[Dnsmasq-discuss] returns REFUSED when first response comes from non-recursive server
daniel at pocock.pro
Mon Feb 27 15:40:14 GMT 2017
On 27/02/17 13:31, Chris Novakovic wrote:
> On 27/02/17 10:04, Daniel Pocock wrote:
>> I've observed the following problem:
>> - dnsmasq is sending queries to 5 servers, one of them is not recursive
>> and only answers for a private domain
>> - if the first response dnsmasq receives comes from the non-recursive
>> server (REFUSED), then dnsmasq is sending a REFUSED response to the client
>> - dnsmasq subsequently receives a response from one of the recursive servers
> This is expected behaviour. One possibility is to configure dnsmasq to
> forward requests to the non-recursive server only for the private
> domain, e.g.:
> and a matching --rev-server directive if appropriate.
The router is running OpenWRT, I could make that change manually but
then I wouldn't be able to fully manage it with the GUI any more.
Can you confirm if this is the only way it can work according to the DNS
spec, or is it a dnsmasq design decision?
Could a software approach be taken by default, waiting to see if any
resolver provides a positive response before sending back REFUSED to the
More information about the Dnsmasq-discuss