Discussion:
[Dnsmasq-discuss] dnsmasq drops CNAME cache entries when CNAMEs collide
Aaron Jacobs
2017-02-02 11:23:05 UTC
Permalink
Hi all,

I've found what seems to me an odd behavior in dnsmasq related to CNAME
caching, and am wondering if it's a bug, or just a subtlety of the DNS standard
that I don't understand.

I'm using dnsmasq 2.76, invoking in a way that should enable caching:

% ./src/dnsmasq -v
Dnsmasq version 2.76

% sudo ./src/dnsmasq --no-resolv --server= --keep-in-foreground
--no-hosts --bind-interfaces --listen-address=127.0.2.1
--cache-size=400 -dq

Normally it caches fine. The first query for a domain takes awhile, and the
second takes no time at all:

% dig @127.0.2.1 photos.yahoo.com ; sudo killall -USR1 dnsmasq
[...]
;; ANSWER SECTION:
photos.yahoo.com. 299 IN CNAME rc.yahoo.com.
rc.yahoo.com. 299 IN CNAME src.g03.yahoodns.net.
src.g03.yahoodns.net. 155 IN A 98.137.236.150

;; Query time: 144 msec
;; SERVER: 127.0.2.1#53(127.0.2.1)

% dig @127.0.2.1 photos.yahoo.com ; sudo killall -USR1 dnsmasq
[...]
;; ANSWER SECTION:
photos.yahoo.com. 289 IN CNAME rc.yahoo.com.
rc.yahoo.com. 289 IN CNAME src.g03.yahoodns.net.
src.g03.yahoodns.net. 145 IN A 98.137.236.150

;; Query time: 0 msec
;; SERVER: 127.0.2.1#53(127.0.2.1)

Note that photos.yahoo.com has a CNAME of rc.yahoo.com, which in turn has a
CNAME of src.g03.yahoodns.net. When I query another domain with that CNAME, it
appears to kill the cache entries for those CNAMES; the next query for
photos.yahoo.com is slow again, clearly not hitting cache:

% dig @127.0.2.1 www.flicker.com ; sudo killall -USR1 dnsmasq
[...]
;; ANSWER SECTION:
www.flicker.com. 1799 IN CNAME rc.yahoo.com.
rc.yahoo.com. 299 IN CNAME src.g03.yahoodns.net.
src.g03.yahoodns.net. 264 IN A 124.108.105.150

;; Query time: 143 msec
;; SERVER: 127.0.2.1#53(127.0.2.1)

% dig @127.0.2.1 photos.yahoo.com ; sudo killall -USR1 dnsmasq
[...]
;; ANSWER SECTION:
photos.yahoo.com. 299 IN CNAME rc.yahoo.com.
rc.yahoo.com. 299 IN CNAME src.g03.yahoodns.net.
src.g03.yahoodns.net. 299 IN A 124.108.105.150

;; Query time: 147 msec
;; SERVER: 127.0.2.1#53(127.0.2.1)

Here are the cache dumps after each query above:

=======
dnsmasq: Host Address
Flags Expires
dnsmasq: photos.yahoo.com rc.yahoo.com
CF Thu Feb 2 22:13:43 2017
dnsmasq: src.g03.yahoodns.net 98.137.236.150
4F Thu Feb 2 22:11:19 2017
dnsmasq: rc.yahoo.com src.g03.yahoodns.net
CF Thu Feb 2 22:13:43 2017
=======
dnsmasq: Host Address
Flags Expires
dnsmasq: photos.yahoo.com rc.yahoo.com
CF Thu Feb 2 22:13:43 2017
dnsmasq: src.g03.yahoodns.net 98.137.236.150
4F Thu Feb 2 22:11:19 2017
dnsmasq: rc.yahoo.com src.g03.yahoodns.net
CF Thu Feb 2 22:13:43 2017
=======
dnsmasq: Host Address
Flags Expires
dnsmasq: photos.yahoo.com
CF Thu Feb 2 22:13:43 2017
dnsmasq: src.g03.yahoodns.net 124.108.105.150
4F Thu Feb 2 22:13:22 2017
dnsmasq: rc.yahoo.com src.g03.yahoodns.net
CF Thu Feb 2 22:13:57 2017
dnsmasq: www.flicker.com rc.yahoo.com
CF Thu Feb 2 22:38:57 2017
=======
dnsmasq: Host Address
Flags Expires
dnsmasq: photos.yahoo.com rc.yahoo.com
CF Thu Feb 2 22:14:00 2017
dnsmasq: src.g03.yahoodns.net 124.108.105.150
4F Thu Feb 2 22:14:00 2017
dnsmasq: rc.yahoo.com src.g03.yahoodns.net
CF Thu Feb 2 22:14:00 2017
dnsmasq: www.flicker.com
CF Thu Feb 2 22:38:57 2017

It appears that when dnsmasq discovers the CNAME for www.flicker.come, it
knocks the CNAME for photos.yahoo.com out of the cache (and vice versa). Is
this intended behavior?

Thanks,
Aaron
Simon Kelley
2017-02-02 13:34:22 UTC
Permalink
Answered here:


http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2017q1/011068.h
tml


Cheers,

Simon.
Post by Aaron Jacobs
Hi all,
I've found what seems to me an odd behavior in dnsmasq related to
CNAME caching, and am wondering if it's a bug, or just a subtlety
of the DNS standard that I don't understand.
I'm using dnsmasq 2.76, invoking in a way that should enable
% ./src/dnsmasq -v Dnsmasq version 2.76
% sudo ./src/dnsmasq --no-resolv --server= --keep-in-foreground
--no-hosts --bind-interfaces --listen-address=127.0.2.1
--cache-size=400 -dq
Normally it caches fine. The first query for a domain takes awhile,
[...] ;; ANSWER SECTION: photos.yahoo.com. 299 IN
CNAME rc.yahoo.com. rc.yahoo.com. 299 IN CNAME
src.g03.yahoodns.net. src.g03.yahoodns.net. 155 IN A
98.137.236.150
;; Query time: 144 msec ;; SERVER: 127.0.2.1#53(127.0.2.1)
[...] ;; ANSWER SECTION: photos.yahoo.com. 289 IN
CNAME rc.yahoo.com. rc.yahoo.com. 289 IN CNAME
src.g03.yahoodns.net. src.g03.yahoodns.net. 145 IN A
98.137.236.150
;; Query time: 0 msec ;; SERVER: 127.0.2.1#53(127.0.2.1)
Note that photos.yahoo.com has a CNAME of rc.yahoo.com, which in
turn has a CNAME of src.g03.yahoodns.net. When I query another
domain with that CNAME, it appears to kill the cache entries for
those CNAMES; the next query for photos.yahoo.com is slow again,
[...] ;; ANSWER SECTION: www.flicker.com. 1799 IN
CNAME rc.yahoo.com. rc.yahoo.com. 299 IN CNAME
src.g03.yahoodns.net. src.g03.yahoodns.net. 264 IN A
124.108.105.150
;; Query time: 143 msec ;; SERVER: 127.0.2.1#53(127.0.2.1)
[...] ;; ANSWER SECTION: photos.yahoo.com. 299 IN
CNAME rc.yahoo.com. rc.yahoo.com. 299 IN CNAME
src.g03.yahoodns.net. src.g03.yahoodns.net. 299 IN A
124.108.105.150
;; Query time: 147 msec ;; SERVER: 127.0.2.1#53(127.0.2.1)
======= dnsmasq: Host Address
Flags Expires dnsmasq: photos.yahoo.com
src.g03.yahoodns.net 98.137.236.150 4F Thu Feb 2
22:11:19 2017 dnsmasq: rc.yahoo.com
src.g03.yahoodns.net CF Thu Feb 2 22:13:43 2017 =======
dnsmasq: Host Address Flags
Expires dnsmasq: photos.yahoo.com rc.yahoo.com CF
Thu Feb 2 22:13:43 2017 dnsmasq: src.g03.yahoodns.net
rc.yahoo.com src.g03.yahoodns.net CF Thu
Feb 2 22:13:43 2017 ======= dnsmasq: Host
Address Flags Expires dnsmasq: photos.yahoo.com CF Thu
Feb 2 22:13:43 2017 dnsmasq: src.g03.yahoodns.net
rc.yahoo.com src.g03.yahoodns.net CF Thu
Feb 2 22:13:57 2017 dnsmasq: www.flicker.com
Host Address Flags
Expires dnsmasq: photos.yahoo.com rc.yahoo.com CF
Thu Feb 2 22:14:00 2017 dnsmasq: src.g03.yahoodns.net
rc.yahoo.com src.g03.yahoodns.net CF Thu
Feb 2 22:14:00 2017 dnsmasq: www.flicker.com CF Thu Feb 2
22:38:57 2017
It appears that when dnsmasq discovers the CNAME for
www.flicker.come, it knocks the CNAME for photos.yahoo.com out of
the cache (and vice versa). Is this intended behavior?
Thanks, Aaron
_______________________________________________ Dnsmasq-discuss
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Aaron Jacobs
2017-02-02 20:10:35 UTC
Permalink
Hi Simon,
Post by Simon Kelley
http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2017q1/011068.h
tml
Thanks for the pointer. Is there any chance I can convince you to revisit this?

I work in a high-latency office for a big company with lots of internal apps.
each on its own domain. They all point at the same CNAME (a proxy service), so
this is causing me and my coworkers considerable pain in the form of extra
latency.

In my totally uneducated intuition, it seems like a cache for CNAMES should be
a simple name -> name mapping, with the result feeding into a recursive cache
lookup process. In other words, maybe it should be separate from a cache of
names to records.

Thanks again,
Aaron

Loading...