[Dnsmasq-discuss] Re: resolver options
Simon Kelley
simon at thekelleys.org.uk
Wed Feb 7 07:45:03 GMT 2007
AJ Weber wrote:
> But, technically, isn't dnsmasq the "client" to the upstream DNS
> servers? Don't YOU have control over how long you wait for a reply?
> Couldn't we have a config-param, similar to how I envisioned this resolv
> option would work, where if dnsmasq has multiple upstream nameserver's,
> we could specify the timeout for a reply in ms or seconds? This isn't
> for a "no such domain", this is for a no-reply (host is down or DNS is
> not responding on that host, etc.).
That could be done, but it won't make the client which originated the
DNS query time out any faster, for the reason a gave before. It would
also be a large change to dnsmasq: currently dnsmasq can't retry a query
after a timeout, because it doesn't have a copy of the query. This means
that dnsmasq's memory requirements are small and bounded: it recieves a
query, forwards it upstream, and saves just enough information to
process the reply. The memory holding the query is then free for re-use.
Dnsmasq relies on the client retrying and sending another copy of the
query for retries. This is a great advantage on small routers which are
short of memory.
>
> If you did that, we could even have an option to send the request to all
> (or some fraction) upstream servers in parallel and just take the first
> reply. I don't know if they'd call us a bad Inet citizen if we did
> that, though. But, hey, we're making-up for it by caching the reply,
> right? ;)
Actually it does this already. At startup, it sends the query in
parallel to all servers, "running a race" to see which is fastest.
Whichever server replies first becomes "it" and gets queries from then
on. If any query times out and is retried, the race gets re-run to
select a new prefered server. This seems to work pretty well in practise.
Cheers,
Simon.
>
> -AJ
>
>
> ----- Original Message -----
> *From:* Simon Kelley <mailto:simon at thekelleys.org.uk>
> *To:* AJ Weber <mailto:aweber at comcast.net>
> *Cc:* dnsmasq-discuss at lists.thekelleys.org.uk
> <mailto:dnsmasq-discuss at lists.thekelleys.org.uk>
> *Sent:* Tuesday, February 06, 2007 4:34 PM
> *Subject:* Re: resolver options
>
> AJ Weber wrote:
> >
> > Thank you for your quick reply...
> >
> > RE: "options in the custom resolver file", should we have the
> ability to
> > propagate some of these options? For example, timeout, attempts and
> > rotate? I think they could be useful in certain situations (like my
> > own...I don't want to have to update all my clients resolv
> interaction
> > -- or can this be set with a dhcp option of sorts?).
>
> It's not really possible: don't forget that all this is happening via
> UDP: a client sends a request which is a UDP packet, and gets back an
> answer (another UDP packet) or times out. If, for instance, the client
> timeout is 10 seconds, and the dnsmasq one 5, dnsmasq has no way to
> tell
> the client to give up after 5 seconds except by returning "no such
> domain", which is a lie and could cause all sort of problems if the
> client really believes it. Really the only way is to adjust the timeout
> at the client end.
>
> "rotate" is normally irrelevant when the client only has one nameserver
> - dnsmasq, and "attempts" should be at least 2 (the default). dnsmasq
> has quite complex methods for chosing between multiple upstream servers
> which somewhat depend on clients retrying at least once.
>
> >
> > RE: The existing leases...I knew the leases were cached in a
> file, but I
> > didn't know that when dnsmasq starts it actually reads the file and
> > leverages that information. Is that documented somewhere?
> >
> I think it's just assumed that that's the function of that file - a
> persistent lease database which survives dnsmasq restarts and reboots.
>
> As an aside, things work pretty well even without the persistent
> database. If the ratio of available addresses to clients is reasonably
> high then clients will always get given the same address anyway. The
> main problem is that the client name disappears from DNS after a
> restart
> until the client renews its lease.
>
> > I've said it before, and I'll say it again: This is a fantastic
> piece
> > of software!
> *blush*
>
> >
> > Thanks again,
> > AJ
> >
> Cheers,
>
> Simon.
>
> >
> > ----- Original Message -----
> > *From:* Simon Kelley <mailto:simon at thekelleys.org.uk>
> > *To:* AJ Weber <mailto:aweber at comcast.net>
> > *Cc:* dnsmasq-discuss at lists.thekelleys.org.uk
> <mailto:dnsmasq-discuss at lists.thekelleys.org.uk>
> > <mailto:dnsmasq-discuss at lists.thekelleys.org.uk>
> > *Sent:* Tuesday, February 06, 2007 12:42 PM
> > *Subject:* Re: resolver options
> >
> > AJ Weber wrote:
> > >
> > > If I use a "different" resolv.conf file (i.e. I use a
> > > resolv-file=/etc/resolv.dnsmasq), will an "option" have
> the same
> > effect
> > > it normally would?
> > >
> > > For example, I'm considering changing timeout to 2
> (instead of the
> > > default of 5), because I've had some issues with my ISP's DNS
> > servers
> > > recently and don't want to wait too long for the timeout.
> With the
> > > broadband connection, any of the nameservers in my list
> consistenly
> > > returns in < 1 sec (when they're up, of course).
> > >
> > > Will this have the desired effect? Any comments or
> concerns with
> > that
> > > change in general? Am I misunderstanding the purpose of the
> > "options
> > > timeout:" ?
> >
> > The only lines which are read by dnsmasq are "nameserver" ones -
> > everything else is ignored, except "search" if the option
> --domain=# id
> > used, when the first entry of the search string is used as
> dnsmasq's
> > domain setting.
> >
> > To get the effect of faster time-outs, it's necessary to
> alter the
> > timeout in the clients, not in dnsmasq.
> > >
> > > ALSO...(DIFFERENT TOPIC) : Is there no way to tell dnsmasq to
> > dump it's
> > > current lease-info to a file that could be read on restart
> so it
> > knows
> > > about all outstanding DHCP leases? It's rare that I have
> to restart
> > > dnsmasq or the linux box it's on, but when I do, it forces
> me to
> > restart
> > > a lot of client machines in case I'd get a dhcp/IP address
> mix-up
> > (where
> > > dnsmasq doesn't know an IP Address is already leased to a
> running
> > > client, and a new client requests a lease so it hands-out
> the same
> > > address).
> >
> > Dnsmasq does this by default, in
> /var/lib/misc/dnsmasq.leases. You can
> > change the location of the lease file using --dhcp-leasefile.
> >
> > Cheers,
> >
> > Simon.
> >
> > >
> > > Thanks in advance,
> > > AJ
More information about the Dnsmasq-discuss
mailing list