[Dnsmasq-discuss] MX forwarding

Gene Czarcinski gene at czarc.net
Thu Aug 30 17:20:54 BST 2012 

On 08/30/2012 10:31 AM, Simon Kelley wrote:
> On 30/08/12 13:11, Gene Czarcinski wrote:
>> The patch below has been tested and returns NXDOMAIN for A and AAAA
>> plain-name queries (which stops /usr/bin/host) from doing an MX query
>> (domain-needed is specified).  But a "host -t DS com" and "host -t DS
>> org" returns the expected info.
>>
>> A really simple patch:
>> -----------------------------------------------------------------------------------------------------------
>>
>> diff -uNr dnsmasq-2.59.orig/src/forward.c dnsmasq-2.59/src/forward.c
>> --- dnsmasq-2.59.orig/src/forward.c    2011-10-07 10:09:30.000000000 -0400
>> +++ dnsmasq-2.59/src/forward.c    2012-08-30 07:27:33.553302341 -0400
>> @@ -210,7 +210,7 @@
>>     if (flags == 0 && !(qtype & F_QUERY) &&
>>         option_bool(OPT_NODOTS_LOCAL) && !strchr(qdomain, '.') && namelen
>> != 0)
>>       /* don't forward A or AAAA queries for simple names, except the
>> empty name */
>> -    flags = F_NOERR;
>> +    flags = F_NXDOMAIN;
>>
>>     if (flags == F_NXDOMAIN && check_for_local_domain(qdomain, now))
>>       flags = F_NOERR;
>> --------------------------------------------------------------------------------------------------------------
>>
>>
> But that change returns NXDOMAIN, which is an reversion of one of the
> changes made to fix Debian bug 630637.
>
> I'm happy to add MX to A and AAAA records for special-casing, but not
> the above patch.
>
Yes, you can add MX to the extract_request() so that for A, AAAA, ANY, 
and now MX will be the "flag" will be set.  However, it is important not 
to return a null response ... NXDOMAIN is the proper return ... or at 
least that is what I get when I enter a bad plain-name to a bind/named 
server ... sure, the query gets forwarded up the chain and rattles a lot 
of other servers, but that answer of an A query will stop host.  In 
Addition, you will get NXDOMAIN [reply code 3 or "no such name" as 
wireshark puts it] if you specifically query MX such as "host -t MX 
badname."

However, from what you are saying, I am not sure how the code is suppose 
to work but with the patch above applied it seems to work just fine (at 
least it gave the keys for "host com.", "host org.", and "host net.").  
At the same time, NXDOMAIN is returned for plain-name A, AAAA, and ANY.  
Yes, you specifically specify MX such as "host -t MX badname." the the 
query will be forwarded.  The main thing is to return a NXDOMAIN 
response rather than a "null" response which is what you get from 
"F_NOERR".  BTW, I am not certain what the purpose of the next "if" 
statement is.

Thanks for the patience,  Gene

More information about the Dnsmasq-discuss mailing list