[Dnsmasq-discuss] "reply query is duplicate" failure
Simon Kelley
simon at thekelleys.org.uk
Thu Mar 23 11:04:27 UTC 2023
On 22/03/2023 21:18, Manish Shakya wrote:
> Hi there,
>
> I am using v2.89 dnsmasq with openwrt. Evenever dnsmasq shows the
> following logs, the getaddrinfo() function fails and has to be retried.
>
> Wed Mar 22 20:54:41 2023 daemon.info <http://daemon.info> dnsmasq[1]: 45
> 127.0.0.1/46942 <http://127.0.0.1/46942> query[A]
> alpha.wirelessneovi.com <http://alpha.wirelessneovi.com> from 127.0.0.1
> Wed Mar 22 20:54:41 2023 daemon.info <http://daemon.info> dnsmasq[1]: 45
> 127.0.0.1/46942 <http://127.0.0.1/46942> forwarded
> alpha.wirelessneovi.com <http://alpha.wirelessneovi.com> to 10.14.159.231
> Wed Mar 22 20:54:41 2023 daemon.info <http://daemon.info> dnsmasq[1]: 46
> ::1/46942 query[A] alpha.wirelessneovi.com
> <http://alpha.wirelessneovi.com> from ::1
> Wed Mar 22 20:54:41 2023 daemon.info <http://daemon.info> dnsmasq[1]: 47
> 127.0.0.1/46942 <http://127.0.0.1/46942> query[AAAA]
> alpha.wirelessneovi.com <http://alpha.wirelessneovi.com> from 127.0.0.1
> Wed Mar 22 20:54:41 2023 daemon.info <http://daemon.info> dnsmasq[1]: 47
> 127.0.0.1/46942 <http://127.0.0.1/46942> forwarded
> alpha.wirelessneovi.com <http://alpha.wirelessneovi.com> to 10.14.159.231
> Wed Mar 22 20:54:41 2023 daemon.info <http://daemon.info> dnsmasq[1]: 47
> 127.0.0.1/46942 <http://127.0.0.1/46942> reply alpha.wirelessneovi.com
> <http://alpha.wirelessneovi.com> is NODATA-IPv6
> Wed Mar 22 20:54:41 2023 daemon.info <http://daemon.info> dnsmasq[1]: 48
> ::1/46942 query[AAAA] alpha.wirelessneovi.com
> <http://alpha.wirelessneovi.com> from ::1
> Wed Mar 22 20:54:41 2023 daemon.info <http://daemon.info> dnsmasq[1]: 48
> ::1/46942 forwarded alpha.wirelessneovi.com
> <http://alpha.wirelessneovi.com> to 10.14.159.231
> Wed Mar 22 20:54:41 2023 daemon.info <http://daemon.info> dnsmasq[1]: 48
> ::1/46942 reply alpha.wirelessneovi.com <http://alpha.wirelessneovi.com>
> is NODATA-IPv6
> Wed Mar 22 20:54:41 2023 daemon.info <http://daemon.info> dnsmasq[1]: 45
> 127.0.0.1/46942 <http://127.0.0.1/46942> reply alpha.wirelessneovi.com
> <http://alpha.wirelessneovi.com> is 45.27.190.129
> Wed Mar 22 20:54:41 2023 daemon.info <http://daemon.info> dnsmasq[1]: 46
> ::1/46942 reply query is duplicate
>
> What am I doing wrong here? Am I missing any parameters? Any help is
> appreciated.
>
You're not doing anything wrong and the message doesn't indicate an error.
Reformatting the logs to avoid line wrap and remove non-interesting
stuff we have.
45 127.0.0.1/46942 <http://127.0.0.1/46942> query[A]
45 127.0.0.1/46942 forwarded alpha.wirelessneovi.com to 10.14.159.231
46 ::1/46942 query[A] alpha.wirelessneovi.com from ::1
.
.
45 127.0.0.1/46942 reply alpha.wirelessneovi.com is 45.27.190.129
46 ::1/46942 reply query is duplicate
There are two transactions, here 45 and 46 which are both queries for
the same domain alpha.wirelessneovi.com.
45 arrives first and gets sent to the upstream server.
46 then arrives and is not sent upstream because the same query is
already in progress as 45.
Then the reply for 45 comes back and is returned to the original client
at 127.0.0.1/46942
The same reply is then used to answer 46 and is sent to ::1/46942 as
the original client.
The "duplicate" line just tells you that the query was recognized as a
duplicate and it's now being answered with data from another, identical,
query.
TL;DR your client is sending the same query over IPv4 and IPv6 and
dnsmasq is combining both of those queries into one to send uptream and
then answering them both from one upstream answer.
This behaviour is a small performance benefit, but it's mainly there for
security reasons. It stops a malicious client from being able to force
dnsmasq to make many queries upstream for the same domain, which is part
of a cache-poisoning attack.
Cheers,
Simon.
More information about the Dnsmasq-discuss
mailing list