2011/5/10 Ed W <li...@wildgooses.com>: > Slightly related - I see that --all-servers might have become the default now? > > http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2010q2/003942.html > > Is there some way to disable this and use "known to be up"? The reason is that > I'm seeing a large ICMP "unreachable" response generated for the slower > response, > plus the additional bandwith, eg tcpdump for a request for www.yahoo.co.uk: > [snip - tcpdump chatter]
If 8.8.8.8 and 8.8.4.4 are your upstream servers, then what you see is not all-servers. It's dnsmasqs devious plan to take world domination No.. ;) Every few query dnsmasq asks all upstream server to measure which is faster/more reliable. This is not unimportant, also to minimize traffic (banging on an unresponsive server is wasting traffic). You can see it from the dump. For the first query (AAAA) dnsmasq asks both, 8.8.4.4 answers first, the second query for A is only send to 8.8.4.4. You probably want to play with your firewall to suppress those port unreachable, at least in this special case the upstream DNS server gives a **** about your port status. [snip] > Note, if there is no explicit option for this then I think "strict-order" is > actually satisfactory as a workaround! > But in case of upstream failure "strict-order" can screw things up, as far as i remember, because then dnsmasq will stick to the strict order and keep sending traffic to an unresponsive upstream. > Many thanks > > Ed W > Greetings Jan -- Murphy's Law of Combat Rule #3: "Never forget that your weapon was manufactured by the lowest bidder"
