Re: [Dnsmasq-discuss] Insecure DS reply received, do upstream DNS servers support DNSSEC?

On 24/08/2019 18:47, Tore Anderson wrote: > Some more information: > >> When the bug occurs, the error «Insecure DS reply received, do upstream DNS >> servers support DNSSEC?» is logged. > > I think that the problem might be caused by this query in frames 7-8 of the > PCAP: > > 7

Re: [Dnsmasq-discuss] [PATCH] Change dhcp_release to use first address when no IP subnet matches

On 8/22/19 6:50 PM, Simon Kelley wrote: On 26/04/2019 21:03, Brian Haley wrote: Currently, dhcp_release will only send a 'fake' release when the address given is in the same subnet as an IP on the interface that was given. This doesn't work in an environment where dnsmasq is managing leases

[Dnsmasq-discuss] [PATCH v2] Change dhcp_release to use default address when no IP subnet matches

From: Brian Haley Currently, dhcp_release will only send a 'fake' release when the address given is in the same subnet as an IP on the interface that was given. This doesn't work in an environment where dnsmasq is managing leases for remote subnets via a DHCP relay, as running dhcp_release

Re: [Dnsmasq-discuss] [BUG] [PATCH] RA are sent too fast and slows down the machine

Hi, I have found what is going on. That RA seems to be switching between dynamically assigned address and manually assigned address. It is just wrong to assume there is one address on physical interface, especially in IPv6 world. It seems my patch (attached), checking just subnet and not caring

Re: [Dnsmasq-discuss] [BUG] RA are sent too fast and slows down the machine

Hi Vladislav, No, I am talking about different issue, commit already released in latest release. It was introduced by commit [1]. I have no proper fix for it yet, but revert offending commit. I think you were mentioning issue is have different reproducer for [2], TCP no longer listened on

Re: [Dnsmasq-discuss] [BUG] RA are sent too fast and slows down the machine

Hi, Petr, Just worrying, isn't this bug a side effect of previous interface-related binding patch we're talking about? If yes, since it's not in upstream, it can be quite tricky to reproduce it on vanilla sources. Best Regards, Vladislav Grishenko -Original Message- From:

Re: [Dnsmasq-discuss] Best way to handle dual-wans with dnsmasq (John Knight)

Hi John, we are using kind of hack for similar purpose in dnssec-trigger package. If udhcpc serves domain or search directives for resolv.conf, they can be used to redirect just those domains to management servers. It can work centrally managed. But requires special handling of search domains,

Re: [Dnsmasq-discuss] [BUG] RA are sent too fast and slows down the machine

Hi Iain, of course. I am sorry, forgot to add a link as intended[1]. Used base report from Network Manager tester report. I added it to Fedora bug mentioned, but forgot to add script itself. At least to me, it produces tens of RA announces. Regards, Petr [1]