xnor
2016-06-20 18:24:56 UTC
Hello,
I'm using dnsmasq 2.76 and noticed that my server is sending ICMP udp
port unreachable messages. So I dig further and found out that dnsmasq
sends multiple requests:
drill @127.0.0.1 google.la
Doing a packet capture during this shows:
19:57:18.166711 IP <myip>.62730 > dns1.53: 65204+ A? google.la. (27)
19:57:18.166724 IP <myip>.62730 > dns2.53: 65204+ A? google.la. (27)
19:57:18.166733 IP <myip>.62730 > dns3.53: 65204+ A? google.la. (27)
19:57:18.166774 IP6 <myipv6>.46192 > dns4v6.53: 65204+ A? google.la.
(27)
<reponses>
19:57:18.326793 IP myip > dns2: ICMP myip udp port 62730 unreachable,
length 79
19:57:18.337596 IP myip > dns3: ICMP myip udp port 62730 unreachable,
length 79
I guess what happens is that dnsmasq closes the randomly bound port
62730 after the first (dns1) response, and then the kernel responds with
port unreachable ICMP packets to dns2 and dns3.
My dnsmasq.conf:
port=53
resolv-file=/etc/dnsmasq.resolv.conf
interface=lo
bind-interfaces
cache-size=8192
My /etc/dnsmasq.resolv.conf:
nameserver dns1
nameserver dns2
nameserver dns3
nameserver dns4v6
(Where myip, dns1, 2, 3 are IPv4 addresses, and myipv6, dns4v6 are IPv6
addresses)
The manpage for option --all-servers (which is NOT set) says:
"By default, when dnsmasq has more than one upstream server available,
it will send queries to just one server. Setting this flag forces
dnsmasq to send all queries to all available servers."
This appears to be the default behavior on my system?
I'm using dnsmasq 2.76 and noticed that my server is sending ICMP udp
port unreachable messages. So I dig further and found out that dnsmasq
sends multiple requests:
drill @127.0.0.1 google.la
Doing a packet capture during this shows:
19:57:18.166711 IP <myip>.62730 > dns1.53: 65204+ A? google.la. (27)
19:57:18.166724 IP <myip>.62730 > dns2.53: 65204+ A? google.la. (27)
19:57:18.166733 IP <myip>.62730 > dns3.53: 65204+ A? google.la. (27)
19:57:18.166774 IP6 <myipv6>.46192 > dns4v6.53: 65204+ A? google.la.
(27)
<reponses>
19:57:18.326793 IP myip > dns2: ICMP myip udp port 62730 unreachable,
length 79
19:57:18.337596 IP myip > dns3: ICMP myip udp port 62730 unreachable,
length 79
I guess what happens is that dnsmasq closes the randomly bound port
62730 after the first (dns1) response, and then the kernel responds with
port unreachable ICMP packets to dns2 and dns3.
My dnsmasq.conf:
port=53
resolv-file=/etc/dnsmasq.resolv.conf
interface=lo
bind-interfaces
cache-size=8192
My /etc/dnsmasq.resolv.conf:
nameserver dns1
nameserver dns2
nameserver dns3
nameserver dns4v6
(Where myip, dns1, 2, 3 are IPv4 addresses, and myipv6, dns4v6 are IPv6
addresses)
The manpage for option --all-servers (which is NOT set) says:
"By default, when dnsmasq has more than one upstream server available,
it will send queries to just one server. Setting this flag forces
dnsmasq to send all queries to all available servers."
This appears to be the default behavior on my system?