[Dnsmasq-discuss] issue seems to be fixed

Peter Mattern matternp at arcor.de
Tue Oct 29 19:47:31 GMT 2013 

The problem has indeed gone in 2.68test1.

By the way I meanwhile saw that it can be triggered by any DNS lookup,
e. g. Firefox or whatever, not only by running ssh.

As you said you couldn't quite reproduce I thought maybe I should post
some more verbose logging:
Same conditions as described in my first mail except that I tested against
two upstream nameservers. First one was dnsmasq 2.66 on another
Arch box, second an elderly "FRITZ!Box" completely unaware of IPv6,
the first taking the latter as its upstream nameserver. Not using IPv6
in the LAN.

2.67 (queried right after starting) shows

      query[A] foo.bar.invalid from 127.0.0.1
      /etc/hosts foo.bar.invalid is 10.1.2.3
      query[AAAA] foo.bar.invalid from 127.0.0.1
      config foo.bar.invalid is NODATA-IPv6
      query[MX] foo.bar.invalid from 127.0.0.1
      config foo.bar.invalid is NODATA

      query[A] bar.invalid from 127.0.0.1
      config bar.invalid is <CNAME>
      /etc/hosts foo.bar.invalid is 10.1.2.3
      query[AAAA] foo.bar.invalid from 127.0.0.1
      config foo.bar.invalid is NODATA-IPv6
      query[MX] foo.bar.invalid from 127.0.0.1
      config foo.bar.invalid is NODATA

      query[A] www.thekelleys.org from 127.0.0.1
      forwarded www.thekelleys.org to <IP>
      reply ghs.l.google.com is 173.194.70.121
      query[AAAA] ghs.l.google.com from 127.0.0.1
      forwarded ghs.l.google.com to <IP>
      reply ghs.l.google.com is 2a00:1450:4001:c02::79
      query[MX] ghs.l.google.com from 127.0.0.1
      forwarded ghs.l.google.com to <IP>

      query[A] foo.bar.invalid from 127.0.0.1
      /etc/hosts foo.bar.invalid is 10.1.2.3
      query[AAAA] foo.bar.invalid from 127.0.0.1
      config foo.bar.invalid is NODATA-IPv6
      query[MX] foo.bar.invalid from 127.0.0.1
      config foo.bar.invalid is NODATA

      query[A] bar.invalid from 127.0.0.1
      config bar.invalid is NXDOMAIN-IPv4
      query[A] bar.invalid.<domain> from 127.0.0.1
      forwarded bar.invalid.<domain> to <IP>
      reply bar.invalid.<domain> is NXDOMAIN-IPv4

The last line could only be seen with the FritzBox as upstream
nameserver.
With 2.68test1 there were no differences in queries one to four, but the
last one was the same as the second. Thus this time both queries of
bar.invalid were the same.

As for security, it's no problem to go on using 2.66 for a while, is it?

Regards.

More information about the Dnsmasq-discuss mailing list