[Dnsmasq-discuss] Getting 'REFUSED' from dnsmasq - possible reasons?

Simon Kelley simon at thekelleys.org.uk
Sun Jun 25 21:53:55 BST 2017 

REFUSED is returned if dnsmasq has no upstream server configured it can
send to, or if there are a very large number of queries in flight, and
the internal table tracking them is full. You could try bumping the

dns-forward-max

parameter if you have a very busy network.



Cheers,

Simon.


On 21/06/17 13:33, Chris Green wrote:
> I have dnsmasq 2.62 on a RasberryPi on my LAN, it's been doing DHCP
> and DNS quite happily for some years now.
> 
> I've suddenly started getting REFUSED back, sometimes, e.g.:-
> 
>     chris at esprimo$ host news.plus.net
>     Host news.plus.net not found: 5(REFUSED)
>     chris at esprimo$ 
> 
> but another system on the same LAN gets an address:-
> 
>     chris$ host news.plus.net
>     news.plus.net is an alias for usenet.plus.net.
>     usenet.plus.net is an alias for europe.isp.giganews.com.
>     europe.isp.giganews.com has address 216.166.105.145
>     chris$ 
> 
> It's not always the same system that's getting the 'REFUSED' message
> so I *think* something odd may be happening to dnsmasq.  Does anyone
> have any idea what the problem might be?
> 
> 
> Further information, wierdly 'dig' works OK:-
> 
>     chris at esprimo$ dig news.plus.net
> 
>     ; <<>> DiG 9.10.3-P4-Ubuntu <<>> news.plus.net
>     ;; global options: +cmd
>     ;; Got answer:
>     ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59408
>     ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 1
> 
>     ;; OPT PSEUDOSECTION:
>     ; EDNS: version: 0, flags:; udp: 4096
>     ;; QUESTION SECTION:
>     ;news.plus.net.                 IN      A
> 
>     ;; ANSWER SECTION:
>     news.plus.net.          34838   IN      CNAME   usenet.plus.net.
>     usenet.plus.net.        184     IN      CNAME   europe.isp.giganews.com.
>     europe.isp.giganews.com. 58     IN      A       216.166.105.145
> 
>     ;; AUTHORITY SECTION:
>     isp.giganews.com.       520     IN      NS      ns1.dca1.giganews.com.
>     isp.giganews.com.       520     IN      NS      ns1.ams1.giganews.com.
> 
>     ;; Query time: 13 msec
>     ;; SERVER: 127.0.1.1#53(127.0.1.1)
>     ;; WHEN: Wed Jun 21 13:31:27 BST 2017
>     ;; MSG SIZE  rcvd: 162
> 
>     chris at esprimo$ host news.plus.net
>     Host news.plus.net not found: 5(REFUSED)
>     chris at esprimo$ 
> 
>

More information about the Dnsmasq-discuss mailing list