[Dnsmasq-discuss] SOA and NS lookup forwarding

Michael Firth mfirth at nevion.com
Tue Aug 21 22:46:10 BST 2012


Hi,

I seem to have a problem with the way dnsmasq handles requests for SOA and NS records for domains I've defined with "server" lines.

I'm based in a satellite office of an international company, and I'm using dnsmasq to split the DNS requests from our computers between local Internet DNS servers for general Internet requests, and the company Active Directory DNS servers for internal lookups. The two main reasons for doing this are for resiliency if our connectivity to the rest of the company fails, and speed because an in-country Internet lookup seems to be significantly quicker than the international lookup via the AD servers.

However, if I use "nslookup" to query NS and SOA records for things handled by the AD servers, which are filtered using "server=" lines in the config, then the results don't match what is returned if I point "nslookup" directly at an AD server.

Things usually seem to be OK for the "forward" domains, but always just give negative results for the "reverse" domains.

This wouldn't be an issue for most applications, but PowerBroker Identity Services (formerly Likewise) has a DNS update tool that (in the standard build) relies entirely on being able to get a valid SOA record for the AD domains, and this breaks with the current dnsmasq behaviour.

Some Google searching turned up this post http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2009q4/003405.html from 2009, but nothing more recent.

I'm running dnsmasq V2.57, in case the behaviour has changed recently.

Thanks in advance for any advice / assistance.

Michael Firth

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20120821/5eda52c7/attachment.html>


More information about the Dnsmasq-discuss mailing list