[Dnsmasq-discuss] I am getting some strange "reply login.gslb2.salesforce.com is NODATA-IPv4" errors
Kasper Grubbe
kawsper at gmail.com
Mon Aug 15 16:40:02 BST 2016
One of my users is getting some errors talking to Salesforce, as a
replication step she has provided me with the following piece of Python
code:
import socket
print(socket.gethostbyname('localhost'))
print(socket.gethostbyname('google.com'))
print(socket.gethostbyname('login.salesforce.com'))
And it prints the following:
127.0.0.1
216.58.211.14
Traceback (most recent call last):
File "dns.py", line 4, in <module>
print(socket.gethostbyname('login.salesforce.com'))
socket.gaierror: [Errno 8] nodename nor servname provided, or not known
In my logs I see the following:
Aug 15 14:54:32 dnsmasq[28405]: query[A] login.gslb2.salesforce.com
from 10.8.0.3
Aug 15 14:54:32 dnsmasq[28405]: forwarded login.gslb2.salesforce.com to
8.8.8.8
Aug 15 14:54:32 dnsmasq[28405]: forwarded login.gslb2.salesforce.com to
8.8.4.4
Aug 15 14:54:32 dnsmasq[28405]: dnssec-query[DS] com to 8.8.8.8
Aug 15 14:54:32 dnsmasq[28405]: dnssec-query[DNSKEY] . to 8.8.8.8
Aug 15 14:54:32 dnsmasq[28405]: reply . is DNSKEY keytag 46551
Aug 15 14:54:32 dnsmasq[28405]: reply . is DNSKEY keytag 19036
Aug 15 14:54:32 dnsmasq[28405]: reply com is DS keytag 30909
Aug 15 14:54:32 dnsmasq[28405]: dnssec-query[DS] salesforce.com to
8.8.8.8
Aug 15 14:54:32 dnsmasq[28405]: dnssec-query[DNSKEY] com to 8.8.8.8
Aug 15 14:54:32 dnsmasq[28405]: reply com is DNSKEY keytag 27452
Aug 15 14:54:32 dnsmasq[28405]: reply com is DNSKEY keytag 30909
Aug 15 14:54:32 dnsmasq[28405]: reply salesforce.com is no DS
Aug 15 14:54:32 dnsmasq[28405]: validation result is INSECURE
Aug 15 14:54:32 dnsmasq[28405]: reply login.gslb2.salesforce.com is
NODATA-IPv4
My Dnsmasq is configured like this:
dnssec
trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5
dnssec-check-unsigned
interface=tun0
local-ttl=360
log-queries
log-facility=/var/log/dnsmasq.log
log-async=20
resolv-file=/etc/dnsmasq-resolv.conf
And dnsmasq-resolv.conf contains this:
nameserver 8.8.8.8
nameserver 8.8.4.4
Any ideas why this is?
Br.
--
Kasper Grubbe
Phone: (+45) 42 42 42 74
Skype: kasper.grubbe
Mail: kaspergrubbe at gmail.com
Web: http://kaspergrubbe.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20160815/7c3f062e/attachment.html>
More information about the Dnsmasq-discuss
mailing list