Most DNS queries for top-level domains from my LAN behind a router with dnsmasq 2.55 on OpenWRT 10.03.1 return negative results, e.g.:
$ dig com. ANY
; <<>> DiG 9.7.3 <<>> com. ANY
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36108
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;com. IN ANY
;; Query time: 3 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Tue Feb 12 22:37:30 2013
;; MSG SIZE rcvd: 21
When using some external recursive server (e.g. dig com. ANY @8.8.8.8), the query result is successful.
I thought that the problem migh be that dnsmasq considers the query for .com as a query for unqualified name com (terminal . seems to be always stripped). But even when dnsmasq is configured to forward queries for com comains and undistinguished names:
server=/com/8.8.8.8,server=//8.8.8.8
results are the same.
However, some types of queries actually DO pass, like NS or SOA. Some other, which DO NOT pass and return NOXDOMAIN, besides ANY, are e.g. DNSKEY or RRSIG.
Corresponding lines from the dnsmasq log are:
Feb 12 21:41:13 myrouter daemon.info dnsmasq[11569]: using nameserver 8.8.8.8#53 for unqualified names
...
Feb 12 21:42:52 myrouter daemon.debug dnsmasq[11569]: query[DNSKEY] com from 192.168.1.5
Feb 12 21:42:52 myrouter daemon.debug dnsmasq[11569]: config com is NXDOMAIN
...
Feb 12 21:43:06 myrouter daemon.debug dnsmasq[11569]: query[NS] com from 192.168.1.5
Feb 12 21:43:06 myrouter daemon.debug dnsmasq[11569]: forwarded com to 8.8.8.8
I wonder if, and how, can be dnsmasq configured to return expected results fot those queries. (queries for "normal" hostnames work properly)
Best Answer
You probably have the
domain-neededoption enabled:Find where this is set (either
/etc/dnsmasq.confor the command line parameters) and remove it.