[Dnsmasq-discuss] Bug with EDNS packet size and DNS server files

Simon Kelley simon at thekelleys.org.uk
Mon Apr 25 16:40:21 BST 2016 

I think your diagnosis and fix are both spot-on. Initialising the
edns_pktsz field in server records at the on of the option-reading code
misses files read via --servers-file. The best way to fix that is to do
the initialisation, in all cases, in check_servers() since that's always
called after any change to the set of servers.


I've just pushed a path to the got repo? Please could you check that is
behaves Ok for you?



Cheers,

Simon.



On 12/03/16 04:45, Scott Bonar wrote:
> All,
> 
> I believe I have stumbled on a bug in which the server->edns_pktsz field is not initialized to the daemon->edns_pktsz value
> If they are loaded from a server file.  I believe this is because when read_opts() is called the servers_file option is parsed
> And loaded into daemon->servers_file, but not read.  After all the options have been parse in read_opts, it then loops
> Through all the servers and initializes edns_pktsz to daemon->edns_pktsz, but because the server file has not been
> Read yet they are not initialize.  The server file is read later on in the async_event() function.
> 
> The one option that I have tested is in the function check_servers(), which called after the read_servers_file(), is as it
> loops through the servers, check if edns_pktsz is 0 and if it is initialize it to daemon->edns_pktsz.
> 
> The best way I have found to test this is a) use the servers file as defined, b) use the add-subnet option which adds
> An EDNS optional record to the DNS request, and c) disable the cache.  Then wireshark the DNS traffic.
> You will see the first request has the EDNS packet length set to 0.  Some servers do not like this and return a SERVFAIL,
> which triggers a resend, at which point the EDNS packet length is 1024 and the request is successful.
> 
> As you can see this is not optimal.
> 
> Thoughts? 
> 
> 
> Scott Bonar | Cradlepoint 
> o: +1.208.489.0029 | sbonar at cradlepoint.com
> 
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>

More information about the Dnsmasq-discuss mailing list