On 15/08/12 09:17, Ritesh Raj Sarraf wrote:
> Package: dnsmasq
> Version: 2.62-3
> Severity: important
> 
> Simon,
> 
> Looks like, since your last fix of dnsmasq's integration with systemd,
> something has broken. I am not sure where is the problem (could be
> resolvconf too), but as far as I can remember this problem seems to have
> begun since your last update.
> 
> 
> rrs@champaran:~$ cat /var/run/dnsmasq/resolv.conf 
> nameserver 10.73.158.106
> nameserver 10.73.158.107
> nameserver 192.168.2.1
> 
> rrs@champaran:~$ host smtp.corp.corpdomain.com
> Host smtp.corp.corpdomain.com not found: 3(NXDOMAIN)
> 
> rrs@champaran:~$ dig @10.73.158.106 smtp.corp.corpdomain.com
> 
> ; <<>> DiG 9.8.1-P1 <<>> @10.73.158.106 smtp.corp.corpdomain.com
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18951
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
> 
> ;; QUESTION SECTION:
> ;smtp.corp.corpdomain.com.          IN      A
> 
> ;; ANSWER SECTION:
> smtp.corp.corpdomain.com.   3475    IN      A       10.57.159.114
> 
> ;; Query time: 31 msec
> ;; SERVER: 10.73.158.106#53(10.73.158.106)
> ;; WHEN: Wed Aug 15 13:39:48 2012
> ;; MSG SIZE  rcvd: 54
> 
> rrs@champaran:~$ dig smtp.corp.corpdomain.com
> 
> ; <<>> DiG 9.8.1-P1 <<>> smtp.corp.corpdomain.com
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24603
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> 
> ;; QUESTION SECTION:
> ;smtp.corp.corpdomain.com.          IN      A
> 
> ;; Query time: 0 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> ;; WHEN: Wed Aug 15 13:40:04 2012
> ;; MSG SIZE  rcvd: 38
> 
> 
> 
> As you can see, direct query to the nameserver works. Only if asking the
> local dnsmasq server, incorrect result is shown.
> 
> 
> 
> My setup involves my regular wifi network which provides the 192.x.x.x
> dns nameserver ip and my vpn connection which provides me the 10.x.x.x
> nameserver.
> 
> The vpn connection drops at times, so I do have a loop to check every 5
> minutes, and re-establish the connection if unavailable. 
> 

What does dig @192.168.2.1 smtp.corp.corpdomain.com return?

Assuming it's NXDOMAIN, that's your problem, and it's not a new one, but
the way dnsmasq has always worked. Dnsmasq is written on the strong
assumption that all the upstream nameservers are equal, and it can
forward a query to any of them. An NXDOMAIN answer is as good as any
other, and will be returned to the original requestor: it explicitly
doesn't trigger an attempt to send the query to another nameserver, and
the order of the nameservers is not significant.

If your 192.168.2.1 is local nameserver only handling certain domains,
you can configure dnsmasq to use it as such with the

server=/example.com/192.168.2.1

style configuration on /etc/dnsmasq.conf.


Cheers,

Simon.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to