[Dnsmasq-discuss] Two bugs with "server" ans "address" in case of CNAME cache and query[type=65]

Ivan Vanyushkin vanav at vanav.org
Sun May 28 18:50:38 UTC 2023 

Hello.

Config for "server" and "address" is not respected in case of CNAME 
cache or parallel request query[type=65].

dnsmasq v2.86, config:

server=/sydney.bing.com/1.0.0.1
address=/sydney.bing.com/::
ipset=/sydney.bing.com/my-list

Default nameserver: 8.8.8.8


1. Test some queries:

# dig A sydney.bing.com
sydney.bing.com.        2841    IN      CNAME 
sydney-bing-com.dual-a-0034.a-msedge.net.
sydney-bing-com.dual-a-0034.a-msedge.net. 30 IN CNAME 
dual-a-0034.a-msedge.net.
dual-a-0034.a-msedge.net. 30    IN      A       204.79.197.237
dual-a-0034.a-msedge.net. 30    IN      A       13.107.21.237

# dig AAAA sydney.bing.com
sydney.bing.com.        0       IN      AAAA    ::

Log:

Sun May 28 20:26:36 2023 daemon.info dnsmasq[1]: query[A] 
sydney.bing.com from 127.0.0.1
Sun May 28 20:26:36 2023 daemon.info dnsmasq[1]: forwarded 
sydney.bing.com to 1.0.0.1
Sun May 28 20:26:36 2023 daemon.info dnsmasq[1]: reply sydney.bing.com 
is <CNAME>
Sun May 28 20:26:36 2023 daemon.info dnsmasq[1]: reply 
sydney-bing-com.dual-a-0034.a-msedge.net is <CNAME>
Sun May 28 20:26:36 2023 daemon.info dnsmasq[1]: ipset add my-list 
204.79.197.237 dual-a-0034.a-msedge.net
Sun May 28 20:26:36 2023 daemon.info dnsmasq[1]: reply 
dual-a-0034.a-msedge.net is 204.79.197.237
Sun May 28 20:26:36 2023 daemon.info dnsmasq[1]: ipset add my-list 
13.107.21.237 dual-a-0034.a-msedge.net
Sun May 28 20:26:36 2023 daemon.info dnsmasq[1]: reply 
dual-a-0034.a-msedge.net is 13.107.21.237

Sun May 28 20:27:09 2023 daemon.info dnsmasq[1]: query[AAAA] 
sydney.bing.com from 192.168.1.143
Sun May 28 20:27:09 2023 daemon.info dnsmasq[1]: *_config 
sydney.bing.com is ::_*

— correct, as expected.


2. Resolve CNAME directly:

# dig AAAA sydney-bing-com.dual-a-0034.a-msedge.net
sydney-bing-com.dual-a-0034.a-msedge.net. 150 IN CNAME 
dual-a-0034.a-msedge.net.
dual-a-0034.a-msedge.net. 150   IN      AAAA 2620:1ec:c11::237

Log:

Sun May 28 20:27:25 2023 daemon.info dnsmasq[1]: query[AAAA] 
sydney-bing-com.dual-a-0034.a-msedge.net from 127.0.0.1
Sun May 28 20:27:25 2023 daemon.info dnsmasq[1]: forwarded 
sydney-bing-com.dual-a-0034.a-msedge.net to 8.8.8.8
Sun May 28 20:27:25 2023 daemon.info dnsmasq[1]: reply 
sydney-bing-com.dual-a-0034.a-msedge.net is <CNAME>
Sun May 28 20:27:25 2023 daemon.info dnsmasq[1]: reply 
dual-a-0034.a-msedge.net is 2620:1ec:c11::237


3. Now repeat the test:

# dig A sydney.bing.com
sydney.bing.com.        3137    IN      CNAME 
sydney-bing-com.dual-a-0034.a-msedge.net.
sydney-bing-com.dual-a-0034.a-msedge.net. 48 IN CNAME 
dual-a-0034.a-msedge.net.
dual-a-0034.a-msedge.net. 48    IN      A       13.107.21.237
dual-a-0034.a-msedge.net. 48    IN      A       204.79.197.237

# dig AAAA sydney.bing.com
sydney.bing.com.        3135    IN      CNAME 
sydney-bing-com.dual-a-0034.a-msedge.net.
sydney-bing-com.dual-a-0034.a-msedge.net. 46 IN CNAME 
dual-a-0034.a-msedge.net.
dual-a-0034.a-msedge.net. 143   IN      AAAA 2620:1ec:c11::237

Log:

Sun May 28 21:20:52 2023 daemon.info dnsmasq[1]: query[A] 
sydney.bing.com from 127.0.0.1
Sun May 28 21:20:52 2023 daemon.info dnsmasq[1]: forwarded 
sydney.bing.com to 1.0.0.1
Sun May 28 21:20:52 2023 daemon.info dnsmasq[1]: reply sydney.bing.com 
is <CNAME>
Sun May 28 21:20:52 2023 daemon.info dnsmasq[1]: reply 
sydney-bing-com.dual-a-0034.a-msedge.net is <CNAME>
Sun May 28 21:20:52 2023 daemon.info dnsmasq[1]: ipset add my-list 
204.79.197.237 dual-a-0034.a-msedge.net
Sun May 28 21:20:52 2023 daemon.info dnsmasq[1]: reply 
dual-a-0034.a-msedge.net is 204.79.197.237
Sun May 28 21:20:52 2023 daemon.info dnsmasq[1]: ipset add my-list 
13.107.21.237 dual-a-0034.a-msedge.net
Sun May 28 21:20:52 2023 daemon.info dnsmasq[1]: reply 
dual-a-0034.a-msedge.net is 13.107.21.237

Sun May 28 21:20:54 2023 daemon.info dnsmasq[1]: query[AAAA] 
sydney.bing.com from 127.0.0.1
Sun May 28 21:20:54 2023 daemon.info dnsmasq[1]: _*cached 
sydney.bing.com is <CNAME>*_
Sun May 28 21:20:54 2023 daemon.info dnsmasq[1]: cached 
sydney-bing-com.dual-a-0034.a-msedge.net is <CNAME>
Sun May 28 21:20:54 2023 daemon.info dnsmasq[1]: cached 
dual-a-0034.a-msedge.net is 2620:1ec:c11::237

— *incorrect!* Config defines static IPv6 address "::" that should be 
returned for AAAA query. Maybe cached CNAME triggers the bug?


4. Sometimes I also see this in log:

Sun May 28 20:18:45 2023 daemon.info dnsmasq[405]: query[AAAA] 
sydney.bing.com from 192.168.1.143
Sun May 28 20:18:45 2023 daemon.info dnsmasq[405]: cached 
sydney.bing.com is <CNAME>
Sun May 28 20:18:45 2023 daemon.info dnsmasq[405]: cached 
dual-a-0034.a-msedge.net is 2620:1ec:c11::237
Sun May 28 20:18:45 2023 daemon.info dnsmasq[406]: query[A] 
sydney.bing.com from 192.168.1.143
Sun May 28 20:18:45 2023 daemon.info dnsmasq[407]: query[type=65] 
sydney.bing.com from 192.168.1.143
Sun May 28 20:18:45 2023 daemon.info dnsmasq[407]: cached 
sydney.bing.com is <CNAME>
Sun May 28 20:18:45 2023 daemon.info dnsmasq[406]: cached 
sydney.bing.com is <CNAME>
Sun May 28 20:18:45 2023 daemon.info dnsmasq[407]: _*forwarded 
sydney.bing.com to 8.8.8.8*_
Sun May 28 20:18:45 2023 daemon.info dnsmasq[407]: reply sydney.bing.com 
is <CNAME>
Sun May 28 20:18:45 2023 daemon.info dnsmasq[407]: reply 
sydney-bing-com.dual-a-0034.a-msedge.net is <CNAME>
Sun May 28 20:18:45 2023 daemon.info dnsmasq[407]: reply 
dual-a-0034.a-msedge.net is NODATA
Sun May 28 20:18:45 2023 daemon.info dnsmasq[406]: _*forwarded 
sydney.bing.com to 8.8.8.8*_
Sun May 28 20:18:45 2023 daemon.info dnsmasq[406]: reply sydney.bing.com 
is <CNAME>
Sun May 28 20:18:45 2023 daemon.info dnsmasq[406]: reply 
sydney-bing-com.dual-a-0034.a-msedge.net is <CNAME>
Sun May 28 20:18:45 2023 daemon.info dnsmasq[406]: ipset add my-list 
204.79.197.237 dual-a-0034.a-msedge.net
Sun May 28 20:18:45 2023 daemon.info dnsmasq[406]: reply 
dual-a-0034.a-msedge.net is 204.79.197.237
Sun May 28 20:18:45 2023 daemon.info dnsmasq[406]: ipset add my-list 
13.107.21.237 dual-a-0034.a-msedge.net
Sun May 28 20:18:45 2023 daemon.info dnsmasq[406]: reply 
dual-a-0034.a-msedge.net is 13.107.21.237

— *incorrect!* Config defines to use server 1.0.0.1, but default server 
8.8.8.8 is used. Maybe parallel query[type=65] triggers the bug?


Thank you!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20230528/c0ba1cdc/attachment.htm>

More information about the Dnsmasq-discuss mailing list