pdns icon indicating copy to clipboard operation
pdns copied to clipboard
verified publisher icon PowerDNS

dnsbulktest broken with IPv6 server

Open DasSkelett opened this issue 3 years ago • 0 comments

  • Program: dnsbulktest
  • Issue type: Bug report

Short description

dnsbulktest does not work with an IPv6 address for the server, all requests time out.

$ dnsbulktest --type AAAA --www 0 2001:4860:4860::8888 53 5 </ram/top-1m.csv
Read 5 domains!
Sent out query for 'ftl.netflix.com' with id 0
Sent out query for 'api-global.netflix.com' with id 1
Sent out query for 'google.com' with id 2
Sent out query for 'prod.ftl.netflix.com' with id 3
Sent out query for 'netflix.com' with id 4
Timeout for id 0
Timeout for id 1
Timeout for id 2
Timeout for id 3
Timeout for id 4
Sending                                 Receiving
  Queued                          5       Received                        0
  Error -/-                       5       Timeouts                        5
                                          Unexpected                      0
Sent                             0      Total                            5

DNS Status
  OK                              0
  Error                           0
  No Data                         0
  NXDOMAIN                        0
  Unknowns                        0
Answers                           0
  Timeouts                        5
Total                             5

Mean response time: 0 msec, median: 0 msec
Time <  0.000 msec             0.100% cumulative
Time <  0.000 msec             1.000% cumulative
Time <  0.000 msec             2.500% cumulative
Time <  0.000 msec            10.000% cumulative
Time <  0.000 msec            25.000% cumulative
Time <  0.000 msec            50.000% cumulative
Time <  0.000 msec            75.000% cumulative
Time <  0.000 msec            90.000% cumulative
Time <  0.000 msec            97.500% cumulative
Time <  0.000 msec            99.000% cumulative
Time <  0.000 msec            99.990% cumulative

(Google DNS resolver used only for demonstration purposes. I don't plan to stress-test someone else's DNS server)

Environment

  • Operating system: Kubuntu 21.10
  • Software version: dnsbulktest 4.4.1
  • Software source: Ubuntu 21.10 distro repositories

Steps to reproduce

  1. Be on an IPv6-enabled machine
  2. Run dnsbulktest --type AAAA --www 0 2001:4860:4860::8888 53 5 with 5 domains of your choice

Expected behaviour

I'd expect it to work just as well as if I would run it against an IPv4 target

Actual behaviour

Requests time out, checking with tcpdump they aren't even sent

Other information

Running with strace revealed the following suspicious lines:

socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 3
setsockopt(3, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0
connect(3, {sa_family=AF_INET6, sin6_port=htons(53), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "2001:4860:4860::8888 53", &sin6_addr), sin6_scope_id=0}, 28) = -1 EAFNOSUPPORT (Address family not supported by protocol)

Which corresponds to these lines in the source code (I believe): https://github.com/PowerDNS/pdns/blob/e9ed941eb6addc77df63938fb583feca1851690b/pdns/dnsbulktest.cc#L93-L98

Now my network low-level C isn't very fluid, but it appears the issue is that dnsbulktest always creates an AF_INET socket, even if the destination address is an IPv6/AF_INET6 address. The connect() call looks fine though.

DasSkelett avatar Feb 20 '22 17:02 DasSkelett