[Dnsmasq-discuss] CNAME caching issue in Dnsmasq(2.76)
Simon Kelley
simon at thekelleys.org.uk
Sun Jan 20 21:45:31 GMT 2019
It's a known limitation. The actual limitation is that a CNAME and it's
target must both either originate from an upstream server, or both
originate from the dnsmasq local configuration. Mixing sources (ie CNAME
from upstream and target from dnsmasq, or vice-versa) is not allowed.
The commonest situation, when a CNAME is defined in dnsmasq's
configuration whose target comes from upstream, is noted a a problem in
the man page, but that doesn't mention what you're doing, defining the
CNAME upstream but the target in dnsmasq. It should probably do that.
Workaround is to add the CNAME to the dnsmasq configuration.
Cheers,
Simon.
On 20/01/2019 11:03, Yossi Boaron wrote:
>
> Hi All,
> I have the following DNS topology (In my Openstack deployment):
> VM --> DNSMASQ --> external DNS server
> domain name= shiftstack.com <http://shiftstack.com/>, and Dnsmasq 2.76
> is used at this Openstack deployment.
>
> I run the following test:
> 1. Define CNAME record at external DNS server
>
> ostest-etcd-5.shiftstack.com <http://ostest-etcd-5.shiftstack.com/>.
> IN CNAME ostest-master-2
>
> 2. while 'ostest-master-2' is defined in --addn-hosts at Dnsmasq:
> the relevant entry:
> 10.0.1.214 ostest-master-2.shiftstack.com
> <http://ostest-master-2.shiftstack.com/>. ostest-master-2
>
> 3. next step, I tried to resolve 'ostest-etcd-5.shiftstack.com
> <http://ostest-etcd-5.shiftstack.com/>.' from the VM.
> I expected that dig ostest-etcd-5.shiftstack.com
> <http://ostest-etcd-5.shiftstack.com/>. should be replied with the
> ostest-master-2 IP (10.0.1.214).
>
> Actual behavior:
> When I run dig (see 1) just for type A, Dnsmasq replied only with the
> CNAME entry and doesn't return ostest-master-2 IP address.
>
> But when I run dig (see 2) for types AAAA and A (at this order), I can
> see that Dnsmasq resolves ostest-master-2 IP address as expected.
>
> It seems to me like an issue of CNAME caching at Dnsmasq (2.76),
> Is it a known issue?
>
> Thanks in advance
> Yossi
>
>
> [1]
> $ dig +noedns ostest-etcd-5.shiftstack.com
> <http://ostest-etcd-5.shiftstack.com/>. A
>
> ; <<>> DiG 9.9.4-RedHat-9.9.4-72.el7 <<>>
> +noedns ostest-etcd-5.shiftstack.com
> <http://ostest-etcd-5.shiftstack.com/>. A
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13837
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;ostest-etcd-5.shiftstack.com <http://ostest-etcd-5.shiftstack.com/>.
> IN A
>
> ;; ANSWER SECTION:
> ostest-etcd-5.shiftstack.com <http://ostest-etcd-5.shiftstack.com/>.
> 3600 IN CNAME ostest-master-2.shiftstack.com
> <http://ostest-master-2.shiftstack.com/>.
>
> ;; Query time: 2 msec
> ;; SERVER: 10.0.0.2#53(10.0.0.2)
> ;; WHEN: Sun Jan 20 09:52:48 UTC 2019
> ;; MSG SIZE rcvd: 118
>
> $
>
> [2]
> $ dig +noedns ostest-etcd-5.shiftstack.com
> <http://ostest-etcd-5.shiftstack.com/>.
> AAAA ostest-etcd-5.shiftstack.com
> <http://ostest-etcd-5.shiftstack.com/>. A
>
> ; <<>> DiG 9.9.4-RedHat-9.9.4-72.el7 <<>>
> +noedns ostest-etcd-5.shiftstack.com
> <http://ostest-etcd-5.shiftstack.com/>.
> AAAA ostest-etcd-5.shiftstack.com <http://ostest-etcd-5.shiftstack.com/>. A
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63573
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;ostest-etcd-5.shiftstack.com <http://ostest-etcd-5.shiftstack.com/>.
> IN AAAA
>
> ;; ANSWER SECTION:
> ostest-etcd-5.shiftstack.com <http://ostest-etcd-5.shiftstack.com/>.
> 3600 IN CNAME ostest-master-2.shiftstack.com
> <http://ostest-master-2.shiftstack.com/>.
>
> ;; Query time: 3 msec
> ;; SERVER: 10.0.0.2#53(10.0.0.2)
> ;; WHEN: Sun Jan 20 09:53:59 UTC 2019
> ;; MSG SIZE rcvd: 118
>
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15671
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;ostest-etcd-5.shiftstack.com <http://ostest-etcd-5.shiftstack.com/>.
> IN A
>
> ;; ANSWER SECTION:
> ostest-etcd-5.shiftstack.com <http://ostest-etcd-5.shiftstack.com/>.
> 3600 IN CNAME ostest-master-2.shiftstack.com
> <http://ostest-master-2.shiftstack.com/>.
> ostest-master-2.shiftstack.com <http://ostest-master-2.shiftstack.com/>.
> 0 IN A 10.0.1.214
>
> ;; Query time: 0 msec
> ;; SERVER: 10.0.0.2#53(10.0.0.2)
> ;; WHEN: Sun Jan 20 09:53:59 UTC 2019
> ;; MSG SIZE rcvd: 106
>
> $
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
More information about the Dnsmasq-discuss
mailing list