[Dnsmasq-discuss] dnsmasq - freature "request" (minimal-responses=yes)

Simon Kelley simon at thekelleys.org.uk
Mon Jun 10 16:17:48 BST 2013 

On 10/06/13 10:53, Tomáš Thiemel wrote:
> Hello Simon,
> I'd like to ask, if you're going to add support for "minimal responses"
> like in BIND nameserver:
>
>
>
> I've installed Ubuntu 12.04 to a friend of mine, but there was a little
> problem - web browser (Firefox) wasn't able to resolve DNS address
> "fbcdn-profile-a.akamaihd.net.edgesuite.net"
>
> The issue was related to Dnsmasq, as the network setup was:
>
> INTERNET (ISP's DNS) -> router with OpenWRT (dnsmasq) -> Ubuntu 12.04
> (dnsmasq)
>
> When I wanted to do "dig" command in Ubuntu, I've got reply "Truncated,
> retrying in TCP mode"
>
>
> Here is output from "dig" at the OpenWRT router:
>
> root at OpenWrt:~# dig fbcdn-profile-a.akamaihd.net @8.8.8.8
> ...
> ;; Query time: 28 msec
> ;; SERVER: 8.8.8.8#53(8.8.8.8)
> ;; WHEN: Mon Jun 10 11:17:50 2013
> ;; MSG SIZE  rcvd: 345
>
> root at OpenWrt:~# dig fbcdn-profile-a.akamaihd.net
> ...
> ;; Query time: 9 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> ;; WHEN: Mon Jun 10 11:17:37 2013
> ;; MSG SIZE  rcvd: 742
>
> The main problem is that ISP's DNS server returns "full response", which
> is just forwarded by dnsmasq.
>
> I would appreciate "minimal-response=yes" parameter/option in the
> dnsmasq.conf config file. If it's too complicated to add this feature,
> just ignore this "request".
>
> Thank you very much.
>
> Best regards,
>
> Tomas Thiemel
> thiemel at centrum.cz
>
>

In the context of dnsmasq, I guess this would work by stripping the 
authority and additional sections from the reply, and, if the result 
fits in the packet as received, reseting the truncated bit. That would 
be possible, but I'm not sure it's the correct solution to your problem. 
It should be that the query gets retried, by the resolver in the Ubuntu 
machine, using TCP. My guess is that the query does get retried, but 
something in the chain is blocking TCP over port 53. That's the real 
problem.

What happens when you repeat you dig requests, but add +vc to the 
command line?

Cheers,

Simon.

More information about the Dnsmasq-discuss mailing list