[Dnsmasq-discuss] Deferring to external nameserver for certain local domain names

Brandon Beck bmbeck at gmail.com
Sat Jan 12 15:50:13 GMT 2008 

Hi Simon,

I looked into this some more.  I still feel like maybe something might be
wrong with either my configuration or maybe dnsmasq itself.  I just launched
dnsmasq using the -d argument and executed "host mail.isomorphism.org".  The
output was slightly different this time and pretty interesting.  Here's the
output of the host command:

$ host mail.isomorphism.org
mail.isomorphism.org is an alias for ghs.GOOGLE.COM.
ghs.GOOGLE.COM is an alias for ghs.l.GOOGLE.COM.
Host ghs.l.GOOGLE.COM.austin.rr.com not found: 5(REFUSED)
Host ghs.l.GOOGLE.COM.austin.rr.com not found: 5(REFUSED)

And the output from "dnsmasq -d":

$ sudo dnsmasq -d
dnsmasq: started, version 2.39 cachesize 150
dnsmasq: compile time options: IPv6 GNU-getopt no-ISC-leasefile DBus I18N
TFTP
dnsmasq: DHCP, IP range 192.168.1.100 -- 192.168.1.200, lease time 12h
dnsmasq: using local addresses only for domain isomorphism.org
dnsmasq: using nameserver 69.60.109.125#53 for domain mail.isomorphism.org
dnsmasq: reading /etc/resolv.conf
dnsmasq: ignoring nameserver 127.0.0.1 - local interface
dnsmasq: using local addresses only for domain isomorphism.org
dnsmasq: using nameserver 69.60.109.125#53 for domain mail.isomorphism.org
dnsmasq: read /etc/hosts - 8 addresses
dnsmasq: query[A] mail.isomorphism.org from 127.0.0.1
dnsmasq: forwarded mail.isomorphism.org to 69.60.109.125
dnsmasq: reply mail.isomorphism.org is <CNAME>
dnsmasq: reply ghs.GOOGLE.COM is <CNAME>
dnsmasq: reply ghs.l.GOOGLE.COM is <NODATA>-IPv4
dnsmasq: query[AAAA] ghs.l.GOOGLE.COM from 127.0.0.1
dnsmasq: query[AAAA] ghs.l.GOOGLE.COM.austin.rr.com from 127.0.0.1
dnsmasq: query[MX] ghs.l.GOOGLE.COM from 127.0.0.1
dnsmasq: query[MX] ghs.l.GOOGLE.COM.austin.rr.com from 127.0.0.1

So it seems like dnsmasq is somehow appending my domain name (
isomorphism.org) to full domain names.

Here is what is effectively in my dnsmasq.conf file (I stripped comments and
blank lines):

$ cat dnsmasq.conf | grep -v "^#" | grep -v "^\s*$"
domain-needed
server=/mail.isomorphism.org/69.60.109.125
local=/isomorphism.org/
except-interface=eth1
expand-hosts
domain=isomorphism.org
dhcp-range=192.168.1.100,192.168.1.200,12h

... bunch of lines mapping MAC address to ip address and name removed ...

dhcp-authoritative
log-queries
log-dhcp


Am I doing something wrong here?  Maybe the domain-needed parameter is
causing this?

Thanks,
Brandon


On Jan 11, 2008 6:03 AM, Simon Kelley <simon at thekelleys.org.uk> wrote:

> Brandon Beck wrote:
> > Hi Simon,
> >
> > I'm trying to implement your suggestion, but I'm having some troubles
> with
> > it.  Here's what I've done/what I know:
> >
> > 1)  I've added the line"server=/mail.isomorphism.org/69.60.109.125" to
> my
> > dnsmasq.conf.  The ip address corresponds to my primary name server for
> my
> > domain (ns.dominia.org).
>
> > *bbeck at server:~$ dig mail.isomorphism.org
> > *
> > ; <<>> DiG 9.4.1-P1 <<>> mail.isomorphism.org
> > ;; global options:  printcmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18191
> > ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
> >
> > ;; QUESTION SECTION:
> > ;mail.isomorphism.org.          IN      A
> >
> > ;; ANSWER SECTION:
> > mail.isomorphism.org.   41407   IN      CNAME   ghs.GOOGLE.COM.
> > ghs.GOOGLE.COM.         464425  IN      CNAME   ghs.l.GOOGLE.COM.
> >
> > ;; Query time: 0 msec
> > ;; SERVER: 127.0.0.1#53(127.0.0.1)
> > ;; WHEN: Thu Jan 10 22:46:21 2008
> > ;; MSG SIZE  rcvd: 96
> >
>
> I think the problem is just that you're using the wrong server. I guess
> that the primary name server for your domain is configured as just that:
> an authoritative nameserver. If instead, you just use the same
> nameserver that's in /etc/resolv.conf, probably the recursive nameserver
> that's provided by your ISP, then it will just work.
>
> I did the same query as you to 69.60.109.125 and got the same answer. If
> I send the query instead to my ISPs nameserver, via dnsmasq, I get the
> correct answer
>
> srk at spike:~/dnsmasq-2.41/dnsmasq-2.41$ dig mail.isomorphism.org
>
> ; <<>> DiG 9.3.2-P1 <<>> mail.isomorphism.org
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64849
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;mail.isomorphism.org.          IN      A
>
> ;; ANSWER SECTION:
> mail.isomorphism.org.   42503   IN      CNAME   ghs.google.com.
> ghs.google.com.         593393  IN      CNAME   ghs.l.google.com.
> ghs.l.google.com.       174     IN      A       72.14.207.121
>
> ;; Query time: 16 msec
> ;; SERVER: 192.168.0.4#53(192.168.0.4)
> ;; WHEN: Fri Jan 11 11:59:14 2008
> ;; MSG SIZE  rcvd: 102
>
>
> HTH
>
>
> Simon.
>
>
> I get exc
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20080112/f919167b/attachment.htm

More information about the Dnsmasq-discuss mailing list