[Dnsmasq-discuss] Change in behaviour of --server
simon at thekelleys.org.uk
Tue Jul 6 20:23:39 UTC 2021
On 06/07/2021 12:14, Kevin Darbyshire-Bryant wrote:
> Hi Simon,
> An eager OpenWrt tester of current dnsmasq master has noticed the following change in behaviour:
I have to say, I am very much liking the amount of testing that the new
code is getting. It's great to find these regressions _before_ release.
> Openwrt uses a conf file containing a list of RFC6761 domains that are considered undesirable to forward, reducing load on upstream servers etc. This conf file contains lines such as "server=/onion/“. Said user overrides this with a line in main config file ’server=/onion/127.0.0.1#2053’. Unfortunately current dnsmasq looks through its servers and returns ’NXDOMAIN’. dnsmasq v2.85 says ‘yeah fine, I’ll forward that to 127.0.0.1#2053’
> The are two solutions to this: 1) drop ’server=/onion/‘ from the RFC6761 config file - 2) Take advantage of new syntax and use ’server=/*.onion/127.0.0.1#2053’
> I’m flagging this as a change in behaviour and I’m not sure how syntactically it can or even should be fixed, or just documented as a change in behaviour. eg.
> Should there be a difference (& what should it be) between
> (forward to 127.0.0.1#2053)
The order is irrelevant. What matters is the type of configuration. This
is defined so that, for instance,
will return 220.127.116.11 to an A query, but forward any other queries to 18.104.22.168
The priority order is
all zeros address (--address=/example.com/#)
NXDOMAIN address (--address=/example.com/ or --local or --address)
send to an upstream server.
The order of the last two was arbitrary: I hadn't considered a situation
would both exist, and that order is what came out of the implementation
Since doing that is a regression for earlier releases, and you've
demonstrated how the previous behaviour _can_ be useful, I'm happy to
swap the priority of the last two items in my list.
does the deed.
> (not sure!)
> or even worse
> (use both #2053 & #2153?)
After 719f79a8fdb7cc72a061b2492ea98f7486b6f90e, that's exactly what will
In general the new code makes servers for particular domains first-class
citizens, so you can specify more than one and dnsmasq will load-balance
across them in the same way it does for the general upstream servers.
> Kevin D-B
> gpg: 012C ACB2 28C6 C53E 9775 9123 B3A2 389B 9DE2 334A
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
More information about the Dnsmasq-discuss