[Dnsmasq-discuss] [BUG] Bogus IP address in the syslog messages
Simon Kelley
simon at thekelleys.org.uk
Sat Feb 20 13:19:59 GMT 2010
Sergei Zhirikov wrote:
> Hi,
>
> On of the DHCP clients in my network believes that is has the same
> hostname as the machine where dnsmasq-2.52 is running. That by itself
> is a result of misconfiguration, but the reaction of dnsmasq seems a
> bit odd. I get the following messages in syslog when that client
> tries to renew its lease:
>
>
> The messages about not giving the host name are in principle correct.
> What is odd is that, as you can see, every other time dnsmasq
> mentions IP address 216.230.6.8, which is totally bogus. There is
> nothing in the whole network that even remotely resembles that IP
> address. The content of /etc/hosts is quite trivial:
>
> # hosts 127.0.0.1 localhost 172.23.112.1 wafer.softlights.net wafer
>
> The problem seems to be just cosmetic, but since it is unclear where
> the bogus IP address comes from, it is possible that there is a more
> severe problem (like memory corruption) is hiding behind it.
>
> I'm wondering if anyone can reproduce this phenomenon.
>
>
What you are seeing is consistent with there being two address entries
for wafer.local.softlights.net in the DNS cache. You see different
addresses each time because the order gets swapped on each lookup (to
implement round-robin) and the DHCP code logs that message and bails on
the first entry it finds.
That's not a complete explanation (where did the 216.230.6.8 address
come from?) but it's a bit less scary than a memory corruption.
Try a test query using dig for wafer.local.softlights.net, I suspect you
will see both addresses returned.
Now try restarting dnsmasq and repeating the dig query. If you get the
same result you must have some obscure configuration hidden away
somewhere (--addn-hosts?) If the problem has cleared then we have a
mystery to solve.
Cheers,
Simon.
More information about the Dnsmasq-discuss
mailing list