[Dnsmasq-discuss] dnsmasq returning REFUSED when querying AAAA

Maik Allgöwer user1391 at gmail.com
Tue Jun 25 14:59:17 BST 2019 

Hello everyone,

I am having a problem with the following setup:
  * Ubuntu 19.04 Desktop
  * name resolution is done via systemd-resolved.
  * On 10.0.100.0/24 I have connected various clients which should get
their IP via dnsmasq / dhcp.
  * systemd-resolved is configured to forward queries to the domain
*.vir to the dnsmasq-instance.
  * When connecting to a client via ssh, systemd-resolved hammers the
dnsmasq-instance with AAAA queries and delays the name
    resolution, therefor making the connection-process slow.
  * Above behaviour **only** happens to devices which get their name via DHCP.


I built dnsmasq from source (v2.80-53-g343b7b4) and used the following
/etc/dnsmasq.conf


no-resolv
listen-address=10.0.100.1,127.0.0.1
bind-interfaces
domain=vir,10.0.100.0/24
dhcp-range=10.0.100.10,10.0.100.200,12h

address=/test.vir/10.0.100.5
log-queries=extra


In the following section I am querying two hostnames, phoebe.vir and test.vir.
test.vir is configured via address= whereas phoebe.vir receives is's
address via DHCP.


$ dig +short @127.0.0.1 phoebe.vir A
10.0.100.121

dnsmasq: 1 127.0.0.1/52155 query[A] phoebe.vir from 127.0.0.1
dnsmasq: 1 127.0.0.1/52155 DHCP phoebe.vir is 10.0.100.121


$ dig +short @127.0.0.1 test.vir A
10.0.100.5

dnsmasq: 2 127.0.0.1/33215 query[A] test.vir from 127.0.0.1
dnsmasq: 2 127.0.0.1/33215 config test.vir is 10.0.100.5


$ dig +short @127.0.0.1 test.vir AAAA

dnsmasq: 3 127.0.0.1/59418 query[AAAA] test.vir from 127.0.0.1
dnsmasq: 3 127.0.0.1/59418 config test.vir is NODATA-IPv6


$ dig +short @127.0.0.1 phoebe.vir AAAA

dnsmasq: 4 127.0.0.1/40600 query[AAAA] phoebe.vir from 127.0.0.1
dnsmasq: 4 127.0.0.1/40600 config error is REFUSED


I would have expected that the last two queries yield the same response.
systemd-resolved is perfectly happy with the NODATA-IPv6 response
whereas it continues querying the dnsmasq-instance
until it runs into a timeout.

Do you have any input on this? Is this a problem with my config or
perhaps dnsmasq or systemd-resolved?


With kind regards,
Maik Allgöwer

More information about the Dnsmasq-discuss mailing list