| 2011-12-13 18:31:03 |
Stéphane Graber |
bug |
|
|
added bug |
| 2011-12-13 18:55:45 |
Marc Deslauriers |
bug |
|
|
added subscriber Marc Deslauriers |
| 2011-12-13 20:08:14 |
Mathieu Trudel-Lapierre |
network-manager (Ubuntu): status |
New |
Triaged |
|
| 2011-12-13 20:08:15 |
Mathieu Trudel-Lapierre |
network-manager (Ubuntu): importance |
Undecided |
High |
|
| 2011-12-13 20:08:17 |
Mathieu Trudel-Lapierre |
network-manager (Ubuntu): assignee |
|
Mathieu Trudel-Lapierre (mathieu-tl) |
|
| 2011-12-13 22:42:21 |
Stéphane Graber |
summary |
Change default dnsmasq flags to not includ --strict-order |
Change default dnsmasq flags to not include --strict-order and disable caching |
|
| 2011-12-13 22:42:43 |
Stéphane Graber |
attachment added |
|
Remove --strict-order and replace it by --cache-size=0 https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/903854/+attachment/2632059/+files/nm-change-dnsmasq-parameters.diff |
|
| 2011-12-13 22:43:40 |
Stéphane Graber |
description |
When using dnsmasq as a backend, Network Manager currently passes --strict-order.
This is a good way to get a similar behaviour to that of the libc's resolver where the DNS servers are being queried sequentially with a 2-3s timeout per server. However in the case where the first DNS server is down, this will delay all the DNS queries on the system.
Instead, I recommend this parameter be dropped which will fallback to the default dnsmasq mode to send the initial request to all servers and then continue with the first one that replies. This will increase the load on the upstream DNS servers quite a bit (though not as much as using --all-servers) but will ensure a proper fallback when some servers are down or very slow.
I think this added load is reasonable and shouldn't affect most DNS servers too much. For cases where it's a concern (heavily loaded corporate network for example), I'd suggest the user simply turns off the dnsmasq plugin in /etc/NetworkManager/NetworkManager.conf thereby reverting to the libc's behaviour of trying servers sequentially with a 3s timeout. |
When using dnsmasq as a backend, Network Manager currently passes --strict-order.
This is a good way to get a similar behaviour to that of the libc's resolver where the DNS servers are being queried sequentially with a 2-3s timeout per server. However in the case where the first DNS server is down, this will delay all the DNS queries on the system.
Instead, I recommend this parameter be dropped which will fallback to the default dnsmasq mode to send the initial request to all servers and then continue with the first one that replies. This will increase the load on the upstream DNS servers quite a bit (though not as much as using --all-servers) but will ensure a proper fallback when some servers are down or very slow.
I think this added load is reasonable and shouldn't affect most DNS servers too much. For cases where it's a concern (heavily loaded corporate network for example), I'd suggest the user simply turns off the dnsmasq plugin in /etc/NetworkManager/NetworkManager.conf thereby reverting to the libc's behaviour of trying servers sequentially with a 3s timeout.
As discussed in https://blueprints.launchpad.net/ubuntu/+spec/foundations-p-dns-resolving for security reason (possible local cache poisoning), we also want to turn off caching for the LTS and reconsider caching (ideally with per-user caches) for 12.10. |
|
| 2011-12-14 00:13:26 |
Ubuntu Foundations Team Bug Bot |
tags |
|
patch |
|
| 2012-01-09 10:58:11 |
Mathieu Trudel-Lapierre |
network-manager (Ubuntu): status |
Triaged |
In Progress |
|
| 2012-01-09 13:15:12 |
Launchpad Janitor |
network-manager (Ubuntu): status |
In Progress |
Fix Released |
|
| 2012-01-09 13:36:24 |
Launchpad Janitor |
branch linked |
|
lp:~network-manager/network-manager/ubuntu.head |
|
| 2012-01-09 13:40:27 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/network-manager |
|
| 2012-04-01 20:20:24 |
mcguire |
bug |
|
|
added subscriber mcguire |
| 2012-10-03 14:39:17 |
Jorge Morais |
bug |
|
|
added subscriber Jorge |
