[Dnsmasq-discuss] SOA and NS lookup forwarding

Simon Kelley simon at thekelleys.org.uk
Wed Aug 29 21:31:23 BST 2012


On 21/08/12 22:46, Michael Firth wrote:
> Hi,
>
> I seem to have a problem with the way dnsmasq handles requests for
> SOA and NS records for domains I've defined with "server" lines.
>
> I'm based in a satellite office of an international company, and I'm
> using dnsmasq to split the DNS requests from our computers between
> local Internet DNS servers for general Internet requests, and the
> company Active Directory DNS servers for internal lookups. The two
> main reasons for doing this are for resiliency if our connectivity to
> the rest of the company fails, and speed because an in-country
> Internet lookup seems to be significantly quicker than the
> international lookup via the AD servers.
>
> However, if I use "nslookup" to query NS and SOA records for things
> handled by the AD servers, which are filtered using "server=" lines
> in the config, then the results don't match what is returned if I
> point "nslookup" directly at an AD server.
>
> Things usually seem to be OK for the "forward" domains, but always
> just give negative results for the "reverse" domains.
>
> This wouldn't be an issue for most applications, but PowerBroker
> Identity Services (formerly Likewise) has a DNS update tool that (in
> the standard build) relies entirely on being able to get a valid SOA
> record for the AD domains, and this breaks with the current dnsmasq
> behaviour.
>
> Some Google searching turned up this post
> http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2009q4/003405.html
> from 2009, but nothing more recent.
>
> I'm running dnsmasq V2.57, in case the behaviour has changed
> recently.
>
> Thanks in advance for any advice / assistance.
>
> Michael Firth
>
>
>

Do you have --filterwin2k set? That would cause problems with SOA records.

It would be useful  to have some examples of exactly what the queries 
are that fail.


Cheers,

Simon.

>
>
> _______________________________________________ Dnsmasq-discuss
> mailing list Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss




More information about the Dnsmasq-discuss mailing list