Package: dnsmasq
Version: 2.37-1
Severity: normal
If dnsmasq gets a DNS standard query response with a
reply code of server failure, it repeats the request
infinitely instead of giving up.
I can trigger this at the moment e.g. by running
$ host 1.0.0.127.relays.visi.com
;; connection timed out; no servers could be reached
dnsmasq continues to retry the request even after
host reported the failure. The only way to stop
this is by terminating dnsmasq.
wireshark decodes a single request/respose as:
No. Time Source Destination Protocol Info
1 0.000000 87.162.85.72 217.237.151.51 DNS
Standard query A 1.0.0.127.relays.visi.com
Frame 1 (87 bytes on wire, 87 bytes captured)
Linux cooked capture
Internet Protocol, Src: 87.162.85.72 (87.162.85.72), Dst: 217.237.151.51
(217.237.151.51)
User Datagram Protocol, Src Port: 32865 (32865), Dst Port: domain (53)
Domain Name System (query)
[Response In: 146]
Transaction ID: 0x73cd
Flags: 0x0100 (Standard query)
0... .... .... .... = Response: Message is a query
.000 0... .... .... = Opcode: Standard query (0)
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... .0.. .... = Z: reserved (0)
.... .... ...0 .... = Non-authenticated data OK: Non-authenticated data
is unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
1.0.0.127.relays.visi.com: type A, class IN
Name: 1.0.0.127.relays.visi.com
Type: A (Host address)
Class: IN (0x0001)
No. Time Source Destination Protocol Info
2 0.050787 217.237.151.51 87.162.85.72 DNS
Standard query response, Server failure
Frame 2 (87 bytes on wire, 87 bytes captured)
Linux cooked capture
Internet Protocol, Src: 217.237.151.51 (217.237.151.51), Dst: 87.162.85.72
(87.162.85.72)
User Datagram Protocol, Src Port: domain (53), Dst Port: 32865 (32865)
Domain Name System (response)
[Request In: 145]
[Time: -3.877039000 seconds]
Transaction ID: 0x73cd
Flags: 0x8182 (Standard query response, Server failure)
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for
domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 1... .... = Recursion available: Server can do recursive
queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion
was not authenticated by the server
.... .... .... 0010 = Reply code: Server failure (2)
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
1.0.0.127.relays.visi.com: type A, class IN
Name: 1.0.0.127.relays.visi.com
Type: A (Host address)
Class: IN (0x0001)
Please fix ;-/
Thanks,
Johannes
-- System Information:
Debian Release: 4.0
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.20-dirty
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)
Versions of packages dnsmasq depends on:
ii adduser 3.102 Add and remove users and groups
ii libc6 2.3.6.ds1-11 GNU C Library: Shared libraries
ii libdbus-1-3 1.0.2-1 simple interprocess messaging syst
ii netbase 4.29 Basic TCP/IP networking system
dnsmasq recommends no packages.
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
