<div dir="ltr">Thank you Simon for the follow-up.<div><br></div><div>I use dnsmasq on a Ubiquity Edge router (ER-4), the version is </div><div><br></div><div>root@ubnt:~# dnsmasq --version<br>Dnsmasq version 2.78-23-g9e09429 Copyright (c) 2000-2017 Simon Kelley<br>Compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth DNSSEC loop-detect inotify<br></div><div><br></div><div>I tried to query the A and AAAA record for a host which is part of my internal domain, defined though a wildcard:</div><div>address=/<a href="http://swtk.info/192.168.10.2">swtk.info/192.168.10.2</a><br></div><div><br></div><div>The requests are</div><div><br></div><div>root@srv ~# dig -t A <a href="http://mqtt.swtk.info">mqtt.swtk.info</a><br><br>; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> -t A <a href="http://mqtt.swtk.info">mqtt.swtk.info</a><br>;; global options: +cmd<br>;; Got answer:<br>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56145<br>;; flags: qr aa rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0<br><br>;; QUESTION SECTION:<br>;<a href="http://mqtt.swtk.info">mqtt.swtk.info</a>. IN A<br><br>;; ANSWER SECTION:<br><a href="http://mqtt.swtk.info">mqtt.swtk.info</a>. 0 IN A 192.168.10.2<br><br>;; Query time: 0 msec<br>;; SERVER: 192.168.10.1#53(192.168.10.1)<br>;; WHEN: Thu Aug 05 17:53:12 CEST 2021<br>;; MSG SIZE rcvd: 48<br></div><div><br></div><div>→ this is a correct answer, A is present and status is NOERROR</div><div><br></div><div>root@srv ~# dig -t AAAA <a href="http://mqtt.swtk.info">mqtt.swtk.info</a><br><br>; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> -t AAAA <a href="http://mqtt.swtk.info">mqtt.swtk.info</a><br>;; global options: +cmd<br>;; Got answer:<br>;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15102<br>;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0<br><br>;; QUESTION SECTION:<br>;<a href="http://mqtt.swtk.info">mqtt.swtk.info</a>. IN AAAA<br><br>;; Query time: 0 msec<br>;; SERVER: 192.168.10.1#53(192.168.10.1)<br>;; WHEN: Thu Aug 05 17:53:17 CEST 2021<br>;; MSG SIZE rcvd: 32<br></div><div><br></div><div>This is an incorrect answer: the AAAA record does not exist and the status is NXDOMAIN instead of NODATA</div><div><br></div><div>The relevant logs are:</div><div><br></div><div>Aug 5 17:52:24 dnsmasq[1007]: started, version 2.78-23-g9e09429 cachesize 150<br>Aug 5 17:52:24 dnsmasq[1007]: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth DNSSEC loop-detect inotify<br>Aug 5 17:52:24 dnsmasq-dhcp[1007]: DHCP, IP range 192.168.2.30 -- 192.168.2.50, lease time 1d<br>Aug 5 17:52:24 dnsmasq-dhcp[1007]: DHCP, IP range 192.168.10.50 -- 192.168.10.254, lease time 1d<br>Aug 5 17:52:24 dnsmasq[1007]: using nameserver 1.1.1.1#53 for domain <a href="http://orange.fr">orange.fr</a><br>Aug 5 17:52:24 dnsmasq[1007]: using nameserver 8.8.4.4#53<br>Aug 5 17:52:24 dnsmasq[1007]: using nameserver 1.1.1.1#53<br>Aug 5 17:52:24 dnsmasq[1007]: using nameserver 1.0.0.1#53<br>Aug 5 17:52:24 dnsmasq[1007]: using local addresses only for domain <a href="http://swtk.info">swtk.info</a><br>Aug 5 17:52:24 dnsmasq[1007]: using local addresses only for domain 10.168.192.in-addr.arpa<br>Aug 5 17:52:24 dnsmasq[1007]: read /etc/hosts - 8 addresses<br>Aug 5 17:52:32 dnsmasq[1007]: query[AAAA] <a href="http://mqtt.swtk.info">mqtt.swtk.info</a> from 192.168.10.2<br>Aug 5 17:52:32 dnsmasq[1007]: config <a href="http://mqtt.swtk.info">mqtt.swtk.info</a> is NXDOMAIN<br>Aug 5 17:52:32 dnsmasq[1007]: query[A] <a href="http://mqtt.swtk.info">mqtt.swtk.info</a> from 192.168.10.2<br>Aug 5 17:52:32 dnsmasq[1007]: config <a href="http://mqtt.swtk.info">mqtt.swtk.info</a> is 192.168.10.2<br>Aug 5 17:52:32 dnsmasq[1007]: query[AAAA] <a href="http://mqtt.swtk.info">mqtt.swtk.info</a> from 192.168.10.2<br>Aug 5 17:52:32 dnsmasq[1007]: config <a href="http://mqtt.swtk.info">mqtt.swtk.info</a> is NXDOMAIN<br>Aug 5 17:52:32 dnsmasq[1007]: query[A] <a href="http://mqtt.swtk.info">mqtt.swtk.info</a> from 192.168.10.2<br>Aug 5 17:52:32 dnsmasq[1007]: config <a href="http://mqtt.swtk.info">mqtt.swtk.info</a> is 192.168.10.2<br>Aug 5 17:52:33 dnsmasq[1007]: query[A] <a href="http://mqtt.swtk.info">mqtt.swtk.info</a> from 192.168.10.2<br>Aug 5 17:52:33 dnsmasq[1007]: config <a href="http://mqtt.swtk.info">mqtt.swtk.info</a> is 192.168.10.2<br>Aug 5 17:52:33 dnsmasq[1007]: query[AAAA] <a href="http://mqtt.swtk.info">mqtt.swtk.info</a> from 192.168.10.2<br>Aug 5 17:52:33 dnsmasq[1007]: config <a href="http://mqtt.swtk.info">mqtt.swtk.info</a> is NXDOMAIN<br>Aug 5 17:52:33 dnsmasq[1007]: query[AAAA] <a href="http://mqtt.swtk.info">mqtt.swtk.info</a> from 192.168.10.2<br>Aug 5 17:52:33 dnsmasq[1007]: config <a href="http://mqtt.swtk.info">mqtt.swtk.info</a> is NXDOMAIN<br>Aug 5 17:52:33 dnsmasq[1007]: query[A] <a href="http://mqtt.swtk.info">mqtt.swtk.info</a> from 192.168.10.2<br>Aug 5 17:52:33 dnsmasq[1007]: config <a href="http://mqtt.swtk.info">mqtt.swtk.info</a> is 192.168.10.2<br>Aug 5 17:52:33 dnsmasq[1007]: query[AAAA] <a href="http://mqtt.swtk.info">mqtt.swtk.info</a> from 192.168.10.2<br>Aug 5 17:52:33 dnsmasq[1007]: config <a href="http://mqtt.swtk.info">mqtt.swtk.info</a> is NXDOMAIN<br>Aug 5 17:52:33 dnsmasq[1007]: query[A] <a href="http://mqtt.swtk.info">mqtt.swtk.info</a> from 192.168.10.2<br>Aug 5 17:52:33 dnsmasq[1007]: config <a href="http://mqtt.swtk.info">mqtt.swtk.info</a> is 192.168.10.2<br></div><div><br></div><div><br></div><div>Would anything else be of interest?</div><div><br></div><div>Thank you!</div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">Le jeu. 5 août 2021 à 17:09, Simon Kelley <<a href="mailto:simon@thekelleys.org.uk">simon@thekelleys.org.uk</a>> a écrit :<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">There's lots of code in dnsmasq which tries to get this right.<br>
<br>
eg.<br>
<br>
forward AAAA upstream<br>
upstream replies with NXDOMAIN<br>
dnsmasq checks if it knows data for other record types like A and if so<br>
rewrites NXDOMAIN to NODATA.<br>
<br>
TLDR; We though of this, and we think it works correctly. If you've<br>
found a specific case where it isn't working, we'll need more<br>
information on exactly what that case is, and what version of dnsmasq<br>
you're running.<br>
<br>
Setting --log-queries, demonstrating the problem, then sending the logs,<br>
would be a good start.<br>
<br>
<br>
cheers,<br>
<br>
Simon.<br>
<br>
<br>
On 04/08/2021 20:42, Wojtek Swiatek wrote:<br>
> Hello everyone<br>
> <br>
> I noticed that my dnsmasq server is sending an NXDOMAIN instead of<br>
> a NODATA when I query it for AAAA records it does not have.<br>
> <br>
> This is, I believe, not the correct behaviour<br>
> (<a href="https://datatracker.ietf.org/doc/html/rfc2308" rel="noreferrer" target="_blank">https://datatracker.ietf.org/doc/html/rfc2308</a><br>
> <<a href="https://datatracker.ietf.org/doc/html/rfc2308" rel="noreferrer" target="_blank">https://datatracker.ietf.org/doc/html/rfc2308</a>> - see 1 Terminology →<br>
> NODATA) and that response breaks queries that otherwise would have tried<br>
> the A record. See for<br>
> instance <a href="https://kc.mcafee.com/corporate/index?page=content&id=KB73433&actp=LIST" rel="noreferrer" target="_blank">https://kc.mcafee.com/corporate/index?page=content&id=KB73433&actp=LIST</a><br>
> <<a href="https://kc.mcafee.com/corporate/index?page=content&id=KB73433&actp=LIST" rel="noreferrer" target="_blank">https://kc.mcafee.com/corporate/index?page=content&id=KB73433&actp=LIST</a>><br>
> <br>
> As a workaround: is there a way to automatically populate AAAA<br>
> records together with the A ones (from DHCP)?<br>
> <br>
> _______________________________________________<br>
> Dnsmasq-discuss mailing list<br>
> <a href="mailto:Dnsmasq-discuss@lists.thekelleys.org.uk" target="_blank">Dnsmasq-discuss@lists.thekelleys.org.uk</a><br>
> <a href="https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss" rel="noreferrer" target="_blank">https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss</a><br>
> <br>
<br>
_______________________________________________<br>
Dnsmasq-discuss mailing list<br>
<a href="mailto:Dnsmasq-discuss@lists.thekelleys.org.uk" target="_blank">Dnsmasq-discuss@lists.thekelleys.org.uk</a><br>
<a href="https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss" rel="noreferrer" target="_blank">https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss</a><br>
</blockquote></div>