[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
Hope, my experience might help somebody affected with this issue. I've just put the needed domain into the "Additional search domains" line of the IPv4 settings of my VPN connection, and it did the trick. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
Christian, the workaround is to comment out the line "dns=dnsmasq" in /etc/NetworkManager/NetworkManager.conf. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
I stumbled upon this Problem on 15.04. I cannot resolve company intranet hosts via VPN as my WLANs local DNS server is always faster and only knows about my local machines and internet. >From a users perspective I don't care about what might be the correct setup of the DNS-Servers (I cannot influence them) nor about personal opinions on how it should be done. I need my system to work. I'm very happy with Ubuntu, but this is a show stopper for me. I'll try to find a work around as I could not find one above (why not this is about 3 years old already). But if I cannot find one this will mean the end of ubuntu on my company notebook. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: network-manager (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
** Changed in: network-manager (Ubuntu) Status: In Progress => New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
The same problem persists in 14.04. My DHCP server pushes two DNS servers: primary (10.0.0.3), located inside the local network and secondary (10.0.2.1), located in DMZ. Primary server's zone includes records for some servers that are accessible only from local network. Periodically (maybe after lease renew?) computer with 14.04 could not resolve local names which records are absent in seconary server's zone. Workaround is to make internal view for secondary server's zone in order to let computers from local network resolve such local names. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
** Changed in: network-manager (Ubuntu Precise) Milestone: ubuntu-12.04.2 => ubuntu-12.04.3 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
The target milestone should be adjusted, I guess. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
Earlier there was some dispute about what the RFCs say about multiple nameservers. I found the following RFC which does have something to say about these issues. http://www.zoneedit.com/doc/rfc/rfc2182.txt Here are a couple of passages... Request for Comments: 2182 Category: Best Current Practice Selection and Operation of Secondary DNS Servers Abstract The Domain Name System requires that multiple servers exist for every delegated domain (zone). This document discusses the selection of secondary servers for DNS zones. Both the physical and topological location of each server are material considerations when selecting secondary servers. The number of servers appropriate for a zone is also discussed, and some general secondary server maintenance issues considered. [...] With multiple servers, usually one server will be the primary server, and others will be secondary servers. Note that while some unusual configurations use multiple primary servers, that can result in data inconsistencies, and is not advisable. The distinction between primary and secondary servers is relevant only to the servers for the zone concerned, to the rest of the DNS there are simply multiple servers. All are treated equally at first instance, even by the parent server that delegates the zone. Resolvers often measure the performance of the various servers, choose the "best", for some definition of best, and prefer that one for most queries. That is automatic, and not considered here. [...] -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
Simon wrote: > Consider [...] > server=/google.com/3.3.3.3 > server=/google.com/4.4.4.4 [...] > Queries sent to *google.com will be sent 3.3.3.3 or 4.4.4.4 in the > same way as if strict order was set, ie, to 3.3.3.3 first, and only to > 4.4.4.4 if 3.3.3.3 returns a SERVFAIL or REFUSED error, or doesn't > reply at all. > > This should be changed, but the code which implements it is knarly > and old, and won't stand more tinkering, it needs rewriting. I've > not found the time, as of yet. That doesn't sound as if it's urgently needed for anything we are talking about here. What we do need is for strict-order to work when addresses are provided over D-Bus. (That this requires work: see #49. That this is needed: see below.) >> We say that networks ought to >> have equivalent nameservers and we make no attempt to detect networks >> that have non-equivalent nameservers, of which there are very many. > > Detect non-equivalent servers is hard. I'm very much in favour of > doing it, if a way can be found. Well, let's look at the ideas that have been put forward so far. Solution #1. Disable NM-dnsmasq by default. This is the only solution we have right now. Other ideas that probably need more thought... Solution #2. Enhance dnsmasq such that it can be given an ordered list of nameservers via D-Bus and can process this list in strict-order fashion. Then do every lookup in strict-order fashion, but detect offline nameservers and omit them temporarily from the list. (This is my interpretation of Stéphane's suggestion in #37.) Solution #3. Enhance dnsmasq such that it can be given an ordered list of nameservers via D-Bus and can process this list in strict-order fashion. Then do a given lookup in strict-order fashion if * the lookup is being routed to a specific nameserver due to a "server" option; * the name is in one of the search domains returned by DHCP (as suggested my M T-L in #34); * the name is not in any of the recognized TLDs; or * we have detected nameserver nonequivalence since the last time the list of nameservers changed. The detection mechanism is as described in #28: on encountering NODATA or NXDOMAIN, dnsmasq returns the negative result immediately but also reiterates the query to all nameservers listed earlier than the one that answered. If one of those nameservers later returns an address then nameserver nonequivalence has been detected. (This combines several earlier suggestions.) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
On 06/02/13 09:18, Thomas Hood wrote: > [...cont'd after "in order to fix"...] bug #1072899, dnsmasq will > have to be enhanced such that proposition #1 is true. But we can > discuss the details of that in bug #1072899. > > There is a close analogy between the problem here (bug > #1003842) and a problem we have with avahi. Avahi resolves names in > the domain ".local". Networks should not use this TLD, but many do > and at least in the past Microsoft actually recommended doing so. > When users connect to such networks with avahi enabled the result is > malfunction. Upstream purisitically says[*] "If you come across a > network where .local is a unicast DNS domain, please contact the > local administrator and ask him to move his DNS zone to a different > domain. If this is not possible, we recommend not to use Avahi in > such a network at all." In practice avahi attempts to detect "bad" > networks and disables itself if it thinks it is on a bad network, > subject unfortunately both to false positives (bug #327362) and false > negatives (bug #80900). > > We aren't yet doing even that well. We say that networks ought to > have equivalent nameservers and we make no attempt to detect networks > that have non-equivalent nameservers, of which there are very many. > > [*]http://avahi.org/wiki/AvahiAndUnicastDotLocal > Detect non-equivalent servers is hard. I'm very much in favour of doing it, if a way can be found. Simon. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
On 06/02/13 08:59, Thomas Hood wrote: > Hi Simon. > > Before I forget to ask: can you please update dnsmasq(8) to include > under "--strict-order" a description of what happens when nameserver > addresses are passed in via D-Bus instead of via a file? > > You wrote, >> you can very easily provide the same behaviour - only pass the first >> nameserver to dnsmasq > > Because NM doesn't use dnsmasq to cache, if NM were to give dnsmasq only > one address then I guess the only service that dnsmasq would still > provide is that of name-to-server mapping. > > And it turns out that the way NM currently uses dnsmasq to do this is > seriously flawed. So I conclude that it's better for NM not to use > dnsmasq at all until these problems are solved. > >> [That NM only supplies one nameserver address per domain name] >> is a different problem, and could be solved. > >>From the man page it's not completely clear how to solve it. Can you > confirm (1) that it's possible to give multiple server options as > follows > > server=/google.com/1.2.3.4 > server=/google.com/5.6.7.8 > > and that the result will be that 1.2.3.4 and 5.6.7.8 will be treated > equally for the purpose of resolving names in domain google.com? (2) And > likewise via D-Bus? > > (3) What effect does strict-order have on this? > >> Ironically, I think the >> problem arises because for nameservers associated with particular >> domains, the equivalent of --strict-order is always in play. > > What you say here suggests that my proposition #1 above is false. If #1 > is false then it seems that in order to fix > proposition #1 is true, as is #2: you can configure the same thing via DBus. Consider server=1.1.1.1 server=2.2.2.2 server=/google.com/3.3.3.3 server=/google.com/4.4.4.4 Queries not sent to *.google.com will behave in the normal dnsmasq manner, sent non-deterministically to 1.1.1.1 and/or 2.2.2.2 in a way which tries to favour the fastest/most up server. Queries sent to *google.com will be sent 3.3.3.3 or 4.4.4.4 in the same way as if strict order was set, ie, to 3.3.3.3 first, and only to 4.4.4.4 if 3.3.3.3 returns a SERVFAIL or REFUSED error, or doesn't reply at all. This should be changed, but the code which implements it is knarly and old, and won't stand more tinkering, it needs rewriting. I've not found the time, as of yet. Cheers, Simon. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
[...cont'd after "in order to fix"...] bug #1072899, dnsmasq will have to be enhanced such that proposition #1 is true. But we can discuss the details of that in bug #1072899. There is a close analogy between the problem here (bug #1003842) and a problem we have with avahi. Avahi resolves names in the domain ".local". Networks should not use this TLD, but many do and at least in the past Microsoft actually recommended doing so. When users connect to such networks with avahi enabled the result is malfunction. Upstream purisitically says[*] "If you come across a network where .local is a unicast DNS domain, please contact the local administrator and ask him to move his DNS zone to a different domain. If this is not possible, we recommend not to use Avahi in such a network at all." In practice avahi attempts to detect "bad" networks and disables itself if it thinks it is on a bad network, subject unfortunately both to false positives (bug #327362) and false negatives (bug #80900). We aren't yet doing even that well. We say that networks ought to have equivalent nameservers and we make no attempt to detect networks that have non-equivalent nameservers, of which there are very many. [*]http://avahi.org/wiki/AvahiAndUnicastDotLocal -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
Hi Simon. Before I forget to ask: can you please update dnsmasq(8) to include under "--strict-order" a description of what happens when nameserver addresses are passed in via D-Bus instead of via a file? You wrote, > you can very easily provide the same behaviour - only pass the first > nameserver to dnsmasq Because NM doesn't use dnsmasq to cache, if NM were to give dnsmasq only one address then I guess the only service that dnsmasq would still provide is that of name-to-server mapping. And it turns out that the way NM currently uses dnsmasq to do this is seriously flawed. So I conclude that it's better for NM not to use dnsmasq at all until these problems are solved. > [That NM only supplies one nameserver address per domain name] > is a different problem, and could be solved. >From the man page it's not completely clear how to solve it. Can you confirm (1) that it's possible to give multiple server options as follows server=/google.com/1.2.3.4 server=/google.com/5.6.7.8 and that the result will be that 1.2.3.4 and 5.6.7.8 will be treated equally for the purpose of resolving names in domain google.com? (2) And likewise via D-Bus? (3) What effect does strict-order have on this? > Ironically, I think the > problem arises because for nameservers associated with particular > domains, the equivalent of --strict-order is always in play. What you say here suggests that my proposition #1 above is false. If #1 is false then it seems that in order to fix -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
Belay my previous comment about 1072899, it looks like network manager is losing the second server before it ever gets to dnsmasq. Not a dnsmasq problem. Simon. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
On 04/02/13 22:05, Thomas Hood wrote: > Simon in #49: >> It doesn't work [...] the order of servers given to the DBus >> interface isn't preserved internally > > Aha, so the answer to my question > >> Will switching on strict-order have the same effect >> now that nameserver addresses are sent over D-Bus? > > (in comment #42) is "No". So switching strict-order back on is no > solution. And solutions depending on strict-order including mine in #28 > also won't work. Unless dnsmasq is somehow changed such that it > remembers the order in which nameserver addresses come in over D-Bus so > that strict-order is useful in the D-Bus case, if we want to avoid > breaking name service on machines connected to NNNs then we have to > disable dnsmasq by default; or disable it initially and only enable it > when we know that we aren't on a NNN. Note that setting --strict-order is pretty much equivalent to telling dnsmasq to use only the first nameserver, so you can very easily provide the same behaviour - only pass the first nameserver to dnsmasq. Maybe provide a button in NM that does this - "press here if you're in a captive portal". > > (NNN = nonequivalent-nameserver network. As discussed in comment #5, > such networks are not properly configured. But as observed several > times, there are many NNNs out there. Which is why *many* people have > been commenting out "dns=dnsmasq".) > > There is another problem with NM-dnsmasq (bug #1072899). Some VPNs have > multiple nameservers. NM uses dnsmasq to direct VPN domain name queries > to the *first* one. But then, if the first one goes down, the second one > is not tried. Once again, for the sake of speed enhancement in the > favorable case, users suffer radical name service failure in the > unfavorable case. This is not a good deal, IMHO. NM-dnsmasq should be > disabled by default until these problems are solved. That's a different problem, and could be solved. Ironically, I think the problem arises because for nameservers associated with particular domains, the equivalent of --strict-order is always in play. Cheers, Simon. > -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
Simon in #49: > It doesn't work [...] the order of servers given to the DBus > interface isn't preserved internally Aha, so the answer to my question > Will switching on strict-order have the same effect > now that nameserver addresses are sent over D-Bus? (in comment #42) is "No". So switching strict-order back on is no solution. And solutions depending on strict-order including mine in #28 also won't work. Unless dnsmasq is somehow changed such that it remembers the order in which nameserver addresses come in over D-Bus so that strict-order is useful in the D-Bus case, if we want to avoid breaking name service on machines connected to NNNs then we have to disable dnsmasq by default; or disable it initially and only enable it when we know that we aren't on a NNN. (NNN = nonequivalent-nameserver network. As discussed in comment #5, such networks are not properly configured. But as observed several times, there are many NNNs out there. Which is why *many* people have been commenting out "dns=dnsmasq".) There is another problem with NM-dnsmasq (bug #1072899). Some VPNs have multiple nameservers. NM uses dnsmasq to direct VPN domain name queries to the *first* one. But then, if the first one goes down, the second one is not tried. Once again, for the sake of speed enhancement in the favorable case, users suffer radical name service failure in the unfavorable case. This is not a good deal, IMHO. NM-dnsmasq should be disabled by default until these problems are solved. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
On 04/02/2013 17:07, Simon Kelley wrote: > On 04/02/13 15:36, Sergio Callegari wrote: >> On 04/02/2013 15:40, Simon Kelley wrote: >>> On 03/02/13 07:48, Thomas Hood wrote: > there's still the unresolved question > of whether re-enabling --strict-order > will suffice as a workaround, since > 12.10 relies on DBus to populate the > nameservers. Is there any extra > information on this? Please try it and report back. :-) (Put "strict-order" in a file in /etc/NetworkManager/dnsmasq.d/; stop network-manager; make sure all dnsmasq processes are dead; start network-manager.) >>> It doesn't work: It will always use the same server first, but the order >>> of servers given to the DBus interface isn't preserved internally, and >>> actually changes each time the DBus interface is used. >>> >>> >>> Cheers, >>> >>> Simon. >> Isn't it possible to change dnsmasq behavior to query the servers in any >> order >> or in parallel and in the case the first server to reply says "I don't know" >> avoid relying on that information, rather wait and see if in a reasonable >> time >> some other server answers "I do"? > You're far from the first person to ask that question. The answer is > that there is no possible response in the DNS protocol which means "I > don't know". NXDOMAIN or NODATA answers _don't_ mean that; they mean "I > know that this domain doesn't exist". They also make up quite a large > proportion of the DNS results returned to the average host, so that all > of those queries would suddenly take much longer. Yes, I realize that the problem is with the setup of the intranet, that should not add names to a domain that is known on the internet or invent a subdomain of something that is on the internet. But as a workaround, having a switch to activate "wait for further answers if you get an 'it does not exist'" would be nice for those willing to pay the price of a longer wait (or possibly even auto-activate it if a dns is detected to be on an intranet). Best regards, Sergio -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
On 04/02/13 15:36, Sergio Callegari wrote: > On 04/02/2013 15:40, Simon Kelley wrote: >> On 03/02/13 07:48, Thomas Hood wrote: there's still the unresolved question of whether re-enabling --strict-order will suffice as a workaround, since 12.10 relies on DBus to populate the nameservers. Is there any extra information on this? >>> Please try it and report back. :-) >>> >>> (Put "strict-order" in a file in /etc/NetworkManager/dnsmasq.d/; stop >>> network-manager; make sure all dnsmasq processes are dead; start >>> network-manager.) >>> >> It doesn't work: It will always use the same server first, but the order >> of servers given to the DBus interface isn't preserved internally, and >> actually changes each time the DBus interface is used. >> >> >> Cheers, >> >> Simon. > Isn't it possible to change dnsmasq behavior to query the servers in any > order > or in parallel and in the case the first server to reply says "I don't know" > avoid relying on that information, rather wait and see if in a reasonable > time > some other server answers "I do"? You're far from the first person to ask that question. The answer is that there is no possible response in the DNS protocol which means "I don't know". NXDOMAIN or NODATA answers _don't_ mean that; they mean "I know that this domain doesn't exist". They also make up quite a large proportion of the DNS results returned to the average host, so that all of those queries would suddenly take much longer. > > With the current behavior, whenever I need to access a captive portal, I > basically have to press the "reload page" button 50 times until for some > reasons > the order in which the nameservers reply becomes the good one. The fundamental problem lies with the captive portal, and no good solution which can be implemented by dnsmasq has so far been devised. Cheers, Simon. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
On 04/02/2013 15:40, Simon Kelley wrote: > On 03/02/13 07:48, Thomas Hood wrote: >>> there's still the unresolved question >>> of whether re-enabling --strict-order >>> will suffice as a workaround, since >>> 12.10 relies on DBus to populate the >>> nameservers. Is there any extra >>> information on this? >> Please try it and report back. :-) >> >> (Put "strict-order" in a file in /etc/NetworkManager/dnsmasq.d/; stop >> network-manager; make sure all dnsmasq processes are dead; start >> network-manager.) >> > It doesn't work: It will always use the same server first, but the order > of servers given to the DBus interface isn't preserved internally, and > actually changes each time the DBus interface is used. > > > Cheers, > > Simon. Isn't it possible to change dnsmasq behavior to query the servers in any order or in parallel and in the case the first server to reply says "I don't know" avoid relying on that information, rather wait and see if in a reasonable time some other server answers "I do"? With the current behavior, whenever I need to access a captive portal, I basically have to press the "reload page" button 50 times until for some reasons the order in which the nameservers reply becomes the good one. Cheers, Sergio -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
On 03/02/13 07:48, Thomas Hood wrote: >> there's still the unresolved question >> of whether re-enabling --strict-order >> will suffice as a workaround, since >> 12.10 relies on DBus to populate the >> nameservers. Is there any extra >> information on this? > > Please try it and report back. :-) > > (Put "strict-order" in a file in /etc/NetworkManager/dnsmasq.d/; stop > network-manager; make sure all dnsmasq processes are dead; start > network-manager.) > It doesn't work: It will always use the same server first, but the order of servers given to the DBus interface isn't preserved internally, and actually changes each time the DBus interface is used. Cheers, Simon. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
>there's still the unresolved question > of whether re-enabling --strict-order > will suffice as a workaround, since > 12.10 relies on DBus to populate the > nameservers. Is there any extra > information on this? Please try it and report back. :-) (Put "strict-order" in a file in /etc/NetworkManager/dnsmasq.d/; stop network-manager; make sure all dnsmasq processes are dead; start network-manager.) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
I started using my employer's OpenVPN today and encountered name resolution problems. From my research, this here bug appears to be plaguing me, as well (I'm on 12.10). Commenting the line dns=dnsmasq in /etc/NetworkManager/NetworkManager.conf does fix the problem. However, _all_ DNS is routed out the VPN in this case. I rather like the idea of splitting the DNS responsibilities. I see there's still the unresolved question of whether re-enabling --strict-order will suffice as a workaround, since 12.10 relies on DBus to populate the nameservers. Is there any extra information on this? -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
@tombert: Probably not the same issue, since the issue being discussed here is not fixed by restarting. Please file a new bug report against dnsmasq with a detailed description of your problem. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
I am having similar problems. In order to get DNS to work I need to restart dnsmasq after boot (manually or via script) in order to get it to resolve hostnames. DHCP works fine though. I am on 12.10 thx -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
Stéphane? -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
I experienced the problems described where I lost DNS resolution when connected to a corporate VPN. With help from a coworker I fixed it temporarily by commenting #dns=dnsmasq in /etc/NetworkManager/NetworkManager.conf as recommended in bug #903854 P.S. I lost a lot of time trying to figure out why my VPN connections were suddenly no longer working. I hope Ubuntu finds a permanent solution that keeps private VPNs working. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
One thing needs to be checked, though. Reading dnsmasq(8): -o, --strict-order By default, dnsmasq will send queries to any of the upstream servers it knows about and tries to favour servers that are known to be up. Setting this flag forces dnsmasq to try each query with each server strictly in the order they appear in /etc/resolv.conf Will switching on strict-order have the same effect now that nameserver addresses are sent over D-Bus? -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
It has been a few months since the last comment. If no solution along the lines of those outlined earlier (see comments #28, #29, #34, #37) is forthcoming then nm-dnsmasq should simply be put back into strict-order mode, thus reversing the change made at the suggestion of bug #903854. Stéphane wrote in #37: > Switching back to strict-order is a bad idea for the reasons > listed in bug 903854, namely, we'd loose our biggest > advantage from using dnsmasq. The biggest advantage is only a performance advantage under some circumstances. This in no way stacks up against outright failure under other circumstances — circumstances typical of many LANs. If no solution for this bug (#1003842) is forthcoming then it is time to admit that switching off strict-order was the wrong thing to do. Knowing what we know now, we should switch it back on, and only switch it off again when a solution has been found for this bug. If switching on strict- order eliminates the only advantages of using nm-dnsmasq then nm-dnsmasq itself should be switched off (as proposed at bug #1086693) until that time. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
@Stéphane: Can you please give us an idea of what, if anything, you think will be done about this problem in Quantal? -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
I also have this problem when I use nm-dnsmasq and connect to work over VPN. Although there is now a /etc/NetworkManager/dnsmasq.d directory, adding a file there with "strict-order" in it is not enough to fix the problem. That option seems to have no effect when addresses are conveyed to dnsmasq over D-Bus. So I now work around the problem by commenting out "dns=dnsmasq" in /e/NM/NM.conf. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
** Changed in: network-manager (Ubuntu Precise) Milestone: ubuntu-12.04.1 => ubuntu-12.04.2 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
@Stéphane: The problem doesn't arise from servers not responding. It arises from servers responding with NODATA or NXDOMAIN. See my comment #28. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
Untargeted the dnsmasq part of it from 12.04.1 as we realistically won't get a change in dnsmasq by then. Switching back to strict-order is a bad idea for the reasons listed in bug 903854, namely, we'd loose our biggest advantage from using dnsmasq. But there should be a middle ground here where servers would usually be checked like in strict-order and any server not responding in $AMOUNT_OF_TIME is automatically skipped for later queries + a watchdog querying the server from time to time to see if it's back to life. ** Changed in: dnsmasq (Ubuntu Precise) Milestone: ubuntu-12.04.1 => None -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
Just to mention that I have run into this problem myself when I connect to work over VPN. I'm using standalone dnsmasq and not using nm- dnsmasq. Turning on strict-order fixes it. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
Here's some background information I stumbled across. Once upon a time NM started dnsmasq in strict-order mode but this was changed. https://bugs.launchpad.net/ubuntu/+source/network- manager/+bug/903854 This bug was mentioned in the discussion about domain name service changes for Precise. https://blueprints.launchpad.net/ubuntu/+spec/foundations-p-dns- resolving -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
** Changed in: dnsmasq (Debian) Status: Unknown => New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
** Bug watch added: Debian Bug tracker #675319 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=675319 ** Also affects: dnsmasq (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=675319 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
As a "quick" fix, it might be possible to just include the DNS servers reported by DHCP twice for dnsmasq: once by itself for "global" resolution, and once with the search domain from DHCP so that local network resolution might work. I'll investigate the idea, as that would likely solve at least half of the problem cases here. ** Changed in: network-manager (Ubuntu) Status: Confirmed => In Progress ** Changed in: network-manager (Ubuntu) Assignee: (unassigned) => Mathieu Trudel-Lapierre (mathieu-tl) ** Changed in: network-manager (Ubuntu Precise) Assignee: (unassigned) => Mathieu Trudel-Lapierre (mathieu-tl) ** Changed in: network-manager (Ubuntu Precise) Status: Confirmed => Triaged -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
#991347 describes a case where there's a nameserver in the list that always replies very quickly with "no data". Dnsmasq currently selects this nameserver because it's quick, the result being that all names fail to be resolved. Ungood. The measures proposed above would also improve handling of the case just described, so long as it's not the first-listed nameserver that's misbehaving, even though in the case just described a better response would be to detect the malfunction and to ignore the malfunctioning nameserver until it gets fixed. (An even better behavior would be for dnsmasq autonomously to construct a map of which servers can resolve for which domains, but this is asking a lot.) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
** Also affects: dnsmasq (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: network-manager (Ubuntu Precise) Importance: Undecided Status: New ** Changed in: network-manager (Ubuntu Precise) Status: New => Confirmed ** Changed in: network-manager (Ubuntu Precise) Importance: Undecided => Medium ** Changed in: network-manager (Ubuntu Precise) Milestone: None => ubuntu-12.04.1 ** Changed in: dnsmasq (Ubuntu Precise) Status: New => Confirmed ** Changed in: dnsmasq (Ubuntu Precise) Importance: Undecided => Medium ** Changed in: dnsmasq (Ubuntu Precise) Milestone: None => ubuntu-12.04.1 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
** Changed in: dnsmasq (Ubuntu) Status: New => Confirmed ** Changed in: dnsmasq (Ubuntu) Importance: Undecided => Medium ** Changed in: network-manager (Ubuntu) Importance: Undecided => Medium -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1003842] Re: dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers
> I have marked this issue as affecting resolvconf > since we may want to implement a fix there along > the lines of #29 or similar. (In the absence of NM > and in the presence of dnsmasq, resolvconf also > feeds a nameserver list to dnsmasq.) Just remembered that the resolvconf hook script that does this feeding is located in the dnsmasq package. ** No longer affects: resolvconf (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1003842 Title: dnsmasq sometimes fails to resolve private names in networks with non- equivalent nameservers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs