for pelme.se.
svn.pelme.se is an alias for pelme.se.
pelme.se mail is handled by 30 mx3.pelme.se.
pelme.se mail is handled by 10 mx1.pelme.se.
pelme.se mail is handled by 20 mx2.pelme.se.

That is not really what i want because the pelme.se /etc/hosts entry
looks like this:
192.168.0.3             www.pelme.se            pelme.se

Then it looks up pelme.se and finds out this is 192.168.0.3, so the
result is "192.168.0.2" and/or "192.168.0.3". This is not what I want.

I saw this in dnsmasq(8):

Addresses  in  /etc/hosts  will  "shadow" different addresses for
the same names in the upstream DNS, so "mycompany.com 1.2.3.4" in
/etc/hosts will ennsure that queries for "mycompany.com" always return
1.2.3.4 even if queries in the upstream DNS would otherwise return
a different address. There is  one  exception  to  this:  if the
upstream DNS contains a CNAME which points to a shadowed name, then
looking up the CNAME through dnsmasq will result in the unshadowed
address associated with the target of the CNAME. To work around this,
add the CNAME to /etc/hosts so  that the  CNAME  is shadowed too.

Is it possible to *not* forward requests upstream at all when a host is
found in /etc/hosts, and *not* reply with the upstream CNAME record? It
would help me a lot. The records should point to the same address
outside the LAN, but not on the inside.

I guess this is not a bug because it is documented in the man-page.

If this really is the way things should work, is it hard to modify
Dnsmasq to not ask upstream servers if a record is found in hosts?

Cheers
-- 
Andreas Pelme <andreas at pelme.se>
+46(0)704773720
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20060125/a9bbd8a8/attachment.pgp


More information about the Dnsmasq-discuss mailing list