Re: [s6-dns] is there a particular reason skadns_packet would return NULL errno ENETUNREACH?

From: Ellenor Bjornsdottir <ellenor_at_umbrellix.net>
Date: Tue, 11 Oct 2022 23:13:10 +0000

Shaw's cache blocking me would be an interesting hypothesis. However,
wouldn't my first query respond and the others block me? I got no
response from any of the queries, suggesting that it is this rd-bit
issue Ermine raised.

I should run a DNS cache locally, though.

On 10/10/22 19:23, Guillermo wrote:
> El lun, 10 oct 2022 a las 13:28, Laurent Bercot escribió:
>> s6dns_engine filters answers that do not seem relevant to in-flight
>> queries. That includes malformed answers or ones that do not follow
>> RFC 1035.
>> I was made aware (thanks, Ermine) that some caches fail to set the
>> RD bit in their responses to queries containing the RD bit; these
>> answers were ignored.
> However, the OS would still deliver them to skadnsd in a recv() /
> recvfrom() call, right? If my reading of the truss outputs is correct,
> the HardenedBSD system isn't getting a response at all, and whatever
> error happens with the program running on the OmniOS system, if any,
> does not involve the network (I can't tell if skadnsd is delivering
> all received answers to the client).
>
> I feel that packet capture tools like tcpdump(1) or OmniOS' snoop(8)
> would be better suited for answering the questions that have been
> raised so far (malformed packets, ignored responses, lack of
> responses, etc.). Also, aren't 18 outstanding queries in a short
> amount of time from one single host, like, a lot? Couldn't Shaw's
> caches think that they are being DoS'ed :P ?
>
> G:

--
Ellenor Agnes Bjornsdottir (she)
sysadmin umbrellix.net
jabber: ellenor ~on~ umbrellix.net

Received on Wed Oct 12 2022 - 01:13:10 CEST

This archive was generated by hypermail 2.4.0 : Wed Oct 12 2022 - 01:13:47 CEST