[Dnsmasq-discuss] Strange behavior when making the nameserver machine use dnsmasq

richardvoigt at gmail.com richardvoigt at gmail.com
Fri Mar 27 18:56:55 GMT 2009


Can't you use

server=/internal.mycompany.com/135.54.66.254

to deal with those?


Using all nameservers isn't appropriate for those requests anyway.



2009/3/27 Zack Little <zacklitt at hotmail.com>

>  No worries about the shouting.  I appreciate you answering so quickly.
>
> I don't think the scenario you described is going to work for me.  Let me
> explain.  In the test I just ran I had three nameservers: 165.87.13.129,
> 165.87.194.244, 135.54.66.254.
>
> The 165's are Internet servers and 135 is only accessible via a tunnel from
> the device dnsmasq is running on.
>
> I removed the strict order arg and sent a ping to Google from behind the
> device.  As you described dnsmasq "ran the race" and sent the request
> immediately to all three nameservers.  A response was received from
> 165.87.13.129 just barely before one from 135.54.66.254 was received.
>
> The next time I pinged Google (caching is off) the request was only sent to
> 165.87.13.129 (as expected).
>
> The problem is when I try to resolve names that only 135.54.66.254 can
> resolve.  When I ping one of those names again only 165.87.13.129 is used.
> 165.87.13.129 doesn't know about the name so the lookup fails.  dnsmasq
> won't "run the race" again because 165.87.13.129 is responding and therefore
> the query isn't timing out.  135.54.66.254 is never used and therefore I can
> no longer resolve names only 135.54.66.254 knows about.
>
>
> > No, but it provides me with a perfect opportunity for a public service
> > announcement, since this information needs to go to a wider audience.
> >
> > Sorry about the shouting;
> >
> > DON'T USE --STRICT-ORDER
> >
> > Strict-order almost never does what people expect/want it to do, which
> > is to put a priority order on the list of servers in /etc/resolv.conf.
> > It mainly just disrupts dnsmasq's mechanism for dealing with broken or
> > down servers. If I could, I'd remove it. If there is ever dnsmasq-3, it
> > will go.
> >
> >
> > If you remove --strict order, then dnsmasq will send the first query, in
> > parallel, top all the name servers. It will note that first one which
> > provides a good answer, and use just that until a query times-out, when
> > it will "run the race" over all the servers again.
> >
> > BTW My guess is that the behaviour difference you are seeing in how the
> > queries are handled is because the repeated query from 127.0.0.1 doesn't
> > have the same transaction-id as teh first query, so dnsmasq doesn't
> > recognise it as a retry.
> >
> >
> > Cheers,
> >
> > Simon.
> >
> >
>
> ------------------------------
> Windows Live™ SkyDrive: Get 25 GB of free online storage. Check it out.<http://windowslive.com/online/skydrive?ocid=TXT_TAGLM_WL_skydrive_032009>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20090327/d80494ae/attachment.htm


More information about the Dnsmasq-discuss mailing list