On 15/08/12 09:17, Ritesh Raj Sarraf wrote: > Package: dnsmasq > Version: 2.62-3 > Severity: important > > Simon, > > Looks like, since your last fix of dnsmasq's integration with systemd, > something has broken. I am not sure where is the problem (could be > resolvconf too), but as far as I can remember this problem seems to have > begun since your last update. > > > rrs@champaran:~$ cat /var/run/dnsmasq/resolv.conf > nameserver 10.73.158.106 > nameserver 10.73.158.107 > nameserver 192.168.2.1 > > rrs@champaran:~$ host smtp.corp.corpdomain.com > Host smtp.corp.corpdomain.com not found: 3(NXDOMAIN) > > rrs@champaran:~$ dig @10.73.158.106 smtp.corp.corpdomain.com > > ; <<>> DiG 9.8.1-P1 <<>> @10.73.158.106 smtp.corp.corpdomain.com > ; (1 server found) > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18951 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 > > ;; QUESTION SECTION: > ;smtp.corp.corpdomain.com. IN A > > ;; ANSWER SECTION: > smtp.corp.corpdomain.com. 3475 IN A 10.57.159.114 > > ;; Query time: 31 msec > ;; SERVER: 10.73.158.106#53(10.73.158.106) > ;; WHEN: Wed Aug 15 13:39:48 2012 > ;; MSG SIZE rcvd: 54 > > rrs@champaran:~$ dig smtp.corp.corpdomain.com > > ; <<>> DiG 9.8.1-P1 <<>> smtp.corp.corpdomain.com > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24603 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 > > ;; QUESTION SECTION: > ;smtp.corp.corpdomain.com. IN A > > ;; Query time: 0 msec > ;; SERVER: 127.0.0.1#53(127.0.0.1) > ;; WHEN: Wed Aug 15 13:40:04 2012 > ;; MSG SIZE rcvd: 38 > > > > As you can see, direct query to the nameserver works. Only if asking the > local dnsmasq server, incorrect result is shown. > > > > My setup involves my regular wifi network which provides the 192.x.x.x > dns nameserver ip and my vpn connection which provides me the 10.x.x.x > nameserver. > > The vpn connection drops at times, so I do have a loop to check every 5 > minutes, and re-establish the connection if unavailable. >
What does dig @192.168.2.1 smtp.corp.corpdomain.com return? Assuming it's NXDOMAIN, that's your problem, and it's not a new one, but the way dnsmasq has always worked. Dnsmasq is written on the strong assumption that all the upstream nameservers are equal, and it can forward a query to any of them. An NXDOMAIN answer is as good as any other, and will be returned to the original requestor: it explicitly doesn't trigger an attempt to send the query to another nameserver, and the order of the nameservers is not significant. If your 192.168.2.1 is local nameserver only handling certain domains, you can configure dnsmasq to use it as such with the server=/example.com/192.168.2.1 style configuration on /etc/dnsmasq.conf. Cheers, Simon. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org