[Dnsmasq-discuss] abandoned

Simon Kelley simon at thekelleys.org.uk
Thu Jun 23 22:54:44 BST 2016 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

The ABANDONED state it indicates that dnsmasq had to do too much work
to verify the DNSSEC data. It counts the number of queries it has to
make to get the data needed to verify DNSSEC, and if that exceeds a
fixed number (about 100, I think) then it abandons the attempt to
verify DNSSEC. This protects against infinite loops in the
verification process.

What's confusing me is that this is clearly NOT doing many queries. I
wonder is the first attempt to verify failed, and the repeated queries
for the same domain are taking a code path which doesn't re-initialise
the counter? Can you look back in the logs to the FIRST attempt to
look up protomail.ch?

Cheers,

Simon.


On 23/06/16 03:20, Johnny Appleseed wrote:
> Jun 22 20:17:35 dnsmasq[5800]: query[A] protonmail.ch from
> 127.0.0.1 Jun 22 20:17:35 dnsmasq[5800]: forwarded protonmail.ch to
> 127.0.0.1 Jun 22 20:17:35 dnsmasq[5800]: dnssec-query[DNSKEY]
> protonmail.ch to 127.0.0.1 Jun 22 20:17:35 dnsmasq[5800]: reply
> protonmail.ch is 185.70.40.181 Jun 22 20:17:35 dnsmasq[6016]:
> query[A] protonmail.ch from 127.0.0.1 Jun 22 20:17:35
> dnsmasq[6016]: forwarded protonmail.ch to 127.0.0.1 Jun 22 20:17:35
> dnsmasq[6016]: dnssec-query[DNSKEY] protonmail.ch to 127.0.0.1 Jun
> 22 20:17:35 dnsmasq[6016]: validation protonmail.ch is ABANDONED 
> Jun 22 20:17:35 dnsmasq[6016]: reply protonmail.ch is
> 185.70.40.181 Jun 22 20:17:35 dnsmasq[5800]: query[A] protonmail.ch
> from 127.0.0.1 Jun 22 20:17:35 dnsmasq[5800]: forwarded
> protonmail.ch to 127.0.0.1 Jun 22 20:17:36 dnsmasq[5800]:
> dnssec-query[DNSKEY] protonmail.ch to 127.0.0.1 Jun 22 20:17:36
> dnsmasq[5800]: reply protonmail.ch is 185.70.40.181 Jun 22 20:17:36
> dnsmasq[6017]: query[A] protonmail.ch from 127.0.0.1 Jun 22
> 20:17:36 dnsmasq[6017]: forwarded protonmail.ch to 127.0.0.1 Jun 22
> 20:17:36 dnsmasq[6017]: dnssec-query[DNSKEY] protonmail.ch to 
> 127.0.0.1 Jun 22 20:17:36 dnsmasq[6017]: validation protonmail.ch
> is ABANDONED Jun 22 20:17:36 dnsmasq[6017]: reply protonmail.ch is
> 185.70.40.181 Jun 22 20:17:57 dnsmasq[5800]: query[AAAA]
> star.c10r.facebook.com
> 
> 
> anyone know why Im getting protonmail is abandoned?  I have to
> restart dnsmasq and it comes back online working.  What does
> Abandoned mean?
> 
> 
> _______________________________________________ Dnsmasq-discuss
> mailing list Dnsmasq-discuss at lists.thekelleys.org.uk 
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQIcBAEBCAAGBQJXbFqkAAoJEBXN2mrhkTWivIsP/3evsfRv1Q20+78G+vmE8BIH
+3VpLmkcrGBhGqo+jJBqYpsEOlcp4AO8nmui0smUvbCKgpF92FspI5VwIr5zIPtp
WJvL8P+zvkmcW9rFQ2U4q634EvbMdJguKeWXlmphaWdcgajCa0NBG0ubIJtQy/Cz
HLdrEHi0BPDrtH5+Gtp5FmNdLMDTdHJ0qTkvpGwHbVR4vKEnZK2qneje/JnDoV8g
Jdr5J/4hC85ruJ0ETmqGetfPXCmXq8que2Sm68R6O9C3j2GbjqinpN+9BcLfeTMQ
V2LEtJ8iO4AaaCcLkAlyTaUbskL5dGsVCl2UGCKlunBvMHTqdJlVWzFTcwhdawX1
ZoUCOGYyI+o7i9sdsbW7waP0SnQy3btG/KxtpxSfi9JihAieOKJv/GLLah///Me8
lTkg5cFHmq5CuSikflW6ObPrkd1tF1oC/g3FExFG8qYWtnLAfeuQGJditq5MXO5h
xl21u2LKzC5fQu7cw3PPy5RPF6TYjvqG1Blr924/Z4Fd3qPbIEXY2VexkzeOTrRW
FC45GLLLdDwc3tRbLKiTaRDI8m7Y1Bi+baLSIeR43vP2X5ERe5D2M+7y/RvOXvEg
YU7QtEQhOWImutwWTwZ7qvv08b+K/46TF/AMhSgQIAj9vJMsBxLuRYTDSDo7Oamu
6K2Jnhojy4L9NMB/KvYT
=Afl3
-----END PGP SIGNATURE-----

More information about the Dnsmasq-discuss mailing list