[Dnsmasq-discuss] AAAA requests: long delay or SERVFAIL

martin f krafft madduck at madduck.net
Tue Dec 23 19:59:15 GMT 2014

also sprach Simon Kelley <simon at thekelleys.org.uk> [2014-12-23 18:14 +0100]:
> My guess is that the SERVFAIL is coming from a server upstream of
> dnsmasq. Unless told to, dnsmasq "overlays" the DNS information is
> has locally onto the global DNS a record-at-a-time, not
> a domain-name at a time.

Yeah, that could be. tcpdump seems to think you're right. Thank you!

> or even better, modify the domain definition to something like
> domain=virt,, local

Unfortunately, I am seeing absolutely no difference with this

  % sudo grep domain /var/lib/libvirt/dnsmasq/default.conf

  % dig @ mx red.virt
  ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 29678

And according to tcpdump, this SERVFAIL comes from upstream (see

This (disabling any forwarding of *.virt) would be a really useful
setting for my case because I would also like to delegate the
resolution of *.virt to dnsmasq from my loopback resolver. At the
moment, this is the cause of the frequent timeouts: dnsmasq sends
a query upstream, which is configured to send queries for *.virt
downstream, which…

Am I doing something wrong still?

Btw, I managed to fix SERVFAIL upstream, using these instructions:


tl;dr: DNSSEC is preventing me from using the zone *.virt unless
I declare it private and insecure.

@martinkrafft | http://madduck.net/ | http://two.sentenc.es/
"den stil verbessern, das heißt den gedanken verbessern."
                                                 - friedrich nietzsche
spamtraps: madduck.bogus at madduck.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: digital_signature_gpg.asc
Type: application/pgp-signature
Size: 1107 bytes
Desc: Digital signature (see http://martin-krafft.net/gpg/sig-policy/999bbcc4/current)
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20141223/ac00339f/attachment.sig>

More information about the Dnsmasq-discuss mailing list