[Dnsmasq-discuss] Two questions about the cache and how dnsmasq forwards queries

Simon Kelley simon at thekelleys.org.uk
Tue Feb 16 09:47:31 GMT 2010 

SamLT wrote:
>> So there's your problem, the TTL of the first CNAME in the chain is zero,
>>
>> www.google.com.         0       IN      CNAME   www.l.google.com.>
>>
>>
>> Strange, when I do the same thing (via my ISPs server) I get
>> ;; ANSWER SECTION:
>> www.google.com.		9620	IN	CNAME	www.l.google.com.
>> www.l.google.com.	220	IN	CNAME	www-tmmdi.l.google.com.
>> www-tmmdi.l.google.com.	53	IN	A	66.102.9.99
>>
>> Maybe your ISPs DNS server is playing games?
> 
> 
>> A nameserver which takes less than three seconds to answer would
>> solve all your problems. If that's caused by latency in the link to
>> your ISP, traffic shaping will help a lot. If the problem is with
>> the server (and it's messing with TTLs too), then either shout at
>> your ISP or maybe use openDNS or Google's public DNS service?
>>
>>
> 
> I think my ISP also REDIRECTs DNS traffic to their nameservers, since, I
> get the same result using google public dns service. (and this doesn't
> happen @home with an other ISP).
> 
> Well, this is going to be... fun!
> 
> One bonus question though: how come they're able to modify the TTL of some
> CNAMEs? Is that a bug or... a feature (of some software)?
> 
> The only thing I've been able to find is a message in the namedroppers ML
> statuing CNAME TTL should probably be equal to DNAME TTL...
> http://www.ops.ietf.org/lists/namedroppers/namedroppers.2007/msg00089.html
> 
> 
> 
> As an additionnal hint, when using tcp queries, I get 'normal' CNAME TTL:
> 	dig @66.178.2.25 www.google.com | grep CNAME
> 	www.google.com.         0       IN      CNAME   www.l.google.com.
> 
> 	dig @66.178.2.25 www.google.com +tcp | grep CNAME
> 	www.google.com.         603696  IN      CNAME   www.l.google.com.
> 
> but it only works when using other nameservers than those of my ISP, so I
> guess the problem is on my ISP nameservers and they only redirect udp
> port 53 traffic to them. Does it sounds realistic?

Very realistic. I can see why an ISP would make all traffic for port 53 
go to their nameservers (to reduce external traffic) and I can see that 
they might forget/omit to redirect TCP. I don't understand why they 
would mess with CNAME TTLs, but there's no reason why software to do it 
couldn't be written.

Cheers,

Simon.

More information about the Dnsmasq-discuss mailing list