[Dnsmasq-discuss] SERVFAIL and all-servers
tobias+dnsmasq at trds.de
tobias+dnsmasq at trds.de
Mon Feb 28 22:38:14 UTC 2022
Hi,
when using multiple upstream servers with "all-servers", and one
upstream is sending SERVFAIL very fast (e.g. because the upstream has a
dead upstream itself), dnsmasq uses this SERVFAIL as answer, probably
because it's the fastest one. This breaks the intended redundancy, but
is even worse, as other working upstreams are effectively not used
anymore. (Tested with v2.85 and v2.86.)
I'm not sure if that behavior has a valid use case, but at least for my
case it seems much better to only give a SERVFAIL if all upstream
servers answer with SERVFAIL.
Together with the other "all-servers" issue I reported ("DNSSEC and
all-servers"), the "all-servers" setup unfortunately is much less
reliable than I was hoping.
Thanks!
Tobias
More information about the Dnsmasq-discuss
mailing list