[Dnsmasq-discuss] problems resolving *.yahoo.com

Charles Hastings chahast@pangaea.dhs.org
Sat, 4 Dec 2004 23:21:41 -0800 (PST)


Lately, I've been experiencing a intermittant problem when looking up
hostnames from yahoo.com.  Sometimes, when querying *.yahoo.com through
dnsmasq, a "server error" is returned.  Querying the name server that
dnsmasq relays to works as expected.

The problem is resolved by waiting a while, or restarting dnsmasq.

Here's what happens when I try to look up www.yahoo.com:

root@fw:~# host www.yahoo.com localhost
Using domain server:
Name: localhost
Address: 127.0.0.1#53
Aliases:
Host www.yahoo.com not found: 2(SERVFAIL)

Here's the (hopefully relevant) tcpdump looking at the internet-facing 
interface as the query fails:

root@fw:~# tcpdump -i eth0 port 53
tcpdump: listening on eth0 
22:33:28.912910 myip.comcast.net.32775 > ns2.attbi.com.domain: 63736+ A? www.yahoo.com. (31) (DF)
22:33:28.914739 myip.comcast.net.32784 > ns2.attbi.com.domain: 59850+ PTR? 68.227.148.216.in-addr.arpa. (45) (DF)
22:33:28.926525 ns2.attbi.com.domain > myip.comcast.net.32775: 63736 ServFail 0/0/0 (31) (DF)
22:33:28.931632 ns2.attbi.com.domain > myip.comcast.net.32784: 59850 1/4/4 (219) (DF)
22:33:28.932537 myip.comcast.net.32784 > ns2.attbi.com.domain: 59851+ PTR? 142.114.7.24.in-addr.arpa. (43) (DF)
22:33:32.181733 ns2.attbi.com.domain > myip.comcast.net.32784: 59851* 1/6/6 (325) (DF)

Here's what a successful query looks like:

22:55:02.615087 myip.comcast.net.32791 > ns2.attbi.com.domain:  57249+ A? www.yahoo.com. (31) (DF)
22:55:02.616736 myip.comcast.net.32794 > ns2.attbi.com.domain:  52632+ PTR? 68.227.148.216.in-addr.arpa. (45) (DF)
22:55:02.629393 ns2.attbi.com.domain > myip.comcast.net.32791:  57249 9/11/6 CNAME[|domain] (DF)
22:55:02.635761 ns2.attbi.com.domain > myip.comcast.net.32794:  52632 1/4/4 (219) (DF)
22:55:02.636566 myip.comcast.net.32794 > ns2.attbi.com.domain:  52633+ PTR? 142.114.7.24.in-addr.arpa. (43) (DF)
22:55:02.650411 ns2.attbi.com.domain > myip.comcast.net.32794:  52633 1/6/6 (300) (DF)

(the last two lines of each packet capture appear to be me doing a 
reverse lookup on my own IP)

I'm running dnsmasq 2.18, invoked with "dnsmasq -N" and using the default
config file.

Any suggestions?  I can't figure out what's going on...

thanks,

--charles hastings
  chahast AT pangaea.DHS.org
  http://pangaea.DHS.org/