[Dnsmasq-discuss] Bug forward upstream SERVFAIL

Kurt H Maier khm at sciops.net
Tue Jan 24 16:22:04 GMT 2017


On Tue, Jan 24, 2017 at 08:02:52AM +0000, Eric Luehrsen wrote:
> As dnsmasq is a stub resolver I believe it _IS_ important to consider
> what poppular recursive resolvers do. Bind, Unbound, and NSD do need 
> to be reference because they do most of the heavy lifting.


This really just reinforces my point -- if you need specific behavior to
recover from unreliable DNS servers (wholly aside from the question 'why
are you using unreliable DNS servers') then the better solution is to
install the 'heavy-weight' resolver of your choice and let it do all the
Rube Goldberg machinations, rather than trying to patch dnsmasq to be
something it's not.   

If the answer to every question is 'what does BIND do?' then before too
long you've just got a bug-compatible reimplementation of BIND, and I
think dnsmasq is better off staying dnsmasq.

But none of this is germane.  The question boils down to:

Is getting a SERVFAIL rcode from an upstream server sufficient cause to
stop querying and return SERVFAIL?

khm



More information about the Dnsmasq-discuss mailing list