[Dnsmasq-discuss] DNAME or domain to domain transltion?

Adrian Lewis adrian at alsiconsulting.co.uk
Fri Mar 20 13:49:07 GMT 2015


Forgive me if I've not understood how dnsmasq works (still investigating)
or if my terminology isn't quite correct but...

1. If a client requests a lookup for a-record.domain1.tld,
2. dnsmasq forwards the lookup and receives a DNAME record as the answer
saying domain1.tld is a DNAME for domain2.tld,

...will it
3. then recursively look up a-record.domain2.tld and send the answer with
IP back to the client?
...or does it
4. simply pass the DNAME answer back to the client without resolved IP for
it to do the lookup again using the new domain?

I had assumed that for CNAME records, this recursion happens within
dnsmasq before a reply is given back to the client. If so, would the same
not be feasible for DNAME records configured locally in dnsmasq in the
same way as CNAME records?


-----Original Message-----
From: Dnsmasq-discuss
[mailto:dnsmasq-discuss-bounces at lists.thekelleys.org.uk] On Behalf Of
Simon Kelley
Sent: 17 March 2015 21:54
To: dnsmasq-discuss at lists.thekelleys.org.uk
Subject: Re: [Dnsmasq-discuss] DNAME or domain to domain transltion?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

You're right that there's no ability to do this in dnsmasq. The
synth-domain stuff is not really applicable, since it generates records
locally, rather than using data from an upstream server.

Your description implies that you want to modify the DNS as seen by
clients of dnsmasq - ie that it does a transformation of the data being
returned by the authoritative servers for a domain. That's not what DNAME
does, from a quick reading if the relevant RFC, DNAME processing is not
transparent to the stub resolver.

Implementing the sort of translation you want in dnsmasq would be more
difficult than you might expect. The normal process is that dnsmasq
forwards a DNS query, and then only retains a very small, fixed size data
structure whilst it awaits the reply. It doesn't, for instance keep the
original query. That makes applying the transformation to the reply
impossible. Keeping more information can be done (it's done for DNSSEC
processing, for instance) but you start to lose the attributes of small,
and fixed, memory usage, which makes dnsmasq attractive in its niche.

TL;DR. What you're asking for isn't DNAME. It could be done, but not
simply and there would be tradeoffs. It's not clear if it would be
generally useful enough to make people want to pay the costs.

Cheers,

Simon.






On 17/03/15 01:33, Adrian Lewis wrote:
> Would it be fair to assume that there is no trick to this and if so,
> is there any interest in a feature request for supporting DNAME
> records? Unfortunately I'm simply a (very grateful) freeloader with no
> programming skills whatsoever. I have no idea whether implementing
> this would be something really simple or the opposite.
>
> Many thanks,
>
> Adrian
>
> -----Original Message----- From: Adrian Lewis
> [mailto:adrian at alsiconsulting.co.uk] Sent: 11 March 2015 19:06 To:
> 'dnsmasq-discuss at lists.thekelleys.org.uk' Subject: DNAME or domain to
> domain transltion?
>
> Hi,
>
> I've tried to find this out through reading and googling and I can't
> find any obvious solution so I was hoping someone might know a trick
> that would help me. I'm trying to do some sort of domain to domain
> translation so that when a query for the a record of
> host1.firstdomain.tld is received, dnsmasq does a lookup for
> host1.seconddomain.tld and returns the IP as if the client had asked
> for host1.seconddomain.tld.
>
> For an individual host this is much the same as a CNAME record but I
> need to be able to specify the hostname dynamically so that
> %anything%.firstdomain.tld is a CNAME for %anything%.seconddomain.tld.
> Wildcards don't help either as this is not a case of
> %anything%.firstdomain.tld being a CNAME for
> specifichost.seconddomain.tld.
>
>> From what I gather, this is what a DNAME record will do although
>> support
> for this type of record seems a little scarce and dnsmasq doesn't
> support these directly. The purpose is not nefarious and it is all
> being done for internal to internal translation. I've not gone into
> why I need this in any great detail but it's nothing dodgy.
>
> The --synth-domain feature suggests that there is some sort of engine
> to create dynamic replies based on the query but I need the equivalent
> of: --synth-domain=firstdomain.tld,seconddomain.tld
>
> Can anyone help?
>
> TIA,
>
> Adrian
>
> _______________________________________________ Dnsmasq-discuss
> mailing list Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJVCKKOAAoJEBXN2mrhkTWi2AMP/00ckRWxT7fp1I+lztRDeA+G
zMmrjnnC94SPj4YYJXX+jp572xnc/aDl3L93YMncbRdx0vYQr7ieWzYhjgdldzZL
Luig5S8ImZ06VHZsqMoMG3pkKyMwpZ9hQliudh54ocEq/K0osc2PqrA0KZ46UFDy
iqDOuHvi6I6ECp0lGbFtV8wxHB5i4lTw5zUxR9F1I1yby6gnhkf205BNTRG23YCb
z4sALO3xuItTPk61cO7ZRtXT1hHspJ2QI4X1pRycl65tj+LvBNgJ47vOb9vJ+eHF
t1RZtyJBoeVdbwQnINYdCXccmJwJ0Jm46VBd+GYi+ZXCAMJg+aLSe5IzjJ4qYYrn
xi5/un/M9IZVwnwpAMK9x7/d+wbZNRDZ2uMX0zQgoW3SWSarU0eu/c/0akiWj/wd
3GocWUsnMD+wTexZ2h2JrX3RGNUJis8A1QV2fhalLjPQ0OFJD6oLBifKXzBHhMMy
OarVpbZJyVTA/LKVkQB7+puu2T963TXfzQQSABbrOjNrer1eV8M3hk2C1sv5XLJj
kt8w/eskPeS/NJLCCWHKrZg9sv105nPgvz7mnR6qKq6xvfVoo/LvIdtELvU3Al0R
Qget9QmAwx0m3jwpvVlUT7tewbiPHHXnkNEu20Jinew//gmbCFcwDdaCbKWcJRnZ
I/JTfXJNg8HdzIKLHHj4
=hEA8
-----END PGP SIGNATURE-----

_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss at lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss



More information about the Dnsmasq-discuss mailing list