[Dnsmasq-discuss] Bug with EDNS packet size and DNS server files
Simon Kelley
simon at thekelleys.org.uk
Mon Apr 25 16:40:21 BST 2016
I think your diagnosis and fix are both spot-on. Initialising the
edns_pktsz field in server records at the on of the option-reading code
misses files read via --servers-file. The best way to fix that is to do
the initialisation, in all cases, in check_servers() since that's always
called after any change to the set of servers.
I've just pushed a path to the got repo? Please could you check that is
behaves Ok for you?
Cheers,
Simon.
On 12/03/16 04:45, Scott Bonar wrote:
> All,
>
> I believe I have stumbled on a bug in which the server->edns_pktsz field is not initialized to the daemon->edns_pktsz value
> If they are loaded from a server file. I believe this is because when read_opts() is called the servers_file option is parsed
> And loaded into daemon->servers_file, but not read. After all the options have been parse in read_opts, it then loops
> Through all the servers and initializes edns_pktsz to daemon->edns_pktsz, but because the server file has not been
> Read yet they are not initialize. The server file is read later on in the async_event() function.
>
> The one option that I have tested is in the function check_servers(), which called after the read_servers_file(), is as it
> loops through the servers, check if edns_pktsz is 0 and if it is initialize it to daemon->edns_pktsz.
>
> The best way I have found to test this is a) use the servers file as defined, b) use the add-subnet option which adds
> An EDNS optional record to the DNS request, and c) disable the cache. Then wireshark the DNS traffic.
> You will see the first request has the EDNS packet length set to 0. Some servers do not like this and return a SERVFAIL,
> which triggers a resend, at which point the EDNS packet length is 1024 and the request is successful.
>
> As you can see this is not optimal.
>
> Thoughts?
>
>
> Scott Bonar | Cradlepoint
> o: +1.208.489.0029 | sbonar at cradlepoint.com
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
More information about the Dnsmasq-discuss
mailing list