Re: [Dnsmasq-discuss] Many immortals slow down dnsmasq. Bug or expected ?

There are some awesome data structures for simultaneously matching against huge numbers of patterns (as opposed to literal fixed strings). dnsmasq would get a lot more complicated if it tried to implement them, and complication in an internet-facing daemon is a "BAD thing" because it increases

Re: [Dnsmasq-discuss] Many immortals slow down dnsmasq. Bug or expected ?

On 10/03/2015 06:37 PM, Simon Kelley wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 address=/abcd/0.0.0.0/ does NOT use the cache code. There's an implied wildcard in the domain name, it matches *.abcd. The matching for this is a relatively slow, linear, search. It is certainly not

[Dnsmasq-discuss] Can dnsmasq using tcp to query the upstream dns servers?

Hi Simon, I want to do the following thing with dnsmasq: 1- Query some upstream dns servers with udp for some domains. 2- Query some upstream dns servers with tcp for some domains. Can this be done? Regards -- Hongyi Zhao Xinjiang Technical Institute of Physics and

Re: [Dnsmasq-discuss] Two issues on using the server option.

On 01/10/15 16:40, Hongyi Zhao wrote: > Hi Simon, > > Please see the following two commands to running the dnsmasq: > > $ sudo dnsmasq -d -q -R -h --server=/google.com/8.8.8.8#53 > --server=/google.com/8.8.4.4#53 -p 5356 --no-poll --all-servers > dnsmasq: started, version 2.76test1-11-g4790115

Re: [Dnsmasq-discuss] ProxyDHCP with UEFI systems

The problem in known, but not the solution. I did start working on that about six months ago, but got bogged down in creating a test system. What would be really useful would be to find an implementation that works with UEFI and proxy DHCP, and getting for packet captures to show what should be

Re: [Dnsmasq-discuss] DNSMasq forwarding timeout

It looks like there's a routing problem that's stopping the query getting to 8.8.8.8, or stopping the answer getting back. Does dig @8.8.8.8 google.com work? Until you can make that work, dnsmasq is not going to work either. Simon. On 04/10/15 06:17, Tj Glawitsch wrote: > I have dnsmasq

Re: [Dnsmasq-discuss] [PATCH] Allow PXE style proxy mode for arbitrary Vendor Classes

On 04/10/15 23:03, Stefan Bruens wrote: > On Friday 28 August 2015 14:54:36 you wrote: >> Currently dnsmasq provides PXE style DHCP Proxy server support only >> for clients with a Vendor Class Identifier matching "^PXEClient.*". >> PXE is only defined for a few architectures, but the Proxy

Re: [Dnsmasq-discuss] Many immortals slow down dnsmasq. Bug or expected ?

On 05/10/15 15:35, wkitt...@gmail.com wrote: > On 10/03/2015 06:37 PM, Simon Kelley wrote: >> -BEGIN PGP SIGNED MESSAGE- >> Hash: SHA256 >> >> address=/abcd/0.0.0.0/ does NOT use the cache code. There's an implied >> wildcard in the domain name, it matches *.abcd. The matching for this >>

[Dnsmasq-discuss] ProxyDHCP with UEFI systems

Simon, There is a working implementation of ProxyDHCP that works with UEFI sytems. It's called Clonedeploy ProxhDHCP. Here is a link to the source and binary: https://github.com/cdadmin/clonedeploy/tree/master/clonedeploy_proxy_dhcp

Re: [Dnsmasq-discuss] DNSSEC: Answer for local hosts with AD flag set?

On 03.10.2015 07:53, Stéphane Guedon wrote: > Le vendredi 2 octobre 2015, 19:34:30 Ernst Ahlers a écrit : >> Thanks for chiming in Stephane, >> >>> Allowing dnsmasq to sign (or give a proof of authenticity) would solve >>> this >>> problem, yet I am sure it is not easy. >> >> AFAIK there's no

Re: [Dnsmasq-discuss] DNSSEC: Answer for local hosts with AD flag set?

> You can have a local zone with local data also in Unbound. Sure, but also signed with DNSSEC? CU ea -- Ernst Ahlers, Redakteur/Editor PGP-Key-ID: 0x265E 3662, plain text preferred c't - Magazin für Computertechnik www.ct.de Karl-Wiechert-Allee 10 D-30625 Hannover, Germany Phone +49 (0)511

Re: [Dnsmasq-discuss] DNSSEC: Answer for local hosts with AD flag set?

Le lundi 5 octobre 2015, 12:31:11 Ernst Ahlers a écrit : > > You can have a local zone with local data also in Unbound. > > Sure, but also signed with DNSSEC? > > CU > > ea That, I don't think so. If you want to make something sophisticated, why not looking to Bind ? It makes all possible