nslookup, dig, and host when name server is down

Ming-Ching Tiew mctiew at yahoo.com
Sun Apr 12 13:04:20 UTC 2009 



--- On Sun, 4/12/09, Denys Vlasenko <vda.linux at googlemail.com> wrote:

> From: Denys Vlasenko <vda.linux at googlemail.com>
> Subject: Re: nslookup, dig, and host when name server is down
> To: busybox at busybox.net
> Cc: "Ming-Ching Tiew" <mctiew at yahoo.com>
> Date: Sunday, April 12, 2009, 11:28 AM
> On Sunday 12 April 2009 10:18,
> Ming-Ching Tiew wrote:
> > > You should describe your configuration more
> accurately.
> > > In /etc/resolv.conf, I have
> > > nameserver 127.0.0.1
> > > 
> > > In /etc/host, there is name of the machines that
> are
> > > resolved locally by
> > > dnsmasq
> > > 
> > > I have a second resolv.conf file wich hold the
> name of the
> > > real dns servers
> > > nameserver xxx.xxx.xxx.xxx
> > > nameserver xxx.xxx.xxx.xxx
> > > 
> > > and dnsmasq is basically started with
> > > dnsmasq -r <path-to-the-2>/resolv.conf
> > > 
> > > In reality, there is too the domain name of the
> network
> > > added on dnsmasq
> > > command line.
> > > So that's more
> > > dnsmasq $DOMAIN -r
> <path-to-the-2>/resolv.conf
> > > 
> > 
> > That seems to be what I need, I will give it a try. On
> second thought,
> > it will be good if dnsmasq knows how to skip
> 'nameserver 127.0.0.1',
> > then there is only one /etc/resolv.conf needed, ie
> dnsmasq
> > is made to also use /etc/resolv.conf, and other
> applications
> > on the same machine can use 127.0.0.1.    
> 
> It is not a correct design. /etc/resolv.conf should point
> to
> DNS server all "normal" programs use, and in this case it
> should
> be the address of them machine running dnsmasq, in your
> case 127.0.0.1
> (in fact, in this case /etc/resolv.conf is optional,
> 127.0.0.1
> is the default address if /etc/resolv.conf is missing.
> But uclibc wasn't doing that correctly too).
> 
> dnsmasq, on the other hand, is not a "normal" program in
> this case.
> It shouldn't try to use /etc/resolv.conf, but should have
> separate config.
> 

FYI, I tested this above configuration, and it did not work as expected.

This is my test configuration :-

1. Setup a name server on machine A.

2. Setup 'dnsmasq' on a uclibc-based machine B where it is
   configured to lookup /etc/resolv.conf2, inside which
   there is one name server, which is specified as 
   machine A's IP.

3. Have /etc/resolv.conf which has 127.0.0.1 as the
   only name server.

4. Run a client on machine B, say 'nslookup' or 'dig' to lookup
   some hosts which has been configured for name server in machine A.

   This resolution works perfectly. All names configured in machine A
   can be resolved in machine B.

5. Kill the name server on machine A.

6. Immediately 'nslookup' and 'dig' get blocked for a long
   time, and eventually it displayed timeout error.

Version: uclibc 0.9.30-rc2
         dnsmasq 2.47

I am puzzled. There is absolutely no caching behaviour at all.
Restoring the name server on machine B will also restore DNS 
service in machine B. 

Instead of killing name server on machine A, I also tested
bring down the network on machine A ( which is the more likely
occurance ), the same blocking and timeout behaviour happens again.

Regards.

More information about the busybox mailing list