[Dnsmasq-discuss] strict-order backwards in Debian 7 dnsmasq 2.72-3 (vs dnsmasq 2.59)?
Tim Wright
tenortim at gmail.com
Wed Sep 2 19:45:17 BST 2015
On Tue, Sep 1, 2015 at 11:13 AM, Albert ARIBAUD <albert.aribaud at free.fr>
wrote:
> Hi Tim,
>
> Le Tue, 1 Sep 2015 10:00:36 -0700, Tim Wright <tenortim at gmail.com> a
> écrit :
>
> > Hello,
> > I apologize if this is something known, or if I'm doing something silly,
> > but I switched over from Ubuntu 12.04LTS (dnsmasq 2.59) to Debian 7
> stable
> > (dnsmasq 2.72-3) and I'm seeing something odd. I have "strict order"
> > enabled, and many lines in /etc/dnsmasq.conf of the form:
> >
> > server=/example.domain.com/<corp DNS server 1>
> > server=/example.domain.com/<corp DNS server 2>
> > server=/example.domain.com/<corp DNS server 3>
> > server=/example.domain.com/<local DNS server>
> > server=/example.domain.com/8.8.8.8
> >
> > The reason for this is that there are a number of names where "
> > example.domain.com" returns a different, internal IP address when
> connected
> > to the corporate network (vpn), but I want to fail back to the external
> if
> > the vpn is down etc.
> >
> > In version 2.59, this worked perfectly. In the newer version, it appears
> to
> > be completely backwards. I reversed the entire config file so that
> entries
> > are now of the form:
> >
> > server=/example.domain.com/8.8.8.8
> > server=/example.domain.com/<local DNS server>
> > server=/example.domain.com/<corp DNS server 3>
> > server=/example.domain.com/<corp DNS server 2>
> > server=/example.domain.com/<corp DNS server 1>
> >
> > but I was curious if this is expected behaviour or whether it would be
> > considered a bug.
>
> Hmm... From the dnsmasq man page, --strict-order is about following the
> order in which upstream DNS servers appear in /etc/resolv.conf, not in
> /etc/dnsmasq.conf.
>
Hi Albert,
I'm not sure that it's that clear. At least for 2.73, the man page is
conflicted:
-o, --strict-order
By default, dnsmasq will send queries to any of the
upstream
servers it knows about and tries to favour servers that
are
known to be up. Setting this flag forces dnsmasq to try
each
query with each server strictly in the order they appear
in
/etc/resolv.conf
The first part clearly states that by default it will query "any of the
upstream servers it knows about". If you use lines of the form "server=" in
the config file, that's a lot more than what you might find in
/etc/resolv.conf. Furthermore, that certainly isn't how it works. With
"strict-order" enabled, it certainly applies to servers defined in the
config file. The issue is that at some point, it applied in forward order,
and now, it appears to apply in reverse order.
Looking at the code, servers from /etc/resolv.conf are not treated
especially compared to those from the config file - they all end up in the
daemon->servers list.
Regards,
Tim
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20150902/07c95e7e/attachment.html>
More information about the Dnsmasq-discuss
mailing list