[Dnsmasq-discuss] Caching issue question
Simon Kelley
simon at thekelleys.org.uk
Fri May 18 11:14:50 BST 2012
On 18/05/12 10:14, Nick wrote:
> Hi,
> I will provide a little bit more debug output. We are using Ubuntu
> 11.10, so I rebuild the Ubuntu 12.04 package for Ubuntu 11.10.
>
> Here is the current config which we use for dnsmasq (without defaults):
>
> """
> domain-needed
> resolv-file=/etc/dnsmasq.upstreams
> strict-order
> listen-address=127.0.0.1
> no-dhcp-interface=127.0.0.1
> bind-interfaces
> no-hosts
> cache-size=300
> """
>
> Here is the log output of dnsmasq (syslog) when I do alternating queries
> with dig and enabled logging:
>
> <restarted dnsmasq before to clear cache; TTL is 60 seconds; doing "dig
> session-storage.fd.corp" and "dig AAAA session-storage.fd.corp">
> """
> May 18 12:08:05 pzk-node-9 dnsmasq[1367]: query[A]
> session-storage.fd.corp from 127.0.0.1
> May 18 12:08:05 pzk-node-9 dnsmasq[1367]: forwarded
> session-storage.fd.corp to 10.193.3.133
> May 18 12:08:05 pzk-node-9 dnsmasq[1367]: reply session-storage.fd.corp
> is <CNAME>
> May 18 12:08:05 pzk-node-9 dnsmasq[1367]: reply cb-node-1.poz.fd.corp is
> 10.190.2.1
>
> # now doing a AAAA request
> May 18 12:08:08 pzk-node-9 dnsmasq[1367]: query[AAAA]
> session-storage.fd.corp from 127.0.0.1
> May 18 12:08:08 pzk-node-9 dnsmasq[1367]: cached session-storage.fd.corp
> is <CNAME>
> # why is CNAME cached for the first AAAA query?
CNAMES are for a domain, not for a type of query, dnsmasq has cached
that session-storage.fd.corp is a CNAME for cb-node-1.poz.fd.corp, hence
this line. But then it finds it has no AAAA record cached for
cb-node-1.poz.fd.corp, so it forwards the query anyway, and gets.
>
> May 18 12:08:08 pzk-node-9 dnsmasq[1367]: forwarded
> session-storage.fd.corp to 10.193.3.133
> May 18 12:08:08 pzk-node-9 dnsmasq[1367]: reply session-storage.fd.corp
> is NODATA-IPv6
session-storage.fd.corp has no value for AAAA. This is WRONG, if an A
query for session-storage.fd.corp returns a CNAME, then an AAAA query
should return a CNAME too. If there's no AAAA record, it should be for
cb-node-1.poz.fd.corp.
>
> # now doing again A request
> May 18 12:08:11 pzk-node-9 dnsmasq[1367]: query[A]
> session-storage.fd.corp from 127.0.0.1
> May 18 12:08:11 pzk-node-9 dnsmasq[1367]: forwarded
> session-storage.fd.corp to 10.193.3.133
> May 18 12:08:11 pzk-node-9 dnsmasq[1367]: reply session-storage.fd.corp
> is <CNAME>
> May 18 12:08:11 pzk-node-9 dnsmasq[1367]: reply cb-node-1.poz.fd.corp is
>
> # it got forwarded, but it should be in cache (first request was on
> 12:08:05)
Because the NODATA reply for session-storage.fd.corp removed the CNAME
from the cache.
>
> # doing same stuff again
> May 18 12:08:14 pzk-node-9 dnsmasq[1367]: query[AAAA]
> session-storage.fd.corp from 127.0.0.1
> May 18 12:08:14 pzk-node-9 dnsmasq[1367]: cached session-storage.fd.corp
> is <CNAME>
> May 18 12:08:14 pzk-node-9 dnsmasq[1367]: forwarded
> session-storage.fd.corp to 10.193.3.133
> May 18 12:08:14 pzk-node-9 dnsmasq[1367]: reply session-storage.fd.corp
> is NODATA-IPv6
> May 18 12:08:17 pzk-node-9 dnsmasq[1367]: query[A]
> session-storage.fd.corp from 127.0.0.1
> May 18 12:08:17 pzk-node-9 dnsmasq[1367]: forwarded
> session-storage.fd.corp to 10.193.3.133
> May 18 12:08:17 pzk-node-9 dnsmasq[1367]: reply session-storage.fd.corp
> is <CNAME>
> May 18 12:08:17 pzk-node-9 dnsmasq[1367]: reply cb-node-1.poz.fd.corp is
> 10.190.2.1
> """
>
> I hope that helps.
>
So I think this is DNS misconfiguration upstream, the A query returns
session-storage.fd.corp CNAME cb-node-1.poz.fd.corp
cb-node-1.poz.fd.corp A 10.190.2.1
and the AAAA query SHOULD return
session-storage.fd.corp CNAME cb-node-1.poz.fd.corp
but it's in fact returning no data for session-storage.fd.corp
If I'm wrong, someone will no doubt be along soon to tell me why.
Simon.
More information about the Dnsmasq-discuss
mailing list