[Dnsmasq-discuss] AAAA requests: long delay or SERVFAIL

Tue, 16 Dec 2014 14:08:13 -0800 

Hey,

I am using dnsmasq from libvirt, like so:

  dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf \
    --dhcp-script=/usr/lib/libvirt/libvirt_leaseshelper

The configuration file is included below. Basically, this is a DHCP
server and DNS forwarder, but I've also configured it to turn DHCP
leases into DNS records, using the --domain keyword.

This works splendidly and OMG did I rejoice to see how wonderfully
easy this was to set up and just get it working.

However, there's an issue relating to nonexistent RRs for the hosts
configured by DHCP, as exemplified by a call to /usr/bin/host:

  % host red.virt
  red.virt has address 192.168.122.60
  Host red.virt not found: 2(SERVFAIL)
  Host red.virt not found: 2(SERVFAIL)

This is because host queries the DNS server for A, AAAA, and MX all
at once.

It's obvious that dnsmasq does not know about AAAA or MX for the
host in this setup. However, why is it returning SERVFAIL?

Moreover, this is not consistently the case. At other times, I get
timeouts when asking for these RRs:

  % dig @192.168.122.1 aaaa green.virt

*** 5–10 seconds later ***

  ; <<>> DiG 9.9.5-7-Debian <<>> @192.168.122.1 aaaa green.virt
  ; (1 server found)
  ;; global options: +cmd
  ;; connection timed out; no servers could be reached

Am I doing something wrong?

I thought that the correct behaviour for a DNS server when asked
about a record it does not have is to respond with NOERROR,
AUTHORITY:1 and ANSWER:0.

==> /var/lib/libvirt/dnsmasq/default.conf:
  strict-order
  domain=virt
  expand-hosts
  pid-file=/var/run/libvirt/network/default.pid
  except-interface=lo
  bind-dynamic
  interface=virbr0
  dhcp-range=192.168.122.2,192.168.122.254
  dhcp-no-override
  dhcp-leasefile=/var/lib/libvirt/dnsmasq/default.leases
  dhcp-lease-max=253
  dhcp-hostsfile=/var/lib/libvirt/dnsmasq/default.hostsfile
  addn-hosts=/var/lib/libvirt/dnsmasq/default.addnhosts

-- 
@martinkrafft | http://madduck.net/ | http://two.sentenc.es/
 
"when in doubt, parenthesize. at the very least it will let some
 poor schmuck bounce on the % key in vi."
                                                         -- larry wall
 
spamtraps: [email protected]

Attachment: digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/sig-policy/999bbcc4/current)

_______________________________________________
Dnsmasq-discuss mailing list
[email protected]
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Reply via email to