[Dnsmasq-discuss] dnsmasq returns addresses for non-existent hosts - what have I mis-configured?

Perette Barella perette at barella.org
Sun Nov 8 15:25:11 GMT 2009


It looks like your provider has set up a wildcard A record, which is  
similar to DNS hijacking as a "helpful" feature to users who miskey a  
domain name.  It's not isolated to you:

mugenshi:etc x10$ host ghijk.isbd.net
ghijk.isbd.net has address 195.74.61.93
ghijk.isbd.net mail is handled by 10 mail-in-1.lb.gradwell.net.

You could check Gradwell's support pages, but I doubt there is an  
option to shut it off, since the DNS is published this way.  It's a  
publication problem/"feature", not a bug in dnsmasq.

Dnsmasq does have a a bogus-nxdomain option, which you give some IP  
addresses and those addresses are translated into NXDOMAIN non- 
existent domain responses.  However, if isbd.net (without leading  
characters) is actually a useful server to you, this solution is not  
viable because the valid use shares the same IP as the bogus responses.

Perette



On 2009年11月08日, at 7:08, Chris G wrote:

> I have dnsmasq working quite happily on a Ubuntu Server 9.10 system
> providing dns for my small SoHo network.
>
> I have just noticed however that if I ask for the address of a
> non-existent name dnsmasq returns the name of one of my hosting
> service's machines.  It always returns the same address for any
> non-existent name, e.g.:-
>
>    chris$ host abcde.isbd.net
>    abcde.isbd.net has address 195.74.61.93
>    abcde.isbd.net mail is handled by 10 mail-in-1.lb.gradwell.net.
>    chris$ host xyz
>    xyz.isbd.net has address 195.74.61.93
>    xyz.isbd.net mail is handled by 10 mail-in-1.lb.gradwell.net.
>    chris$ host xyz.isbd.net
>    xyz.isbd.net has address 195.74.61.93
>    xyz.isbd.net mail is handled by 10 mail-in-1.lb.gradwell.net.
>
>
> I have isbd.net and isbd.co.uk hosted at Gradwell so I do have a
> connection with them.  In fact things are becoming clearer now,
> 195.74.61.93 is the (quite correct) address returned when you
> look up isbd.net.
>
> So, how can I prevent dnsmasq from returning the parent domain address
> when I look up <anyOldRubbish>.isbd.net ?  Presumably it can't find  
> the
> name locally and sends off the request to the upstream name server
> which (sort of correctly) returns 195.74.61.93.
>
> However it means that if I mis-type a name or if one of my machines
> dies then I may not notice immediately because DNS still succeeds.
>
> -- 
> Chris Green
>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss




More information about the Dnsmasq-discuss mailing list