hickory-dns
hickory-dns copied to clipboard
resolve -s works, but ping fails
Describe the bug trust-dns does not correctly support 'ping'.
To Reproduce
-
configure trust-dns for zone i.mark1010.com @ IN SOA i.mark1010.com. root.i.mark1010.com. ( 199609204 ; Serial 28800 ; Refresh 7200 ; Retry 604800 ; Expire 86400) ; Minimum TTL
NS ns1 MX 1 alias ANAME linux
linux A 192.168.1.201 www CNAME linux ns1 CNAME linux
Note that i.mark1010.com has its own ns: $ dig @173.245.58.51 i.mark1010.com ns i.mark1010.com. 83276 IN NS 192.168.1.201.
$ strace -s 150 ping www.i.mark1010.com FAILS. strace relevant bits: connect(5, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, 16) = 0 sendmmsg(5, [{msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\347\1\1\0\0\1\0\0\0\0\0\0\3www\1i\10mark1010\3com\0\0\1\0\1", iov_len=36}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, msg_len=36}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\374\34\1\0\0\1\0\0\0\0\0\0\3www\1i\10mark1010\3com\0\0\34\0\1", iov_len=36}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, msg_len=36}], 2, MSG_NOSIGNAL) = 2 recvfrom(5, "\374\34\204\0\0\1\0\1\0\1\0\0\3www\1i\10mark1010\3com\0\0\34\0\1\3www\1i\10mark1010\3com\0\0\5\0\1\0\1Q\200\0\10\5linux\300(\300(\0\2\0\1\0\1Q\200\0\6\3ns1\300(", 2048, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, [28->16]) = 92 recvfrom(5, "\347\1\204\0\0\1\0\1\0\1\0\1\3www\1i\10mark1010\3com\0\0\1\0\1\3www\1i\10mark1010\3com\0\0\5\0\1\0\1Q\200\0\10\5linux\300(\300(\0\2\0\1\0\1Q\200\0\6\3ns1\300(\300B\0\1\0\1\0\1Q\200\0\4\300\250\1\311", 65536, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, [28->16]) = 108
trust-dns log: 1620231073.530222:INFO:trust_dns_server::server::server_future:594:request: 10517 type: Query op_code: Query dnssec: false name: www.i.mark1010.com. type: A class: IN 1620231073.530266:INFO:trust_dns_server::authority::catalog:407:request: 10517 found authority: i.mark1010.com. 1620231073.530273:INFO:trust_dns_server::server::response_handler:49:response: 7953 response_code: 0 1620231073.530329:INFO:trust_dns_server::server::response_handler:49:response: 10517 response_code: 0
Note that trust-dns resolver client works fine (dig resolves things fine too): $ resolve -s www.i.mark1010.com Querying for www.i.mark1010.com A from udp:127.0.0.1:53, tcp:127.0.0.1:53 Success for query name: www.i.mark1010.com type: A class: IN linux.i.mark1010.com. 86400 IN A 192.168.1.201
Expected behavior I expect ping to work.
System: ubuntu 20.04.2 rustc 1.53.0-nightly (42816d61e 2021-04-24)
Version: from git a couple of days ago. Also from trust-dns log: 1620231444.685286:INFO:named:349:Trust-DNS 0.20.1 starting
Additional context I'm not running dnsmasq, avahi or any other dns-related server.
Also, in case it helps I tried (failed) again with 'ping -4':
strace -s 150 ping -4 www.i.mark1010.com
connect(4, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, 16) = 0 sendto(4, "\200\333\1\0\0\1\0\0\0\0\0\0\3www\1i\10mark1010\3com\0\0\1\0\1", 36, MSG_NOSIGNAL, NULL, 0) = 36 recvfrom(4, "\200\333\204\0\0\1\0\1\0\1\0\1\3www\1i\10mark1010\3com\0\0\1\0\1\3www\1i\10mark1010\3com\0\0\5\0\1\0\1Q\200\0\10\5linux\300(\300(\0\2\0\1\0\1Q\200\0\6\3ns1\300(\300B\0\1\0\1\0\1Q\200\0\4\300\250\1\311", 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, [28->16]) = 108
Also, resolve (success) strace is:
strace -s 150 resolve -s www.i.mark1010.com
sendto(6, "\302\211\1\0\0\1\0\0\0\0\0\0\3www\1i\10mark1010\3com\0\0\1\0\1", 36, MSG_NOSIGNAL, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, 16) = 36 recvfrom(6, "\302\211\204\0\0\1\0\1\0\1\0\1\3www\1i\10mark1010\3com\0\0\1\0\1\3www\1i\10mark1010\3com\0\0\5\0\1\0\1Q\200\0\10\5linux\300(\300(\0\2\0\1\0\1Q\200\0\6\3ns1\300(\300B\0\1\0\1\0\1Q\200\0\4\300\250\1\311", 2048, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, [128->16]) = 108
ping is making a 200\333 request, and resolve is making a 302\211 request?
Thought? Suggestions? Thanks!!!
Also, /etc/nsswitch.conf: hosts: files dns
/etc/resolv.conf: nameserver 127.0.0.1
Thanks for this report. I'll need to look at your report and decode some of what you've posted to try and understand what's going on here. I don't at the moment understand how ping
operates differently in such a way as to dislike the responses from trust-dns.
Thanks for looking into it. I found it odd the first few sendto bytes were different - recvfrom too. If I can format things better, or do different tests please let me know. I'm a little slow responding to email, but I'm happy to chat via discord if you want to debug/test a few things.