[Dnsmasq-discuss] [patch] don't cache NODATA when upstream doesn't support recursion
simon at thekelleys.org.uk
Fri Apr 6 08:33:20 BST 2012
On 06/04/12 07:35, Ben Winslow wrote:
> After a very confusing ordeal with dnsmasq, I've discovered that it will
> cache a negative result when it does not find an acceptable answer in
> the reply even if the upstream server does not support recursion. This
> is particularly nasty if you're using --server to send some requests to
> a server which does not support recursion, since a CNAME response can
> then poison (well, somewhere between poison and delete) an arbitrary name.
The patch looks sensible, thanks. Will apply next week when I'm back
from holiday. Sorry for your ordeal, in our defence we never claimed tp
be able to talk to non-recursive nameservers, do log a very clear
warning when we try.
More information about the Dnsmasq-discuss