[Dnsmasq-discuss] Forwarded TCP queries not obeying --server=/domain/server arguments
Simon Kelley
simon at thekelleys.org.uk
Fri Dec 7 12:02:04 GMT 2012
On 07/12/12 10:33, Hollett, Nicholas wrote:
> In upgrading from 2.49 to 2.62, TCP queries which are received are
> blindly forwarded to the default server, not the one defined for the
> specific domain specified using --server arguments to dnsmasq. See the
> below output:
>
> # dnsmasq -d -q -a 172.16.0.1 --server=/zoidberg.internal/172.16.0.30
> <http://172.16.0.30>
>
>
> dnsmasq: started, version 2.62 cachesize 150
> dnsmasq: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6
> no-Lua TFTP conntrack
> dnsmasq: using nameserver 172.16.0.30#53 for domain zoidberg.internal
> dnsmasq: reading /etc/resolv.conf
> dnsmasq: using nameserver 192.168.137.8#53
> dnsmasq: using nameserver 172.16.0.30#53 for domain zoidberg.internal
> dnsmasq: read /etc/hosts - 8 addresses
> dnsmasq: forwarded query to 192.168.137.8
>
> This happens when requesting using dig:
> # dig @172.16.0.1 <http://172.16.0.1> +tcp _ldap._tcp.zoidberg.internal SRV
> which then fails to return anything because the upstream DNS doesn't
> know about zoidberg.internal. However, when removing the +tcp option:
>
> dnsmasq: query[SRV] _ldap._tcp.zoidberg.internal from 172.16.0.1
> dnsmasq: forwarded _ldap._tcp.zoidberg.internal to 172.16.0.30
>
> and I get the correct result in dig.
>
> This configuration was working fine with dnsmasq 2.49.
>
> Kind regards,
> Niax
>
Ok, this caused a certain amount of confusion, and nearly got sent back
as "works for me". It turns out that it works fine for A and AAAA
queries. To see the problem you have to use TCP _and_ the query has to
be for a record type other and A or AAAA.
http://www.thekelleys.org.uk/dnsmasq/test-releases/dnsmasq-2.65test2.tar.gz
should fix things. If you want to backport the fix to a stable release,
it's tiny and easy, the change is here:
http://www.thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=ee86ce68fc6ba371c3368c31aa548c635757270e
Thanks for the bug report.
Cheers,
Simon.
More information about the Dnsmasq-discuss
mailing list