[Dnsmasq-discuss] localise-queries not working correctly
Simon Kelley
simon at thekelleys.org.uk
Wed Feb 29 16:36:15 GMT 2012
On 29/02/12 13:57, John Hanks wrote:
> I posted about similar behavior with subnets carved from the class A
> 10.*.*.* several days ago:
> http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2012q1/005525.html
>
> In my case I am using 2.59 and dnsmasq returns all addresses in
> 10.0.0.0/8 when queried from itself to any of its interfaces in
> 10.*.*.* even though the interfaces themselves are all /16. Queries
> from hosts other than the dnsmasq host to any of these /16 interfaces
> return the correct results.
>
> jbh
>
> On Wed, Feb 29, 2012 at 6:47 AM, Lorenzo Milesi<maxxer at ufficyo.com> wrote:
>>> I just checked, and it's working here. What dnsmasq version are you
>>> using?
>>
>> Dnsmasq version 2.35
>>
>> I'm still on debian 4 on this host.
>>
>> thanks!
>>
>> _______________________________________________
>> Dnsmasq-discuss mailing list
>> Dnsmasq-discuss at lists.thekelleys.org.uk
>> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
OK, I think I just found an interesting problem that could be affecting
this. I don't have the time to wade through the descriptions you've both
posted of your systems, and there may not be enough information anyway,
so I'll try and explain what's going on and you can judge if it's
applicable.
the algorithm for localisation is
get set of answers S
if (any member if S is in the subnet
of the interface the query was
sent to)
then return (only members of S which are
in the subnet)
The wrinkle is that to determine the subnet, you need a netmask, and the
netmask dnsmasq is using is the netmask of the interface the query was
received on, not the one it was send to.
So, for instance I have a set of /24s 192.168.x.y on my central server,
and the central server's name has an address 192.168.x.1 on each subnet.
Sending queries to the central server at 192.168.1.1 returns the single
address for the server - OK.
But running the same query to the same address on the server gets all
the addreses. That's because the query is routed over the lo interface
which has netmask 255.0.0.0. Doing the subnet tests above with netmask
255.0.0.0 yields all the addresses, since they are all in 192.x.y.z
(Actually, reading Lorenzo's description, I think this exactly what he's
seeing, I;'m not sure about John.)
Fixing this problem will be, erm, interesting.
Am I on the right lines here?
Simon.
More information about the Dnsmasq-discuss
mailing list