[Dnsmasq-discuss] CNAME caching issue in Dnsmasq(2.76)

Simon Kelley simon at thekelleys.org.uk
Sun Jan 20 21:45:31 GMT 2019


It's a known limitation. The  actual limitation is that a CNAME and it's
target must both either originate from an upstream server, or both
originate from the dnsmasq local configuration. Mixing sources (ie CNAME
from upstream and target from dnsmasq, or vice-versa) is not allowed.

The commonest situation, when a CNAME is defined in dnsmasq's
configuration whose target comes from upstream, is noted a a problem in
the man page, but that doesn't mention what you're doing, defining the
CNAME upstream but the target in dnsmasq. It should probably do that.

Workaround is to add the CNAME to the dnsmasq configuration.

Cheers,

Simon.




On 20/01/2019 11:03, Yossi Boaron wrote:
> 
> Hi All,
> I have the following DNS topology (In my Openstack deployment):
> VM --> DNSMASQ --> external DNS server 
> domain name= shiftstack.com <http://shiftstack.com/>, and Dnsmasq 2.76
> is used at this Openstack deployment.
> 
> I run the following test:
> 1. Define CNAME record at external DNS server
> 
> ostest-etcd-5.shiftstack.com <http://ostest-etcd-5.shiftstack.com/>.   
>  IN   CNAME        ostest-master-2
> 
> 2. while 'ostest-master-2' is defined in --addn-hosts at Dnsmasq:
> the relevant entry:
> 10.0.1.214      ostest-master-2.shiftstack.com
> <http://ostest-master-2.shiftstack.com/>. ostest-master-2
> 
> 3. next step, I tried to resolve 'ostest-etcd-5.shiftstack.com
> <http://ostest-etcd-5.shiftstack.com/>.' from the VM.
> I expected that dig ostest-etcd-5.shiftstack.com
> <http://ostest-etcd-5.shiftstack.com/>. should be replied with the
> ostest-master-2 IP (10.0.1.214).
> 
> Actual behavior:
> When I run dig (see 1)  just for type A, Dnsmasq replied only with the
> CNAME entry and doesn't return ostest-master-2 IP address.
> 
> But when I run dig (see 2) for types AAAA and A (at this order), I can
> see that Dnsmasq resolves  ostest-master-2 IP address as expected.
> 
> It seems to me like an issue of CNAME caching  at Dnsmasq (2.76), 
> Is it a known issue?
> 
> Thanks in advance
> Yossi
> 
> 
> [1] 
> $ dig +noedns  ostest-etcd-5.shiftstack.com
> <http://ostest-etcd-5.shiftstack.com/>.  A
> 
> ; <<>> DiG 9.9.4-RedHat-9.9.4-72.el7 <<>>
> +noedns ostest-etcd-5.shiftstack.com
> <http://ostest-etcd-5.shiftstack.com/>. A
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13837
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
> 
> ;; QUESTION SECTION:
> ;ostest-etcd-5.shiftstack.com <http://ostest-etcd-5.shiftstack.com/>. 
> IN      A
> 
> ;; ANSWER SECTION:
> ostest-etcd-5.shiftstack.com <http://ostest-etcd-5.shiftstack.com/>.
> 3600 IN   CNAME   ostest-master-2.shiftstack.com
> <http://ostest-master-2.shiftstack.com/>.
> 
> ;; Query time: 2 msec
> ;; SERVER: 10.0.0.2#53(10.0.0.2)
> ;; WHEN: Sun Jan 20 09:52:48 UTC 2019
> ;; MSG SIZE  rcvd: 118
> 
>> 
> [2] 
> $ dig +noedns ostest-etcd-5.shiftstack.com
> <http://ostest-etcd-5.shiftstack.com/>.
> AAAA  ostest-etcd-5.shiftstack.com
> <http://ostest-etcd-5.shiftstack.com/>.  A
> 
> ; <<>> DiG 9.9.4-RedHat-9.9.4-72.el7 <<>>
> +noedns ostest-etcd-5.shiftstack.com
> <http://ostest-etcd-5.shiftstack.com/>.
> AAAA ostest-etcd-5.shiftstack.com <http://ostest-etcd-5.shiftstack.com/>. A
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63573
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
> 
> ;; QUESTION SECTION:
> ;ostest-etcd-5.shiftstack.com <http://ostest-etcd-5.shiftstack.com/>. 
> IN      AAAA
> 
> ;; ANSWER SECTION:
> ostest-etcd-5.shiftstack.com <http://ostest-etcd-5.shiftstack.com/>.
> 3600 IN   CNAME   ostest-master-2.shiftstack.com
> <http://ostest-master-2.shiftstack.com/>.
> 
> ;; Query time: 3 msec
> ;; SERVER: 10.0.0.2#53(10.0.0.2)
> ;; WHEN: Sun Jan 20 09:53:59 UTC 2019
> ;; MSG SIZE  rcvd: 118
> 
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15671
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
> 
> ;; QUESTION SECTION:
> ;ostest-etcd-5.shiftstack.com <http://ostest-etcd-5.shiftstack.com/>. 
> IN      A
> 
> ;; ANSWER SECTION:
> ostest-etcd-5.shiftstack.com <http://ostest-etcd-5.shiftstack.com/>.
> 3600 IN   CNAME   ostest-master-2.shiftstack.com
> <http://ostest-master-2.shiftstack.com/>.
> ostest-master-2.shiftstack.com <http://ostest-master-2.shiftstack.com/>.
> 0 IN    A       10.0.1.214
> 
> ;; Query time: 0 msec
> ;; SERVER: 10.0.0.2#53(10.0.0.2)
> ;; WHEN: Sun Jan 20 09:53:59 UTC 2019
> ;; MSG SIZE  rcvd: 106
> 
>> 
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> 



More information about the Dnsmasq-discuss mailing list