Package: dnsmasq Version: 2.66-4 Severity: wishlist Tags: patch Here is another change for dnsmasq's resolvconf update script whose purpose is better to prepare dnsmasq for use in a multi-dnsmasq-instance chain. A possible chain is, for example, dnsmasq serving libvirt | dnsmasq server | dnscrypt.
Background: Two recent changes were:
(1) to handle lo.dnscrypt specially;
(2) to use list-records's "--after" option.
The purpose of change #2 was to avoid including lo.other-dnsmasq which
has higher priority than lo.dnsmasq, because we can expect
other-dnsmasq's update script to include lo.dnsmasq and we don't want
to create a loop.
The purpose of change #1 was to forward to dnscrypt exclusively if it
is available, since other nameservers are not equivalent.
The present change generalizes the latter idea to all local
nameservers. With the change, the update script stops including
records after it includes any lo.* record. Under normal circumstances,
lo.* records have the highest priority so under normal circumstances
this has the consequence that if any lo.* record is listed by
list-records, the script includes it and only it. Why is this right?
Because the nameserver represented by any record after the first lo.*
one is unlikely to be equivalent to the local nameserver represented
by the lo.* one. And even if one is equivalent then there is no need
to include it.
This has low priority, just something to include in the next release
whenever that happens for other reasons. Thanks!
--
Thomas Hood
etc-resolvconf-update-dnsmasq_20130824th1.patch
Description: Binary data
