[Dnsmasq-discuss] dnsmasq to return NODATA for an A query

Petr Menšík pemensik at redhat.com
Thu Mar 25 00:37:58 UTC 2021 

Hi,
below...

On 3/17/21 6:12 PM, Simon Kelley wrote:
> On 14/03/2021 14:35, Aaron Jones wrote:
>> On 07/03/2021 08:57, Geert Stappers via Dnsmasq-discuss wrote:
>>> --host-record=foo.example.org,NODATA,fd00::1
>>>
>>> Says what is wanted.
>>>
>>> In `hosts` file
>>>
>>>   fd00::1  foo.example.org
>>>   NO4DATA  foo.example.org
>>>
>>> and allow
>>>
>>>   192.168.0.1  foo.example.org
>>>   NO6DATA      foo.example.org
>>>
>>> plus also
>>>
>>>   NO4DATA   foo.example.org
>>>   NO6DATA   foo.example.org
>>>
>>> to express  "don't go to upstream resolvers for foo.example.org,
>>> return NODATA to the request of the DNS client"
>>>
>>> That "hosts file syntax" applied to `host record`
>>>   --host-record=foo.example.org,NODATA,fd00::1
>>>   --host-record=foo.example.org,192.168.0.1,NODATA
>>>   --host-record=foo.example.org,NODATA,NODATA
>>
>> Yeah, that would suit my purposes just fine, and I imagine would become
>> very useful for others in the future too. :)
>>
>> Regards,
>> Aaron Jones
> 
> The current arrangement (forward queries for a name even if we have
> records for other types associated with that name) is deliberate.
> Dnsmasq doesn't implement zone-based DNS (in this case, anyway) the
> locally configured records are just an overlay modifying the global DNS.
> 
> It's worth noting that if you configure, say an AAAA record but not an A
> record for example.com, and an A query gets forwarded, and the reply is
> NXDOMAIN then dnsmasq will re-write that as a NODATA response, based on
>  the existence of the local AAAA record (or TXT, PTR or the handful of
> other supported record types.

> 
> An explicit NODATA overlay facility does seem sensible, but the syntax
> is a bit problematic, since there can be more than one name, so
> 
> foo.example.org,NODATA,fd00::1
> 
> has an existing meaning (it creates AAAA records of fd00::1 for
> foo.example.org and nodata
> 
> Strictly, domain names can contain any characters (domain names are not
> the same as host names) but grabbing a string like "#" out of the domain
> name space is unlikely for inconvenience anyone, so we could have
> 
> 
> --host-record=foo.example.org,#,fd00::1
> 
> 
> Comments?
I don't like any punct characters. What about some hostname invalid
string, for example ipv4: or ipv6:? Also, there was request to add also
text record, which can be reloaded on SIGHUP. What if we provided also
txt: option for those cases? Or just thread argument starting with " as
TXT record until another "?

Maybe global option to set only once to always provide both families, no
matter what are specified. So it is once per configuration and records
can contain just actual data if specified and provide nodata on
unspecified types.

--host-families=ipv4,ipv6 #?

Would someone ever need one behaviour on few records and different on
another set? It would enable zone-like behaviour for those who are
looking for it.
> 
> 
> Simon.


-- 
Petr Menšík
Software Engineer
Red Hat, http://www.redhat.com/
email: pemensik at redhat.com
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20210325/f2a9f341/attachment.sig>

More information about the Dnsmasq-discuss mailing list