Hey, I am using dnsmasq from libvirt, like so:
dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf \ --dhcp-script=/usr/lib/libvirt/libvirt_leaseshelper The configuration file is included below. Basically, this is a DHCP server and DNS forwarder, but I've also configured it to turn DHCP leases into DNS records, using the --domain keyword. This works splendidly and OMG did I rejoice to see how wonderfully easy this was to set up and just get it working. However, there's an issue relating to nonexistent RRs for the hosts configured by DHCP, as exemplified by a call to /usr/bin/host: % host red.virt red.virt has address 192.168.122.60 Host red.virt not found: 2(SERVFAIL) Host red.virt not found: 2(SERVFAIL) This is because host queries the DNS server for A, AAAA, and MX all at once. It's obvious that dnsmasq does not know about AAAA or MX for the host in this setup. However, why is it returning SERVFAIL? Moreover, this is not consistently the case. At other times, I get timeouts when asking for these RRs: % dig @192.168.122.1 aaaa green.virt *** 5–10 seconds later *** ; <<>> DiG 9.9.5-7-Debian <<>> @192.168.122.1 aaaa green.virt ; (1 server found) ;; global options: +cmd ;; connection timed out; no servers could be reached Am I doing something wrong? I thought that the correct behaviour for a DNS server when asked about a record it does not have is to respond with NOERROR, AUTHORITY:1 and ANSWER:0. ==> /var/lib/libvirt/dnsmasq/default.conf: strict-order domain=virt expand-hosts pid-file=/var/run/libvirt/network/default.pid except-interface=lo bind-dynamic interface=virbr0 dhcp-range=192.168.122.2,192.168.122.254 dhcp-no-override dhcp-leasefile=/var/lib/libvirt/dnsmasq/default.leases dhcp-lease-max=253 dhcp-hostsfile=/var/lib/libvirt/dnsmasq/default.hostsfile addn-hosts=/var/lib/libvirt/dnsmasq/default.addnhosts -- @martinkrafft | http://madduck.net/ | http://two.sentenc.es/ "when in doubt, parenthesize. at the very least it will let some poor schmuck bounce on the % key in vi." -- larry wall spamtraps: madduck.bo...@madduck.net
digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/sig-policy/999bbcc4/current)
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss