[Dnsmasq-discuss] nxdomain option of dnsmasq
Brad Morgan
b-morgan at concentric.net
Sat Mar 16 16:34:58 GMT 2013
> HA1#cat /etc/dnsmasq.conf
> domain-needed
> log-queries
> bogus-nxdomain=1.2.3.4
> and the hosts file
> HA1#cat /etc/hosts
> 127.0.0.1 localhost localhost.singtec.com
> 192.168.255.1 test.com
> 1.1.1.1 localdns
> then i nslookup test.com, it can get the 192.168.255.1, But when i quering
a non-existent domain, the result > is "*** Unkown can't find xxxx, Query
refused
> I thought it should return a 1.2.3.4 for the nxdomain !!
Bill,
You have misinterpreted the man page. Your expectation is the opposite of
what bogus-nxdomain is doing.
When your query is for a non-existent domain, the expected response is
NXDOMAIN. If your ISP returns a valid IP address that points to an
advertisement page or something similar, then setting bogus-nxdomain to that
valid IP address will cause dnsmasq to return the expected NXDOMAIN response
instead.
What you want is NXDOMAIN responses to be replaced with a valid IP address.
Simon's distribution does not have this option but Sven Falempin
(sven.falempin at gmail.com) replied that he has patched dnsmasq to provide
exactly what you are looking for. His response says to search the archives
for "dnsmasq-guard" which you can do at
http://dir.gmane.org/gmane.network.dns.dnsmasq.general. Doing the search
should eventually lead you to Sven's code repository at
https://code.google.com/p/dnsmasq-guard/ where you can download the sources
and compile a version of dnsmasq containing the feature you desire.
I'd suggest you contact Sven off-list and discuss the details of his clone.
I don't know how current he is but I'm sure he can tell you. You can also
ask Simon to consider including Sven's patch into the main distribution. You
will have to make a case for this option having a wider audience than just
you and Sven!
Regards,
Brad
More information about the Dnsmasq-discuss
mailing list