Re: [Dnsmasq-discuss] localise-queries not working correctly

Wed, 29 Feb 2012 08:39:50 -0800 

On 29/02/12 13:57, John Hanks wrote:

I posted about similar behavior with subnets carved from the class A
10.*.*.* several days ago:
http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2012q1/005525.html

In my case I am using 2.59 and dnsmasq returns all addresses in
10.0.0.0/8 when queried from itself to any of its interfaces in
10.*.*.* even though the interfaces themselves are all /16. Queries
from hosts other than the dnsmasq host to any of these /16 interfaces
return the correct results.

jbh

On Wed, Feb 29, 2012 at 6:47 AM, Lorenzo Milesi<max...@ufficyo.com>  wrote:

I just checked, and it's working here. What dnsmasq version are you
using?


Dnsmasq version 2.35

I'm still on debian 4 on this host.

thanks!

_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
OK, I think I just found an interesting problem that could be affecting this. I don't have the time to wade through the descriptions you've both posted of your systems, and there may not be enough information anyway, so I'll try and explain what's going on and you can judge if it's applicable. 

the algorithm for localisation is

get set of answers S

if (any member if S is in the subnet
    of the interface the query was
    sent to)
then return (only members of S which are
             in the subnet)
The wrinkle is that to determine the subnet, you need a netmask, and the netmask dnsmasq is using is the netmask of the interface the query was received on, not the one it was send to.
So, for instance I have a set of /24s 192.168.x.y on my central server, and the central server's name has an address 192.168.x.1 on each subnet. Sending queries to the central server at 192.168.1.1 returns the single address for the server - OK.
But running the same query to the same address on the server gets all the addreses. That's because the query is routed over the lo interface which has netmask 255.0.0.0. Doing the subnet tests above with netmask 255.0.0.0 yields all the addresses, since they are all in 192.x.y.z
(Actually, reading Lorenzo's description, I think this exactly what he's seeing, I;'m not sure about John.) 

Fixing this problem will be, erm, interesting.

Am I on the right lines here?


Simon.


_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Reply via email to