[Dnsmasq-discuss] dnsmasq to return NODATA for an A query

Geert Stappers stappers at stappers.nl
Wed Mar 17 23:01:05 UTC 2021 

On Wed, Mar 17, 2021 at 05:12:35PM +0000, Simon Kelley wrote:
> On 14/03/2021 14:35, Aaron Jones wrote:
> > On 07/03/2021 08:57, Geert Stappers via Dnsmasq-discuss wrote:
> >> --host-record=foo.example.org,NODATA,fd00::1
> >>
> >> Says what is wanted.
> >>
> >> In `hosts` file
> >>
> >>   fd00::1  foo.example.org
> >>   NO4DATA  foo.example.org
> >>
> >> and allow
> >>
> >>   192.168.0.1  foo.example.org
> >>   NO6DATA      foo.example.org
> >>
> >> plus also
> >>
> >>   NO4DATA   foo.example.org
> >>   NO6DATA   foo.example.org
> >>
> >> to express  "don't go to upstream resolvers for foo.example.org,
> >> return NODATA to the request of the DNS client"
> >>
> >> That "hosts file syntax" applied to `host record`
> >>   --host-record=foo.example.org,NODATA,fd00::1
> >>   --host-record=foo.example.org,192.168.0.1,NODATA
> >>   --host-record=foo.example.org,NODATA,NODATA
> > 
> > Yeah, that would suit my purposes just fine, and I imagine would become
> > very useful for others in the future too. :)
> > 
> 
> The current arrangement (forward queries for a name even if we have
> records for other types associated with that name) is deliberate.
> Dnsmasq doesn't implement zone-based DNS (in this case, anyway) the
> locally configured records are just an overlay modifying the global DNS.
> 
> It's worth noting that if you configure, say an AAAA record but not an A
> record for example.com, and an A query gets forwarded, and the reply is
> NXDOMAIN then dnsmasq will re-write that as a NODATA response, based on
>  the existence of the local AAAA record (or TXT, PTR or the handful of
> other supported record types.
> 
> An explicit NODATA overlay facility does seem sensible, but the syntax
> is a bit problematic, since there can be more than one name, so
> 
> foo.example.org,NODATA,fd00::1
> 
> has an existing meaning (it creates AAAA records of fd00::1 for
> foo.example.org and nodata
> 
> Strictly, domain names can contain any characters (domain names are not
> the same as host names) but grabbing a string like "#" out of the domain
> name space is unlikely for inconvenience anyone, so we could have
> 
> 
> --host-record=foo.example.org,#,fd00::1
> 
> Comments?

Replace number sign with underscore

#  means comment for shell and dnsmasq config file

_  is not allowed in DNS name



Groeten
Geert Stappers
-- 
Silence is hard to parse

More information about the Dnsmasq-discuss mailing list