[Dnsmasq-discuss] Need some info on retried and failed queries

Albert ARIBAUD albert.aribaud at free.fr
Fri Jul 1 15:25:06 BST 2016

Hi Mikhail,

Le Fri, 1 Jul 2016 15:03:43 +0200
Mikhail Morfikov <mmorfikov at gmail.com> a écrit:

> In the dnsmasq confg file I can set the two following parameters:
> min-cache-ttl=3600
> max-cache-ttl=7200
> Let's say I visit some http server on the internet. The cache entry
> would be created for the domain and for 1h, each request to that
> domain would be served from the cache, right?

Almost. It would be 1 hour if the TTL from the upstream server was
less than 1 hour; 2 hours if the upstream TTL was more than two hours;
and in-bewteen, it would be the upstream TTL.

> What if the IP address associated with the domain changes for some
> reason in 10min. after my first visit?

You don't see it until 50 minutes after (simplifying a bit here). That's
the principle of the cache.

> What would dnsmasq do if I
> tried to access the web server once more after 15min?

It would still rely on the 1 hour minimum TTL, so it would still not
ask any upstream server again until about 35 minutes (ditto).
> Some people say
> that I would have wrong IP so I couldn't connect to the web server
> till the cache entry expires. But I've never had this problem and all
> web pages works fine with the above values, at least I think so.

It's just that you never experienced an IP *change* within the TTL of
its DNS entry -- or that you did but something else hid that from
you; for instance your web browser page cache may have prevented your
machine from trying to connect to the obsolete IP.

> I can see some retried or failed queries in the following log:
> dnsmasq[1612]: cache size 10000, 0/4284 cache insertions re-used
> unexpired cache entries.
> dnsmasq[1612]: queries forwarded 4508, queries answered locally 6386
> dnsmasq[1612]: queries for authoritative zones 0
> dnsmasq[1612]: server queries sent 0, retried or
> failed 0 dnsmasq[1612]: server queries sent 59,
> retried or failed 0 dnsmasq[1612]: server queries
> sent 4449, retried or failed 60 dnsmasq[1612]: time 1467180121
> But I don't really know what means "retried or failed 60". So did it
> fail or not? Is it because of the high TTL values or something else?

TTL and failures are unrelated. TTL is just an indication that a DNS
entry can/should be considered constant for as long as indicated, while
failures and retries are when dnsmasq tries to query an upstream server
and it fails for some reason (the upstream server does not anwser at
all, or anwsers garbage, for instance).


More information about the Dnsmasq-discuss mailing list