<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Tue, Sep 1, 2015 at 11:13 AM, Albert ARIBAUD <span dir="ltr"><<a href="mailto:albert.aribaud@free.fr" target="_blank">albert.aribaud@free.fr</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">Hi Tim,<br>
<br>
Le Tue, 1 Sep 2015 10:00:36 -0700, Tim Wright <<a href="mailto:tenortim@gmail.com">tenortim@gmail.com</a>> a<br>
écrit :<br>
<span class=""><br>
> Hello,<br>
> I apologize if this is something known, or if I'm doing something silly,<br>
> but I switched over from Ubuntu 12.04LTS (dnsmasq 2.59) to Debian 7 stable<br>
> (dnsmasq 2.72-3) and I'm seeing something odd. I have "strict order"<br>
> enabled, and many lines in /etc/dnsmasq.conf of the form:<br>
><br>
> server=/<a href="http://example.domain.com/" rel="noreferrer" target="_blank">example.domain.com/</a><corp DNS server 1><br>
> server=/<a href="http://example.domain.com/" rel="noreferrer" target="_blank">example.domain.com/</a><corp DNS server 2><br>
> server=/<a href="http://example.domain.com/" rel="noreferrer" target="_blank">example.domain.com/</a><corp DNS server 3><br>
> server=/<a href="http://example.domain.com/" rel="noreferrer" target="_blank">example.domain.com/</a><local DNS server><br>
> server=/<a href="http://example.domain.com/8.8.8.8" rel="noreferrer" target="_blank">example.domain.com/8.8.8.8</a><br>
><br>
> The reason for this is that there are a number of names where "<br>
> <a href="http://example.domain.com" rel="noreferrer" target="_blank">example.domain.com</a>" returns a different, internal IP address when connected<br>
> to the corporate network (vpn), but I want to fail back to the external if<br>
> the vpn is down etc.<br>
><br>
> In version 2.59, this worked perfectly. In the newer version, it appears to<br>
> be completely backwards. I reversed the entire config file so that entries<br>
> are now of the form:<br>
><br>
> server=/<a href="http://example.domain.com/8.8.8.8" rel="noreferrer" target="_blank">example.domain.com/8.8.8.8</a><br>
> server=/<a href="http://example.domain.com/" rel="noreferrer" target="_blank">example.domain.com/</a><local DNS server><br>
> server=/<a href="http://example.domain.com/" rel="noreferrer" target="_blank">example.domain.com/</a><corp DNS server 3><br>
> server=/<a href="http://example.domain.com/" rel="noreferrer" target="_blank">example.domain.com/</a><corp DNS server 2><br>
> server=/<a href="http://example.domain.com/" rel="noreferrer" target="_blank">example.domain.com/</a><corp DNS server 1><br>
><br>
> but I was curious if this is expected behaviour or whether it would be<br>
> considered a bug.<br>
<br>
</span>Hmm... From the dnsmasq man page, --strict-order is about following the<br>
order in which upstream DNS servers appear in /etc/resolv.conf, not in<br>
/etc/dnsmasq.conf.<br></blockquote><div><br></div><div>Hi Albert,</div><div>I'm not sure that it's that clear. At least for 2.73, the man page is conflicted:</div><div><br></div><div><div> -o, --strict-order</div><div> By default, dnsmasq will send queries to any of the upstream</div><div> servers it knows about and tries to favour servers that are</div><div> known to be up. Setting this flag forces dnsmasq to try each</div><div> query with each server strictly in the order they appear in</div><div> /etc/resolv.conf</div></div><div><br></div><div>The first part clearly states that by default it will query "any of the upstream servers it knows about". If you use lines of the form "server=" in the config file, that's a lot more than what you might find in /etc/resolv.conf. Furthermore, that certainly isn't how it works. With "strict-order" enabled, it certainly applies to servers defined in the config file. The issue is that at some point, it applied in forward order, and now, it appears to apply in reverse order.</div><div><br></div><div>Looking at the code, servers from /etc/resolv.conf are not treated especially compared to those from the config file - they all end up in the daemon->servers list.</div><div><br></div><div>Regards,</div><div><br></div><div>Tim</div></div></div></div>