[Dnsmasq-discuss] !strict-order and SERVFAIL
Alexander Clouter
alex at digriz.org.uk
Thu Jan 6 22:18:49 GMT 2011
Hi,
* Simon Kelley <simon at thekelleys.org.uk> [2011-01-06 21:52:48+0000]:
>
> All is behaving as designed. After the first SERVFAIL response, retries
> of the query are being exploded to all four upstream servers. For any
> given query, only two are responding, so dnsmasq is not returning those
> failures, in the hope that is might get a good answer from another
> server. I'm happy that's OK.
>
When initially debugging the problem I only had the IPv4 nameserver
entries in there (as those are the only ones returned through pppd).
When I reported the problem I had added the IPv6 ones.
So even with two DNS servers I see this problem.
> To make this work better, you could ensure that all four upstream
> servers return SERVFAIL, or make them return NXDOMAIN instead.
>
Well, in my original report, I did say the problem fundementally is that
the authoritative servers under my administration for my /48 are not
correctly set up and that is why I am getting SERVFAIL. The upstream
resolvers are my ISP's so I do not get much say in how those behave :)
I understand why dnsmasq is trying all the upstream resolvers (in case
one of them is borkened), but I would have expected that if they all
come back with SERVFAIL that dnsmasq would finally return SERVFAIL as a
response to the client?
More information about the Dnsmasq-discuss
mailing list