[Dnsmasq-discuss] Caching issue question

Simon Kelley simon at thekelleys.org.uk
Fri May 18 11:14:50 BST 2012


On 18/05/12 10:14, Nick wrote:
> Hi,
> I will provide a little bit more debug output. We are using Ubuntu
> 11.10, so I rebuild the Ubuntu 12.04 package for Ubuntu 11.10.
> 
> Here is the current config which we use for dnsmasq (without defaults):
> 
> """
> domain-needed
> resolv-file=/etc/dnsmasq.upstreams
> strict-order
> listen-address=127.0.0.1
> no-dhcp-interface=127.0.0.1
> bind-interfaces
> no-hosts
> cache-size=300
> """
> 
> Here is the log output of dnsmasq (syslog) when I do alternating queries
> with dig and enabled logging:
> 
> <restarted dnsmasq before to clear cache; TTL is 60 seconds; doing "dig
> session-storage.fd.corp" and "dig AAAA session-storage.fd.corp">
> """
> May 18 12:08:05 pzk-node-9 dnsmasq[1367]: query[A]
> session-storage.fd.corp from 127.0.0.1
> May 18 12:08:05 pzk-node-9 dnsmasq[1367]: forwarded
> session-storage.fd.corp to 10.193.3.133
> May 18 12:08:05 pzk-node-9 dnsmasq[1367]: reply session-storage.fd.corp
> is <CNAME>
> May 18 12:08:05 pzk-node-9 dnsmasq[1367]: reply cb-node-1.poz.fd.corp is
> 10.190.2.1
> 
> # now doing a AAAA request
> May 18 12:08:08 pzk-node-9 dnsmasq[1367]: query[AAAA]
> session-storage.fd.corp from 127.0.0.1
> May 18 12:08:08 pzk-node-9 dnsmasq[1367]: cached session-storage.fd.corp
> is <CNAME>
> # why is CNAME cached for the first AAAA query?

CNAMES are for a domain, not for a type of query, dnsmasq has cached
that session-storage.fd.corp is a CNAME for cb-node-1.poz.fd.corp, hence
this line. But then it finds it has no AAAA record cached for
cb-node-1.poz.fd.corp, so it forwards the query anyway, and gets.
> 
> May 18 12:08:08 pzk-node-9 dnsmasq[1367]: forwarded
> session-storage.fd.corp to 10.193.3.133
> May 18 12:08:08 pzk-node-9 dnsmasq[1367]: reply session-storage.fd.corp
> is NODATA-IPv6

session-storage.fd.corp has no value for AAAA. This is WRONG, if an A
query for session-storage.fd.corp returns a CNAME, then an AAAA query
should return a CNAME too. If there's no AAAA record, it should be for
cb-node-1.poz.fd.corp.


> 
> # now doing again A request
> May 18 12:08:11 pzk-node-9 dnsmasq[1367]: query[A]
> session-storage.fd.corp from 127.0.0.1
> May 18 12:08:11 pzk-node-9 dnsmasq[1367]: forwarded
> session-storage.fd.corp to 10.193.3.133
> May 18 12:08:11 pzk-node-9 dnsmasq[1367]: reply session-storage.fd.corp
> is <CNAME>
> May 18 12:08:11 pzk-node-9 dnsmasq[1367]: reply cb-node-1.poz.fd.corp is
>  
> # it got forwarded, but it should be in cache (first request was on
> 12:08:05)
Because the NODATA reply for session-storage.fd.corp removed the CNAME
from the cache.

> 
> # doing same stuff again
> May 18 12:08:14 pzk-node-9 dnsmasq[1367]: query[AAAA]
> session-storage.fd.corp from 127.0.0.1
> May 18 12:08:14 pzk-node-9 dnsmasq[1367]: cached session-storage.fd.corp
> is <CNAME>
> May 18 12:08:14 pzk-node-9 dnsmasq[1367]: forwarded
> session-storage.fd.corp to 10.193.3.133
> May 18 12:08:14 pzk-node-9 dnsmasq[1367]: reply session-storage.fd.corp
> is NODATA-IPv6
> May 18 12:08:17 pzk-node-9 dnsmasq[1367]: query[A]
> session-storage.fd.corp from 127.0.0.1
> May 18 12:08:17 pzk-node-9 dnsmasq[1367]: forwarded
> session-storage.fd.corp to 10.193.3.133
> May 18 12:08:17 pzk-node-9 dnsmasq[1367]: reply session-storage.fd.corp
> is <CNAME>
> May 18 12:08:17 pzk-node-9 dnsmasq[1367]: reply cb-node-1.poz.fd.corp is
> 10.190.2.1
> """
> 
> I hope that helps.
> 

So I think this is DNS misconfiguration upstream, the A query returns

session-storage.fd.corp   CNAME  cb-node-1.poz.fd.corp
cb-node-1.poz.fd.corp     A      10.190.2.1


and the AAAA query SHOULD return

session-storage.fd.corp   CNAME  cb-node-1.poz.fd.corp

but it's in fact returning no data for session-storage.fd.corp


If I'm wrong, someone will no doubt be along soon to tell me why.


Simon.






More information about the Dnsmasq-discuss mailing list