[Dnsmasq-discuss] AA bit on auth-zone
Geert Stappers
stappers at stappers.nl
Thu Jul 23 19:10:23 BST 2020
On Thu, Jul 23, 2020 at 11:17:00AM -0600, Bryce Larson wrote:
> On Thu, Jul 23, 2020 at 10:59 AM Geert Stappers wrote:
> > On Thu, Jul 23, 2020 at 10:06:31AM -0600, Bryce Larson wrote:
> > > I've been using dnsmasq as an authoritative server for my lan under a
> > > subdomain of my regular domain. So something like lan.example.com is the
> > > internal only zone, where lan.example.com is delegated from example.com
> > > which is available to the public internet. I have dnssec on example.com ,
> > > but obviously not on lan.example.com since dnsmasq doesn't automatically
> > > create dnssec records.
> > >
> > > When resolving those with systemd-resolved, It shows servfail.
> > >
> > > I used https://dnsviz.net to check what was up and it said the problem was
> > > that the AA bit wasn't getting set in the responses.
> > >
> > > my relevant config is something like
> > >
> > > domain=lan.example.com
> > > auth-server=int-ns1.example.com # this is the dnsmasq server
> > > auth-zone=lan.example.com
> > >
> > > Am I doing something wrong? It seems like a bug to not have dnsmasq add
> > > the AA bit to responses that are part of an auth-zone.
> >
> > http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2020q3/014200.html
> > isn't yet confirmed.
> >
>
> How do I get it confirmed?
> Is there a bug tracker I can vote on or something like that?
> What's the process to getting this noticed/fixed/confirmed?
https://grafana.com/blog/2020/04/16/community-series-on-asking-good-questions/
Regards
Geert Stappers
--
Silence is hard to parse
More information about the Dnsmasq-discuss
mailing list