[Dnsmasq-discuss] DNS server order is not being honored

Dan Williams dcbw at redhat.com
Wed Dec 12 16:41:22 GMT 2012


On Tue, 2012-12-11 at 13:17 -0500, richardvoigt at gmail.com wrote:
> Unless you're using the strict-order option and still seeing the order
> change, this is not a bug.

NM does pass --strict-order to dnsmasq when dnsmasq is used as the local
caching nameserver plugin for NM, and has done that since 2009-11-14.

To verify, you can run "ps ax | grep dnsmasq" and see that
--strict-order is passed to the dnsmasq command line.

Dan

> 
> -o, --strict-order
>         By default, dnsmasq will send queries to any of the upstream
>         servers it knows about and tries to favour servers that are
>         known to be up. Setting this flag forces dnsmasq to try each
>         query with each server strictly in the order they appear
>         in /etc/resolv.conf
> 
> 
> On Tue, Dec 11, 2012 at 12:38 PM, Daniel Nicoletti
> <dantti12 at gmail.com> wrote:
>         Hi,
>         a friend of mine using NetworkManger complained
>         that when he puts 3 DNS entries on NM he gets
>         NXDOMAIN, then he goes to /etc/resolv.conf
>         and manually adds them. Since NM uses dnsmasq
>         and the website says bugs should be discussed here
>         I'll explain why it is failing.
>         Also note that I'm not a DNS expert (he knows about
>         it better), anyway, we found out that different from 
>         libresolver dnsmasq spawns a call for all DNS servers
>         and the fist to reply gets repassed to the caller.
>         
>         
>         This is a big problem, since you put your internal
>         company DNS to resolv local names, then you
>         add some external DNS just in case the internal one fails.
>         It also means that the order that you put the DNS
>         doesn't matter since the reply speed is what is more
>         important...
>         
>         
>         I think it would be sane to have the same behavior
>         as libresolv. How can this issue be addressed?
>         Is there another place to fill a bug report?
>         My friend told be also that he saw other people
>         complaining in forums about this but they
>         didn't know the cause.
>         
>         
>         TCPDUMP (I changed the ips...)
>         15:05:48.978824 IP 200-200-200-200.bbone.telesp.net.br.40510 >
>         10.0.0.123.domain: 12632+ A? intranet.foo.bar. (40)
>         15:05:48.978872 IP 200-200-200-200.bbone.telesp.net.br.40510 >
>         resolver1.telesp.net.br.domain: 12632+ A? intranet.foo.bar.
>         (40)
>         15:05:48.979517 IP 200-200-200-200.bbone.telesp.net.br.45180 >
>         resolver1.telesp.net.br.domain: 49029+ PTR?
>         123.0.0.10.in-addr.arpa. (41)
>         15:05:48.982797 IP resolver1.telesp.net.br.domain
>         > 200-200-200-200.bbone.telesp.net.br.40510: 12632 NXDomain
>         0/1/0 (102)
>         15:05:48.983391 IP resolver1.telesp.net.br.domain
>         > 200-200-200-200.bbone.telesp.net.br.45180: 49029 NXDomain
>         0/0/0 (41)
>         15:05:48.984412 IP 200-200-200-200.bbone.telesp.net.br.26486 >
>         resolver1.telesp.net.br.domain: 2556+ A? intranet.foo.bar.
>         (40)
>         15:05:48.984622 IP 10.0.0.123.domain >
>         200-204-2-133.bbone.telesp.net.br.40510: 12632* 1/0/0 A
>         10.20.96.43 (56)
>         15:05:48.988846 IP resolver1.telesp.net.br.domain >
>         200-200-200-200.bbone.telesp.net.br.26486: 2556 NXDomain 0/1/0
>         (102)
>         
>         
>         As you can see 10.0.0.123 does knows about the domain, but
>         resolver1.telesp.net.br reply first.
>         
>         
>         -- 
>         Daniel Nicoletti
>         
>         KDE Developer - http://dantti.wordpress.com
>         
>         
>         _______________________________________________
>         Dnsmasq-discuss mailing list
>         Dnsmasq-discuss at lists.thekelleys.org.uk
>         http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>         
> 
> 
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss





More information about the Dnsmasq-discuss mailing list