<div><div><span style="font-family:-apple-system,"Helvetica Neue";font-size:16px;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:1px;text-decoration:none;float:none;display:inline!important;background-color:rgba(0,0,0,0);border-color:rgb(49,49,49);color:rgb(49,49,49)">Hi,</span><div style="font-family:-apple-system,"Helvetica Neue";font-size:16px;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:1px;text-decoration:none;background-color:rgba(0,0,0,0);border-color:rgb(49,49,49);color:rgb(49,49,49)"><br></div><div style="font-family:-apple-system,"Helvetica Neue";font-size:1rem;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:1px;text-decoration:none;background-color:rgba(0,0,0,0);border-color:rgb(49,49,49);color:rgb(49,49,49)">I encountered the following issue and would like some guidance on a solution. My dnsmasq config looks like the following:</div><div style="font-family:-apple-system,"Helvetica Neue";font-size:16px;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:1px;text-decoration:none;background-color:rgba(0,0,0,0);border-color:rgb(49,49,49);color:rgb(49,49,49)"><br></div><div style="font-family:-apple-system,"Helvetica Neue";font-size:1rem;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:1px;text-decoration:none;background-color:rgba(0,0,0,0);border-color:rgb(49,49,49);color:rgb(49,49,49)">listen-address=127.0.0.1</div><div style="font-family:-apple-system,"Helvetica Neue";font-size:1rem;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:1px;text-decoration:none;background-color:rgba(0,0,0,0);border-color:rgb(49,49,49);color:rgb(49,49,49)">synth-domain=<a href="http://custom-domain.com" style="font-family:-apple-system,"Helvetica Neue";font-size:1rem;background-color:rgba(0,0,0,0);border-color:rgb(66,133,244);color:rgb(66,133,244)" target="_blank">custom.domain</a>,<a href="http://10.0.0.0/16,ip-" style="font-family:-apple-system,"Helvetica Neue";font-size:1rem;background-color:rgba(0,0,0,0);border-color:rgb(66,133,244);color:rgb(66,133,244)" target="_blank">10.0.0.0/16,ip-</a></div><div style="font-family:-apple-system,"Helvetica Neue";font-size:16px;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:1px;text-decoration:none;background-color:rgba(0,0,0,0);border-color:rgb(49,49,49);color:rgb(49,49,49)"><br></div><div dir="auto" style="font-family:-apple-system,"Helvetica Neue";font-size:1rem;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:1px;text-decoration:none;background-color:rgba(0,0,0,0);border-color:rgb(49,49,49);color:rgb(49,49,49)">The servers associated with the 'ip-*.custom.domain' custom domains do not have ipv6 addresses associated with them so we cannot configure the synth domain for ipv6 addresses. Now when I do a 'nslookup <a href="http://ip-10-0-0-16-custom-domain.com/" style="font-family:-apple-system,"Helvetica Neue";font-size:1rem;background-color:rgba(0,0,0,0);border-color:rgb(66,133,244);color:rgb(66,133,244)" target="_blank">ip-10-0-0-16-custom.domain</a>', it seems like dnsmasq does the following:</div><div dir="auto" style="font-family:-apple-system,"Helvetica Neue";font-size:16px;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:1px;text-decoration:none;background-color:rgba(0,0,0,0);border-color:rgb(49,49,49);color:rgb(49,49,49)"><br></div><div dir="auto" style="font-family:-apple-system,"Helvetica Neue";font-size:1rem;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:1px;text-decoration:none;background-color:rgba(0,0,0,0);border-color:rgb(49,49,49);color:rgb(49,49,49)">1. Dnsmasq tries to resolve the domain for ipv4:<span style="font-family:-apple-system,"Helvetica Neue""> </span><a href="http://ip-10-0-0-16-custom-domain.com" style="font-family:-apple-system,"Helvetica Neue";font-size:1rem;background-color:rgba(0,0,0,0);border-color:rgb(66,133,244);color:rgb(66,133,244)" target="_blank">ip-10-0-0-16-custom.domain</a> and it will return 10.0.0.16 due to the synth-domain config. </div><div dir="auto" style="font-family:-apple-system,"Helvetica Neue";font-size:1rem;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:1px;text-decoration:none;background-color:rgba(0,0,0,0);border-color:rgb(49,49,49);color:rgb(49,49,49)">2. Dnsmasq will also try to resolve the domain for ipv6. It will forward the query to an upstream nameserver which will return NXDOMAIN (since we do not configure the upstream nameservers to return ipv4 or ipv6 addresses for any of the custom domains). It seems like dnsmasq will then cache NXDOMAIN for both ipv4 and ipv6 queries. As a result, any subsequent ipv4 queries for this domain will result in NXDOMAIN rather than using the value returned from our synth-domain config.</div><div dir="auto" style="font-family:-apple-system,"Helvetica Neue";font-size:16px;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:1px;text-decoration:none;background-color:rgba(0,0,0,0);border-color:rgb(49,49,49);color:rgb(49,49,49)"><br></div><div dir="auto" style="font-family:-apple-system,"Helvetica Neue";font-size:1rem;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:1px;text-decoration:none;background-color:rgba(0,0,0,0);border-color:rgb(49,49,49);color:rgb(49,49,49)">I have the following questions:</div><div dir="auto" style="font-family:-apple-system,"Helvetica Neue";font-size:1rem;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:1px;text-decoration:none;background-color:rgba(0,0,0,0);border-color:rgb(49,49,49);color:rgb(49,49,49)">1. Currently, is there a way we can configure dnsmasq to resolve to NODATA for ipv6 when an ipv4 synth-domain config is present even though the ipv6 resolution might be NXDOMAIN? I have tried using the '--no-negcache' option which solves this issue. However, we do not want to disable negative caching as it could increase outbound network activity greatly.</div><div style="font-family:-apple-system,"Helvetica Neue";font-size:1rem;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:1px;text-decoration:none;background-color:rgba(0,0,0,0);border-color:rgb(49,49,49);color:rgb(49,49,49)">2. Is this issue expected? If not, can we have a fix for this?</div></div>
</div>