Package: dnsmasq Version: 1.23 Severity: important
Hi,
the version of dnsmasq I use on my router is 1.23. I think positive results for anything *.dyndns.org, *.no-ip.com and other such dynDNS service providers are kept for too long. IMHO they should not be cached at all or maybe only for a minute or so.
In the last couple of days I frequently had to restart dnsmasq to reach a computer accessible via dyndns.org because even one hour after the IP update dnsmasq still returned the old IP. DNS servers at dyndns.org had long since been updated and after the restart of dnsmasq, which I assume flushes the cache, everything worked just fine.
Maybe it would be a good idea to have this configurable just like bogus-nxdomain so the user can add from the myriad of providers out there after the release of dnsmasq.
I do not know too much about DNS but isn't there a setting for TTL? Does dnsmasq honor that and is it really dyndns.org who is the culprit for having set that value too high?
There is a TTL for DNS records and dnsmasq uses it. My experience with dyndns.org is that all dynamic domains have a TTL of 60 seconds.
Implementing an overide to reduce the TTL for certain domains will not work, once the cache expires, dnsmasq would go upstream and just get cached data from there instead. To make TTL overides work _all_ the servers in the chain must have them, or the data must come directly from an authoritative server for the domain.
You can better see what is happening by using the "dig" command to try DNS queries, it gives the TTL like this.
mit.edu. 60 IN A 18.7.22.69
here the TTL is 60s.
It's also worth using the query logging facility in dnsmasq, which tells you when the cache is used and when it is refreshed.
Since there's no independent evidence that dnsmasq is not working as designed, I'm closing this bug, Please feel free to reopen it if you find that dnsmasq is not honouring TTL values as it should.
Cheers,
Simon.
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
