[Dnsmasq-discuss] 2.85: .. cache refresh problems?
Steffen Nurpmeso
steffen at sdaoden.eu
Wed Jun 2 23:05:12 UTC 2021
Hello, for your possible interest.
Steffen Nurpmeso wrote in
<20210424222910.87MHK%steffen at sdaoden.eu>:
|Steffen Nurpmeso wrote in
| <20210422212628.eSXGa%steffen at sdaoden.eu>:
||Since a few weeks ago i sometimes see mail delivery from a few
||domains (most often: mx2.freebsd.org, lesser so netbsd.org,
||ietf.org, crux.nu) being blocked by a simple-minded postfix
||log parser on my side (that i finally started using some months
||ago). Since i realized what was going on i (1) changed the
||upstream DNS server=s of dnsmasq, (2) changed neg-ttl and
||increased cache-size to lower impact, finally started verifying
||postfix DNS reports which until now avoids blocking precious
||upstream servers:
| ...
||What _is_ new on my side is that i have "dnssec" enabled now.
...
My provider traced the problem and today they said
[.] der [.] eingesetzte BIND [hat] in der Kombination aus den
Flags des anfragenden Client [.] und den autoritativen
Nameservern [.] Probleme [.]
the used bind has problems in the combination of the flags the
client uses, and the authoritative servers on the other side.
With a lot of "shall" and "possibly". Anyhow, they pointed me to
a PowerDNS server now. (Now i get a lot of errors with the
dnsbl.sorbs.net i use, but whatever ;)
In the meantime i had placed the freebsd domain in /etc/hosts,
most other failing lookups refer to spam domains that i do not
care about.
Ciao.
P.S.: the possibility to make dnsmasq authoritative for IPv6 when
it yet only served IPv4 via an entry in a --dhcp-host file would
be fantastic. (Or, maybe even better yet, even if it did _not_
yet serve any DHCP related, but a query for a name that has an IP
assigned there, or a name which only has a MAC, i.e., pre-reserve
that IP, maybe? Thanks for dnsmasq.)
--steffen
|
|Der Kragenbaer, The moon bear,
|der holt sich munter he cheerfully and one by one
|einen nach dem anderen runter wa.ks himself off
|(By Robert Gernhardt)
More information about the Dnsmasq-discuss
mailing list