[ previous ] [ next ] [ threads ]
 
 From:  "Harbert, Orange Broom" <harbert at orangebroom dot com dot br>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] DNS forwarder problem (still)
 Date:  Thu, 17 Jul 2008 11:42:50 -0300 
Hi all,
 
After digging up more information, I come to the conclusion that my ISP uses 
1 wrong DNS server, which is not authorized to do recursive queries.

Setting the DNS servers manually did always solve the problem, I just did 
not fully understand the problem.
 
Now comes the bigger problem, convincing the ISP to remove that server from 
their config..........
 
 
For the interested, here the text I found:
 
Q: Dnsmasq sometimes logs "nameserver xxx.xxx.xxx.xxx refused
   to do a recursive query" and DNS stops working. What's going on?

A: Probably the nameserver is an authoritative nameserver for a
   particular domain, but is not configured to answer general DNS
   queries for an arbitrary domain. It is not suitable for use by
   dnsmasq as an upstream server and should be removed from the
   configuration. Note that if you have more than one upstream
   nameserver configured dnsmasq will load-balance across them and
   it may be some time before dnsmasq gets around to using a 
   particular nameserver. This means that a particular configuration
   may work for sometime with a broken upstream nameserver
   configuration.

Harbert



Hi all,

I use here m0n0wall with on the WAN site a cable connection, using DHCP.
Since the 1st time I installed m0n0wall I have the problem that after a 5-10 

mins the connection stops.
The problem lays in the DNS forwarder, if I configure the DNS servers, who I 

get via DHCP manually, then I do not have any problem.
Since dnsmaq was updated I thought to give it a try again, but unfortunatly 
without result.
I am getting 3 DNS servers via DHCP, one is giving the faults causing my 
problem:

Jul 10 17:12:55 last message repeated 2 times 
Jul 10 17:12:20 dnsmasq[338]: reading /var/db/dhcpd.leases 
Jul 10 17:09:54 dnsmasq[338]: nameserver 200.19.74.21 refused to do a 
recursive query 
Jul 10 17:09:54 dnsmasq[338]: nameserver 200.19.74.21 refused to do a 
recursive query 
Jul 10 17:05:20 dnsmasq[338]: reading /var/db/dhcpd.leases

After the last msj (17:12:55) DNS forwarding stops and nothing can be 
resolved anymore.
The server mentioned is the 3rd from the provider, others AND a manually 
assigned DNS servers are not giving any trouble. Is there a way to go around 

this and still use DNS forwarding but let the faulty server out?

Advise highly appreciated!! :o)
 
Harbert