)]}'
{
  "commit": "2acdc92994e7aca397b0d24b112e4973e82e0f91",
  "tree": "7edfaaa9f2b8cf705b948e5ca4404d7242727f3c",
  "parents": [
    "bc5c612f756b11c08e5e1eaeee3c1fd91252534d"
  ],
  "author": {
    "name": "Michael Brown",
    "email": "mcb30@ipxe.org",
    "time": "Wed Feb 23 22:52:08 2022 +0000"
  },
  "committer": {
    "name": "Michael Brown",
    "email": "mcb30@ipxe.org",
    "time": "Wed Feb 23 23:17:05 2022 +0000"
  },
  "message": "[dns] Always start DNS queries using the first configured DNS server\n\nWe currently define the active DNS server as a global variable.  All\nqueries will start by attempting to contact the active DNS server, and\nthe active DNS server will be changed only if we fail to get a\nresponse.  This effectively treats the DNS server list as expressing a\nweak preference ordering: we will try servers in order, but once we\nhave found a working server we will stick with that server for as long\nas it continues to respond to queries.\n\nSome sites are misconfigured to hand out DNS servers that do not have\na consistent worldview.  For example: the site may hand out two DNS\nserver addresses, the first being an internal DNS server (which is\nable to resolve names in private DNS domains) and the second being a\npublic DNS server such as 8.8.8.8 (which will correctly return\nNXDOMAIN for any private DNS domains).  This type of configuration is\nfundamentally broken and should never be used, since any DNS resolver\nperforming a query for a name within a private DNS domain may obtain a\nspurious NXDOMAIN response for a valid private DNS name.\n\nWork around these broken configurations by treating the DNS server\nlist as expressing a strong preference ordering, and always starting\nDNS queries from the first server in the list (rather than maintaining\na global concept of the active server).  This will have the debatable\nbenefit of converting permanent spurious NXDOMAIN errors into\ntransient spurious NXDOMAIN errors, which can at least be worked\naround at a higher level (e.g. by retrying a download in a loop within\nan iPXE script).\n\nThe cost of always starting DNS queries from the first server in the\nlist is a slight delay introduced when the first server is genuinely\nunavailable.  This should be negligible in practice since DNS queries\nare relatively infrequent and the failover expiry time is short.\n\nTreating the DNS server list as a preference ordering is permitted by\nthe language of RFC 2132, which defines DHCP option 6 as a list in\nwhich \"[DNS] servers SHOULD be listed in order of preference\".  No\nspecification defines a precise algorithm for how this preference\norder should be applied in practice: this new approach seems as good\nas any.\n\nRequested-by: Andreas Hammarskjöld \u003cjunior@2PintSoftware.com\u003e\nSigned-off-by: Michael Brown \u003cmcb30@ipxe.org\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "e5579174ec4f02de7b2f779d78941e916164affc",
      "old_mode": 33188,
      "old_path": "src/net/udp/dns.c",
      "new_id": "f46eeb5c8bd8e466595f99adbbd34a4c47dead79",
      "new_mode": 33188,
      "new_path": "src/net/udp/dns.c"
    }
  ]
}