[Re: dnsmasq help needed]

• Previous message: Michael Marsh: "Re: Why isn't MPlayer in Debian?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Fri, 24 Dec 2004 09:12:25 +0100
To: debian-user@lists.debian.org

Forwarding the dnsmasq problem analisys of Simon Kelley.

He very smartly spotted the bug I was talking about.

Happy XMas to Simon and all of you !

Bob

attached mail follows:

>From srk@sanger.ac.uk Thu Dec 23 23:19:37 2004
Return-Path: <srk@sanger.ac.uk>
X-ifm-sid: <lyb6AYqk>
X-ifm: VirusFree
Received: from cpc4-cmbg4-4-0-cust135.cmbg.cable.ntl.com [::ffff:81.108.205.135] by hal-4.inet.it via I-SMTP-5.2.1-520
        id ::ffff:81.108.205.135+t8Gf6faALB; Thu, 23 Dec 2004 23:19:37 +0100
Received: from desk.thekelleys.org.uk ([192.168.0.3] helo=sanger.ac.uk)
        by thekelleys.org.uk with esmtp (Exim 3.35 #1 (Debian))
        id 1ChbIg-00042X-00
        for <bob@ngi.it>; Thu, 23 Dec 2004 22:19:14 +0000
Message-ID: <41CB453C.2030206@sanger.ac.uk>
Date: Thu, 23 Dec 2004 22:22:52 +0000
From: Simon Kelley <srk@sanger.ac.uk>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-GB; rv:1.6) Gecko/20040413 Debian/1.6-5
X-Accept-Language: en
MIME-Version: 1.0
To: bob@ngi.it
Subject: Re: dnsmasq help needed
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit

>tcpdump -n -i eth0 port 53

>shows activity for "dig www.apple.com" every time, while for all other
>names I can try, the activity on port 53 eth0 occurs only on the first
>try (I am talking about repeated tries at short intervals weel under
>the 50 seconds) while the rest is obviously cached.

That looked a little odd, so I tried it myself and got the same result.
Poking around I found a bug which has been there pretty much since the
first versions of dnsmasq. Since its effect is to inhibit caching off a
very few names, I guess nobody has ever noticed it before.

To hit the problem, a name has to be a CNAME, and the actual A record
which it points to has to have the original name as a leading substring
of its name.

www.apple.com hits this:

; <<>> DiG 9.2.4rc5 <<>> @127.0.0.1 -p 10000 www.apple.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24807
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.apple.com. IN A

;; ANSWER SECTION:
www.apple.com. 1735 IN CNAME www.apple.com.akadns.net.
www.apple.com.akadns.net. 55 IN A 17.254.0.91

;; Query time: 22 msec
;; SERVER: 127.0.0.1#10000(127.0.0.1)
;; WHEN: Thu Dec 23 21:58:26 2004
;; MSG SIZE rcvd: 85

www.apple.com is CNAME, pointing to www.apple.com.akadns.net, which has
www.apple.com at its begining.

I think this gets some kind of record for bug subtlety, it will be
nailed in the next release.

Cheers,

Simon.

[ Please could you forward the above to the debian-user list. I found
the thread via Google and have no easy way to post to the list and keep
the threading intact.]

-- 
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

• Previous message: Michael Marsh: "Re: Why isn't MPlayer in Debian?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]