[Dnsmasq-discuss] priority of upstream servers

Discussion:

m***@protonmail.com

2018-02-21 08:19:14 UTC

Hello,
is it possible for dnsmasq to prioritize upstream DNS servers based on their availability?
I have 2 servers in my resolv.conf, first one is not available.
Dnsmasq always contacts the first one, which takes some time, then contacts the second one.
m.

--

Sent with [ProtonMail](https://protonmail.com) Secure Email.

Simon Kelley

2018-02-21 12:19:44 UTC

Permalink

I'll take a guess that you have --strict-order in your config.

If so, remove it and all will be well.

Cheers,

Simon.

Post by m***@protonmail.com
Hello,
is it possible for dnsmasq to prioritize upstream DNS servers based on their availability?
I have 2 servers in my resolv.conf, first one is not available.
Dnsmasq always contacts the first one, which takes some time, then contacts the second one.
m.
--
Sent with ProtonMail <https://protonmail.com> Secure Email.
_______________________________________________
Dnsmasq-discuss mailing list
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Simon Kelley

2018-02-21 12:47:58 UTC

Permalink

In general "don't use --strict-order" is good advice. In hindsight I
would never have provided that option.

Simon.

Ah, that's correct! I missed this in the manual.
Thanks a lot.
--
Sent with ProtonMail Secure Email.

-------- Original Message --------

Post by Simon Kelley
I'll take a guess that you have --strict-order in your config.
If so, remove it and all will be well.
Cheers,
Simon.

Post by m***@protonmail.com
Hello,
is it possible for dnsmasq to prioritize upstream DNS servers based on
their availability?
I have 2 servers in my resolv.conf, first one is not available.
Dnsmasq always contacts the first one, which takes some time, then
contacts the second one.
m.
--
Sent with ProtonMail https://protonmail.com Secure Email.
Dnsmasq-discuss mailing list
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Dnsmasq-discuss mailing list
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Karol Augustin

2018-02-21 13:40:39 UTC

Permalink

Post by Simon Kelley
In general "don't use --strict-order" is good advice. In hindsight I
would never have provided that option.
Simon.

Hi Simon,

This option has many use cases when you want to mainly use one DNS
server and only allow fallback in case of failure. In my lab environment
I have internal DNS (dnsmasq) that also resolves hostnames based on DHCP
leases and for every host with dnsmasq installed for caching purposes I
use that one set as upstream. If the main one is dead I want things to
continue working, but only if my central DNS fails.

It's good option if you really need it.

k.

--
Karol Augustin
***@augustin.pl
http://karolaugustin.pl/
+353 85 775 5312

Simon Kelley

2018-02-21 14:24:58 UTC

Permalink

But that's a really nasty hack. Dnsmasq is sending the query to the
internal DNS via UDP, which is unreliable, so when a UDP packet is lost,
you'll get a random wrong answer to a DNS query that should have been
answered by the internal DNS server.

Cheers,

Simon.

Post by Karol Augustin

Post by Simon Kelley
In general "don't use --strict-order" is good advice. In hindsight I
would never have provided that option.
Simon.

Hi Simon,
This option has many use cases when you want to mainly use one DNS
server and only allow fallback in case of failure. In my lab environment
I have internal DNS (dnsmasq) that also resolves hostnames based on DHCP
leases and for every host with dnsmasq installed for caching purposes I
use that one set as upstream. If the main one is dead I want things to
continue working, but only if my central DNS fails.
It's good option if you really need it.
k.