[Dnsmasq-discuss] AAAA requests: long delay or SERVFAIL
martin f krafft
madduck at madduck.net
Tue Dec 16 21:32:47 GMT 2014
Hey,
I am using dnsmasq from libvirt, like so:
dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf \
--dhcp-script=/usr/lib/libvirt/libvirt_leaseshelper
The configuration file is included below. Basically, this is a DHCP
server and DNS forwarder, but I've also configured it to turn DHCP
leases into DNS records, using the --domain keyword.
This works splendidly and OMG did I rejoice to see how wonderfully
easy this was to set up and just get it working.
However, there's an issue relating to nonexistent RRs for the hosts
configured by DHCP, as exemplified by a call to /usr/bin/host:
% host red.virt
red.virt has address 192.168.122.60
Host red.virt not found: 2(SERVFAIL)
Host red.virt not found: 2(SERVFAIL)
This is because host queries the DNS server for A, AAAA, and MX all
at once.
It's obvious that dnsmasq does not know about AAAA or MX for the
host in this setup. However, why is it returning SERVFAIL?
Moreover, this is not consistently the case. At other times, I get
timeouts when asking for these RRs:
% dig @192.168.122.1 aaaa green.virt
*** 5–10 seconds later ***
; <<>> DiG 9.9.5-7-Debian <<>> @192.168.122.1 aaaa green.virt
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
Am I doing something wrong?
I thought that the correct behaviour for a DNS server when asked
about a record it does not have is to respond with NOERROR,
AUTHORITY:1 and ANSWER:0.
==> /var/lib/libvirt/dnsmasq/default.conf:
strict-order
domain=virt
expand-hosts
pid-file=/var/run/libvirt/network/default.pid
except-interface=lo
bind-dynamic
interface=virbr0
dhcp-range=192.168.122.2,192.168.122.254
dhcp-no-override
dhcp-leasefile=/var/lib/libvirt/dnsmasq/default.leases
dhcp-lease-max=253
dhcp-hostsfile=/var/lib/libvirt/dnsmasq/default.hostsfile
addn-hosts=/var/lib/libvirt/dnsmasq/default.addnhosts
--
@martinkrafft | http://madduck.net/ | http://two.sentenc.es/
"when in doubt, parenthesize. at the very least it will let some
poor schmuck bounce on the % key in vi."
-- larry wall
spamtraps: madduck.bogus at madduck.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: digital_signature_gpg.asc
Type: application/pgp-signature
Size: 1107 bytes
Desc: Digital signature (see http://martin-krafft.net/gpg/sig-policy/999bbcc4/current)
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20141216/61d6dfcc/attachment.sig>
More information about the Dnsmasq-discuss
mailing list