[Dnsmasq-discuss] dns-loop-detect doesn't appear to be working

Thu, 17 Oct 2019 11:42:12 -0700 

Hey all,
Hopefully I am just misconfiguring something, but when I try to test out the dns-loop-detect feature and configure two instances of dnsmasq to forward to each other a loop is formed but is never stopped. 

Steps to reproduce:

Prerequisites:

  * Two VM based servers on the same network

  * Both running dnsmasq as a container using the host network.

  * Each has a configuration line to forward "my.fun.domain" to the other

Procedure:

  * Run the two containers with the described configuration WITHOUT the 
dns-loop-detect flag.

    The following startup logs were observed:

        dnsmasq[10]: started, version 2.80 cachesize 150

        dnsmasq[10]: compile time options: IPv6 GNU-getopt no-DBus no-i18n 
no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth no-DNSSEC loop-detect 
inotify dumpfile

        dnsmasq[10]: using nameserver <other server IP>#53 for domain 
my.fun.domain

        dnsmasq[10]: cleared cache

  * From one of the servers, query using nslookup:

    "nslookup some.my.fun.domain 127.0.0.1"

  * Observe both servers forward to each other repeatedly and immediately reach 
the connection limit.

    Truncated logs from one server:

          dnsmasq[9]: query[A] some.my.fun.domain from 10.19.166.12

          dnsmasq[9]: forwarded some.my.fun.domain to 10.19.166.12

          parsed: ['query[A]', 'some.my.fun.domain', 'from', '10.19.166.12']

          dnsmasq[9]: query[A] some.my.fun.domain from 10.19.166.12

          dnsmasq[9]: forwarded some.my.fun.domain to 10.19.166.12

          dnsmasq[9]: Maximum number of concurrent DNS queries reached (max: 
150)

    Logs from the other server are identical but instead have the opposite 
server's IP address.

 -----

  * Stop the two containers, and run again WITH the dns-loop-detect flag in the 
configuration

    The same exact startup logs are observed as before.

  * Perform the same nslookup query from one of the servers

    "nslookup some.my.fun.domain 127.0.0.1"

  * Observe both servers show the exact same behavior as before.

  The configuration used:

      ```

      no-resolv

      no-hosts

      dns-loop-detect

      server=/my.fun.domain/<IP of other server>#53

      user=root

      conf-dir=/etc/dnsmasq.d

      ```

Any suggestions?

Thanks,
Jon


_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss






















					Reply via email to