[Dnsmasq-discuss] Upstream CNAME records

Simon Kelley simon at thekelleys.org.uk
Wed Jan 25 20:52:10 GMT 2006

Andreas Pelme wrote:
> Hi,
> I am using Dnsmasq for my LAN, but I am having problems with some
> lookups.
> I have records in /etc/hosts on my router, for example:
>             svn.pelme.se            svn
> On the LAN, svn.pelme.se should resolv to, but outside, on
> the internet, svn.pelme.se is a CNAME for pelme.se.
> When I look up svn.pelme.se from a machine on the LAN i get this:
> andreas at solros:~$ host svn.pelme.se 
> svn.pelme.se has address
> svn.pelme.se is an alias for pelme.se.
> svn.pelme.se is an alias for pelme.se.
> pelme.se mail is handled by 30 mx3.pelme.se.
> pelme.se mail is handled by 10 mx1.pelme.se.
> pelme.se mail is handled by 20 mx2.pelme.se.
> That is not really what i want because the pelme.se /etc/hosts entry
> looks like this:
>             www.pelme.se            pelme.se
> Then it looks up pelme.se and finds out this is, so the
> result is "" and/or "". This is not what I want.
> I saw this in dnsmasq(8):
> Addresses  in  /etc/hosts  will  "shadow" different addresses for
> the same names in the upstream DNS, so "mycompany.com" in
> /etc/hosts will ennsure that queries for "mycompany.com" always return
> even if queries in the upstream DNS would otherwise return
> a different address. There is  one  exception  to  this:  if the
> upstream DNS contains a CNAME which points to a shadowed name, then
> looking up the CNAME through dnsmasq will result in the unshadowed
> address associated with the target of the CNAME. To work around this,
> add the CNAME to /etc/hosts so  that the  CNAME  is shadowed too.
> Is it possible to *not* forward requests upstream at all when a host is
> found in /etc/hosts, and *not* reply with the upstream CNAME record? It
> would help me a lot. The records should point to the same address
> outside the LAN, but not on the inside.
> I guess this is not a bug because it is documented in the man-page.
> If this really is the way things should work, is it hard to modify
> Dnsmasq to not ask upstream servers if a record is found in hosts?

Please could you repeat the test above using "dig" instead of "host"?
You host command seems to behave differently to the one on my system,
and it's not clear exactly what the query is returning. Also, what
version of dnsmasq are you running?



More information about the Dnsmasq-discuss mailing list