Jan Seiffert wrote: > 2011/5/10 Ed W <li...@wildgooses.com>: >> Slightly related - I see that --all-servers might have become the default >> now? >> >> http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2010q2/003942.html >> >> Is there some way to disable this and use "known to be up"? The reason is >> that >> I'm seeing a large ICMP "unreachable" response generated for the slower >> response, >> plus the additional bandwith, eg tcpdump for a request for www.yahoo.co.uk: >> > [snip - tcpdump chatter] > > If 8.8.8.8 and 8.8.4.4 are your upstream servers, then what you see is > not all-servers. It's dnsmasqs devious plan to take world domination > No.. ;) > Every few query dnsmasq asks all upstream server to measure which is > faster/more reliable. > This is not unimportant, also to minimize traffic (banging on an > unresponsive server is wasting traffic). > You can see it from the dump. For the first query (AAAA) dnsmasq asks > both, 8.8.4.4 answers first, the second query for A is only send to > 8.8.4.4. > > You probably want to play with your firewall to suppress those port > unreachable, at least in this special case the upstream DNS server > gives a **** about your port status. > > [snip] >> Note, if there is no explicit option for this then I think "strict-order" is >> actually satisfactory as a workaround! >> > > But in case of upstream failure "strict-order" can screw things up, as > far as i remember, because then dnsmasq will stick to the strict order > and keep sending traffic to an unresponsive upstream.
Jan's answer is completely correct. The only thing to add is that the changes in 2.53 don't make --all-servers the default, they change the behaviour when there is more than one server for a particular domain: --server=/example.net/1.2.3.4 --server=/example.net/2.3.4.5 to do the equivalent of --all-servers _for_queries_to_that_domain. The behaviour for general (not domain-specific) upstream servers is unchanged. Cheers, Simon.
