[Dnsmasq-discuss] NXDOMAIN on exisiting A record

Geert Stappers stappers at stappers.nl
Sun Jul 7 21:24:27 BST 2019 

On Sun, Jul 07, 2019 at 02:09:20PM -0500, Alex Litvak wrote:
> Hello every one,
> 
> I run consul services on my network where servics are registered with xyz.service.consul when they start.  All containers and bare metal hosts are running dnsmasq 2.80.
> I noticed that if I restart one of the containers one of the hosts continue failing to resolve the server hostname.  I can see that dnsmasq is a culprit because:
> 
> 1. I can resolve service against standard dns servers
> 2. Dnsmasq on 127.0.0.1 is first in the resolve.conf and when I run tcpdump against port 53 on lo I see it returns NXDOMAIN on the service query
> 3. If I restart dnsmasq everything is back to normal again.  Even more
> weird, if I send SIGHUP to dnsmasq which only causes to reread /etc/hosts
> file, everything is bad to normal as far as service resolution goes.
> 
> The weird thing is I have it only happen on some hosts without the pattern I
> can recognize.  For example I have to nodes with the same config, os, kernel
> version, dnsmasq version, etc ... and one of them have the problem 100% on
> service restart and other is not.
> 
> Where do I start troubleshooting, any ideas are welcome.

Draw a diagram  /  make a sketch  / picture it



 
> Here is a standard dnsmasq confugration.
> 
> port=53
> domain-needed
> bogus-priv
> interface=lo
> listen-address=127.0.0.1
> no-dhcp-interface=127.0.0.1
> #bind-interfaces
> no-resolv
> all-servers
> dns-forward-max=500
> 
> # If you don't want dnsmasq to read /etc/hosts, uncomment the
> # following line.
> #no-hosts
> # or if you want it to read another file, as well as /etc/hosts, use
> # this.
> #addn-hosts=/etc/banner_add_hosts
> 
> #log-queries=extra
> #log-facility=/var/log/dnsmasq.log
> log-async=25
> 
> # Set the cachesize here.
> cache-size=10000
> min-cache-ttl=5
> #neg-ttl=3600
> 
> # If you want to disable negative caching, uncomment this.
> #no-negcache
> 
> # For debugging purposes, log each DNS query as it passes through
> # dnsmasq.
> #log-queries
> clear-on-reload
> 
> server=10.0.48.12
> server=10.0.48.11
> server=10.0.21.63
> server=10.0.21.61
> 
> server=/.la.consul/10.0.73.43
> server=/.la.consul/10.0.73.40
> server=/.la.consul/10.0.73.28
> server=/.chi-pbx.consul/10.1.73.1
> server=/.chi-pbx.consul/10.1.73.2
> server=/.chi-pbx.consul/10.1.73.3
> server=/.consul/10.0.73.43
> server=/.consul/10.0.73.40
> server=/.consul/10.0.73.28
> 
> Resolver config
> 
> search ''
> options  timeout:1 attempts:1
> nameserver 127.0.0.1
> nameserver 10.0.48.11
> nameserver 10.0.48.12
> nameserver 10.0.21.63
> 
> 
> 
> 
> 
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

-- 
Groeten
Geert Stappers
-- 
Leven en laten leven

More information about the Dnsmasq-discuss mailing list