[Dnsmasq-discuss] dnsmasq v2.86?
Simon Kelley
simon at thekelleys.org.uk
Thu Aug 12 11:34:29 UTC 2021
On 12/08/2021 12:23, Andre Heider wrote:
>> Hm, works if I disable dnssec on dnsmask:
>>
>> dig thekelleys.org.uk
>>
>> ; <<>> DiG 9.16.15-Debian <<>> thekelleys.org.uk
>> ;; global options: +cmd
>> ;; Got answer:
>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7599
>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
>>
>> ;; OPT PSEUDOSECTION:
>> ; EDNS: version: 0, flags:; udp: 1280
>> ;; QUESTION SECTION:
>> ;thekelleys.org.uk. IN A
>>
>> ;; ANSWER SECTION:
>> thekelleys.org.uk. 36717 IN A 85.119.82.65
>>
>> ;; Query time: 3 msec
>> ;; SERVER: 192.168.0.1#53(192.168.0.1)
>> ;; WHEN: Thu Aug 12 13:12:28 CEST 2021
>> ;; MSG SIZE rcvd: 62
>>
>>
>> But with it enabled:
>>
>> dig thekelleys.org.uk
>> ;; Truncated, retrying in TCP mode.
>>
>> ; <<>> DiG 9.16.15-Debian <<>> thekelleys.org.uk
>> ;; global options: +cmd
>> ;; Got answer:
>> ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 34170
>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
>>
>> ;; OPT PSEUDOSECTION:
>> ; EDNS: version: 0, flags:; udp: 4096
>> ; EDE: 14 (Not Ready)
>> ;; QUESTION SECTION:
>> ;thekelleys.org.uk. IN A
>>
>> ;; Query time: 7 msec
>> ;; SERVER: 192.168.0.1#53(192.168.0.1)
>> ;; WHEN: Thu Aug 12 13:13:18 CEST 2021
>> ;; MSG SIZE rcvd: 52
>
> It works with dnssec enabled but 'ednspacket_max 1280' removed...
>
This may be getting closer to the original problem. What do the query
logs look like when that fails? Also is stubby handling queries on TCP OK?
dig @127.0.0.1 -p 5453 +vc thekelleys.org.uk
Simon.
More information about the Dnsmasq-discuss
mailing list