[Dnsmasq-discuss] DNS server order is not being honored
Dan Williams
dcbw at redhat.com
Wed Dec 12 16:41:22 GMT 2012
On Tue, 2012-12-11 at 13:17 -0500, richardvoigt at gmail.com wrote:
> Unless you're using the strict-order option and still seeing the order
> change, this is not a bug.
NM does pass --strict-order to dnsmasq when dnsmasq is used as the local
caching nameserver plugin for NM, and has done that since 2009-11-14.
To verify, you can run "ps ax | grep dnsmasq" and see that
--strict-order is passed to the dnsmasq command line.
Dan
>
> -o, --strict-order
> By default, dnsmasq will send queries to any of the upstream
> servers it knows about and tries to favour servers that are
> known to be up. Setting this flag forces dnsmasq to try each
> query with each server strictly in the order they appear
> in /etc/resolv.conf
>
>
> On Tue, Dec 11, 2012 at 12:38 PM, Daniel Nicoletti
> <dantti12 at gmail.com> wrote:
> Hi,
> a friend of mine using NetworkManger complained
> that when he puts 3 DNS entries on NM he gets
> NXDOMAIN, then he goes to /etc/resolv.conf
> and manually adds them. Since NM uses dnsmasq
> and the website says bugs should be discussed here
> I'll explain why it is failing.
> Also note that I'm not a DNS expert (he knows about
> it better), anyway, we found out that different from
> libresolver dnsmasq spawns a call for all DNS servers
> and the fist to reply gets repassed to the caller.
>
>
> This is a big problem, since you put your internal
> company DNS to resolv local names, then you
> add some external DNS just in case the internal one fails.
> It also means that the order that you put the DNS
> doesn't matter since the reply speed is what is more
> important...
>
>
> I think it would be sane to have the same behavior
> as libresolv. How can this issue be addressed?
> Is there another place to fill a bug report?
> My friend told be also that he saw other people
> complaining in forums about this but they
> didn't know the cause.
>
>
> TCPDUMP (I changed the ips...)
> 15:05:48.978824 IP 200-200-200-200.bbone.telesp.net.br.40510 >
> 10.0.0.123.domain: 12632+ A? intranet.foo.bar. (40)
> 15:05:48.978872 IP 200-200-200-200.bbone.telesp.net.br.40510 >
> resolver1.telesp.net.br.domain: 12632+ A? intranet.foo.bar.
> (40)
> 15:05:48.979517 IP 200-200-200-200.bbone.telesp.net.br.45180 >
> resolver1.telesp.net.br.domain: 49029+ PTR?
> 123.0.0.10.in-addr.arpa. (41)
> 15:05:48.982797 IP resolver1.telesp.net.br.domain
> > 200-200-200-200.bbone.telesp.net.br.40510: 12632 NXDomain
> 0/1/0 (102)
> 15:05:48.983391 IP resolver1.telesp.net.br.domain
> > 200-200-200-200.bbone.telesp.net.br.45180: 49029 NXDomain
> 0/0/0 (41)
> 15:05:48.984412 IP 200-200-200-200.bbone.telesp.net.br.26486 >
> resolver1.telesp.net.br.domain: 2556+ A? intranet.foo.bar.
> (40)
> 15:05:48.984622 IP 10.0.0.123.domain >
> 200-204-2-133.bbone.telesp.net.br.40510: 12632* 1/0/0 A
> 10.20.96.43 (56)
> 15:05:48.988846 IP resolver1.telesp.net.br.domain >
> 200-200-200-200.bbone.telesp.net.br.26486: 2556 NXDomain 0/1/0
> (102)
>
>
> As you can see 10.0.0.123 does knows about the domain, but
> resolver1.telesp.net.br reply first.
>
>
> --
> Daniel Nicoletti
>
> KDE Developer - http://dantti.wordpress.com
>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
More information about the Dnsmasq-discuss
mailing list