Re: [Dnsmasq-discuss] [Cerowrt-devel] more dnssec failures

2014-04-24 Thread Aaron Wood
On Wed, Apr 23, 2014 at 5:58 PM, Simon Kelley si...@thekelleys.org.ukwrote: On 23/04/14 16:42, Dave Taht wrote: I will argue that a better place to report dnssec validation errors is the dnsmasq list. On Wed, Apr 23, 2014 at 8:31 AM, Aaron Wood wood...@gmail.com wrote: Wed Apr 23

Re: [Dnsmasq-discuss] [Cerowrt-devel] more dnssec failures

2014-04-24 Thread Simon Kelley
On 24/04/14 11:49, Aaron Wood wrote: Dnsmasq does the DS query next because the answer to the A query comes back unsigned, so dnsmasq is looking for a DS record that proves this is OK. It's likely that Verisign does that top-down (starting from the root) whilst dnsmasq does it bottom up.

Re: [Dnsmasq-discuss] dnsmasq using 100% cpu on router

2014-04-24 Thread Simon Kelley
On 22/04/14 20:04, David Joslin wrote: Hi I have an Asus rt-n16 router running the Shibby version of the Tomato firmware which includes dnsmasq version 2.69test3. It's in use in a building that frequently has 50+ users on a wireless network and dnsmasq has performed extremely well with very

Re: [Dnsmasq-discuss] Stable releases v. development releases.

2014-04-24 Thread Simon Kelley
On 20/04/14 16:57, Brad Smith wrote: On Sun, Apr 20, 2014 at 11:52:19AM -0400, Weedy wrote: On 18 Apr 2014 05:27, Olaf Westrik weizen...@ipcop-forum.de wrote: On 2014-04-17 23:14, Simon Kelley wrote: Thus far, dnsmasq has not maintained separate stable and development branches. One reason

Re: [Dnsmasq-discuss] [Cerowrt-devel] more dnssec failures

2014-04-24 Thread Aaron Wood
Well, I'm seeing the same results as you are from here in Paris (using Free.fr). -Aaron On Thu, Apr 24, 2014 at 1:27 PM, Simon Kelley si...@thekelleys.org.ukwrote: On 24/04/14 11:49, Aaron Wood wrote: Dnsmasq does the DS query next because the answer to the A query comes back unsigned,

[Dnsmasq-discuss] local dns-sd requests being forwarded to upstream servers on CeroWRT?

2014-04-24 Thread Aaron Wood
Using CeroWRT 3.10.36-4, I'm seeing the following in the logs: Thu Apr 24 14:15:14 2014 daemon.info dnsmasq[13365]: query[PTR] b._dns-sd._udp.96.42.30.172.in-addr.arpa from 172.30.42.99 Thu Apr 24 14:15:14 2014 daemon.info dnsmasq[13365]: forwarded b._dns-sd._udp.96.42.30.172.in-addr.arpa to

Re: [Dnsmasq-discuss] [Cerowrt-devel] more dnssec failures

2014-04-24 Thread Aaron Wood
And if I use Free.fr's servers, the DS resolves (I'm running CeroWRT double-NAT behind a Freebox v6): dig @192.168.1.254 DS e3191.dscc.akamaiedge.net.0.1.cn.akamaiedge.net ; DiG 9.8.5-P1 @192.168.1.254 DS e3191.dscc.akamaiedge.net.0.1.cn.akamaiedge.net ; (1 server found) ;; global options:

[Dnsmasq-discuss] Announce: dnsmasq-2.70

2014-04-24 Thread Simon Kelley
I've just released dnsmasq-2.70. This is a small bug-fix release that addresses a couple of problems which have emerged with the 2.69 release. There is no new functionality and anyone running 2.69 should upgrade to 2.70. Release notes below.

Re: [Dnsmasq-discuss] [Cerowrt-devel] more dnssec failures

2014-04-24 Thread Dave Taht
What does unbound or bind do? On Thu, Apr 24, 2014 at 5:35 AM, Aaron Wood wood...@gmail.com wrote: And if I use Free.fr's servers, the DS resolves (I'm running CeroWRT double-NAT behind a Freebox v6): dig @192.168.1.254 DS e3191.dscc.akamaiedge.net.0.1.cn.akamaiedge.net ; DiG 9.8.5-P1

Re: [Dnsmasq-discuss] dnsmasq using 100% cpu on router

2014-04-24 Thread Rick Jones
The first thing is to try and decide which of two possible scenarios ar happening. The first is that you've triggered a bug in the code and dnsmasq is looping somewhere without ever getting back to the select() loop and doing actual work. The second is that it's getting so much work that it's

Re: [Dnsmasq-discuss] dnsmasq using 100% cpu on router

2014-04-24 Thread David Joslin
Thanks for the reply, Simon. DNSSEC isn't enabled. I wonder if the pattern of the problem gives any clues... As I said, on a normal day with around 40-50 clients on the network there is no problem at all with dnsmasq managing to use barely 0 - 2% of the CPU. When the problem occurred there were

Re: [Dnsmasq-discuss] dnsmasq using 100% cpu on router

2014-04-24 Thread Simon Kelley
On 24/04/14 20:41, David Joslin wrote: Thanks for the reply, Simon. DNSSEC isn't enabled. I wonder if the pattern of the problem gives any clues... As I said, on a normal day with around 40-50 clients on the network there is no problem at all with dnsmasq managing to use barely 0 - 2%

Re: [Dnsmasq-discuss] dnsmasq using 100% cpu on router

2014-04-24 Thread Kevin Darbyshire-Bryant
On 24/04/2014 20:49, Simon Kelley wrote: On 24/04/14 20:41, David Joslin wrote: Thanks for the reply, Simon. DNSSEC isn't enabled. I wonder if the pattern of the problem gives any clues... As I said, on a normal day with around 40-50 clients on the network there is no problem at all with

Re: [Dnsmasq-discuss] [Cerowrt-devel] local dns-sd requests being forwarded to upstream servers on CeroWRT?

2014-04-24 Thread Dave Taht
On Thu, Apr 24, 2014 at 5:33 AM, Aaron Wood wood...@gmail.com wrote: Using CeroWRT 3.10.36-4, I'm seeing the following in the logs: Thu Apr 24 14:15:14 2014 daemon.info dnsmasq[13365]: query[PTR] b._dns-sd._udp.96.42.30.172.in-addr.arpa from 172.30.42.99 Thu Apr 24 14:15:14 2014 daemon.info