public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug libc/26601] New: getaddrinfo()/AF_UNSPEC: resolver does not try next DNS if SERVFAIL received for IPv4
@ 2020-09-11 13:43 rkarbowski at amadeus dot com
2020-09-11 13:47 ` [Bug libc/26601] " rkarbowski at amadeus dot com
0 siblings, 1 reply; 2+ messages in thread
From: rkarbowski at amadeus dot com @ 2020-09-11 13:43 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=26601
Bug ID: 26601
Summary: getaddrinfo()/AF_UNSPEC: resolver does not try next
DNS if SERVFAIL received for IPv4
Product: glibc
Version: unspecified
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: libc
Assignee: unassigned at sourceware dot org
Reporter: rkarbowski at amadeus dot com
CC: drepper.fsp at gmail dot com
Target Milestone: ---
Created attachment 12836
--> https://sourceware.org/bugzilla/attachment.cgi?id=12836&action=edit
SERVFAIL simulator
*git check out date (dd/mm/yy) & time: 11/09/20 09:58:20 UTC
*scripts/config.guess
x86_64-pc-linux-gnu
*../glibc/configure --prefix=/usr/tmp
* build:
uname -a
Linux openSUSE 5.3.18-lp152.41-default #1 SMP Thu Sep 3 23:02:59 UTC 2020
(a4d139b) x86_64 x86_64 x86_64 GNU/Linux
*target:
uname -a
Linux xxx 4.12.14-122.32-default #1 SMP Wed Aug 5 12:59:08 UTC 2020 (477c426)
x86_64 x86_64 x86_64 GNU/Linux
*build:
gcc -v
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib64/gcc/x86_64-suse-linux/7/lto-wrapper
OFFLOAD_TARGET_NAMES=hsa:nvptx-none
Target: x86_64-suse-linux
Configured with: ../configure --prefix=/usr --infodir=/usr/share/info
--mandir=/usr/share/man --libdir=/usr/lib64 --libexecdir=/usr/lib64
--enable-languages=c,c++,objc,fortran,obj-c++,ada,go
--enable-offload-targets=hsa,nvptx-none=/usr/nvptx-none, --without-cuda-driver
--enable-checking=release --disable-werror
--with-gxx-include-dir=/usr/include/c++/7 --enable-ssp --disable-libssp
--disable-libvtv --disable-libcc1 --disable-plugin
--with-bugurl=https://bugs.opensuse.org/ --with-pkgversion='SUSE Linux'
--with-slibdir=/lib64 --with-system-zlib --enable-libstdcxx-allocator=new
--disable-libstdcxx-pch --enable-version-specific-runtime-libs
--with-gcc-major-version-only --enable-linker-build-id --enable-linux-futex
--enable-gnu-indirect-function --program-suffix=-7 --without-system-libunwind
--enable-multilib --with-arch-32=x86-64 --with-tune=generic
--build=x86_64-suse-linux --host=x86_64-suse-linux
Thread model: posix
gcc version 7.5.0 (SUSE Linux)
ld -v
GNU ld (GNU Binutils; openSUSE Leap 15.2) 2.32.0.20190909-lp152.3
*Problem description:
The resolver does not try next DNS server in a case of AF_UNSPEC query, when
IPv4 request gets SERVFAIL RCODE.
Issue seems to be a generic one (e.g. glibc v. 2.11.3 was already impacted)
*How to reproduce:
On target node:
- stop any external DNS resolver e.g. dnsmasq
- stop any caching mechanism e.g. nscd
- download attachment proxy-dns.tar.xz, unpack and compile (make)
It contains 2 programs:
1) dns-proxy: simplistic DNS forwarder which simulates SERVFAIL answers for the
specified host
./dns-proxy
Usage: dns-proxy -l IP@ -s IP@ -n HOST [-h]
-l proxy local IP (listen on port #53)
-s real DNS server IP
-n HOST FQDN for SERVFAIL simulation
-v verbose
-h print help
Example: dns-proxy -l 127.0.0.1 -s 8.8.8.8 -n www.gnu.org
2) getaddrinfo: client program which tries to resolve host name via
getaddrinfo()
./getaddrinfo
Usage: getaddrinfo [-4] hostname
-4 IPv4 only (AF_INET). Default IPv4 and IPv6 (AF_UNSPEC)
- set in /etc/resolv.conf:
# dns-proxy
nameserver 127.0.0.1
# any 'good' DNS server
nameserver 1.1.1.1
- from first terminal start proxy (as root) e.g.:
./dns-proxy -l 127.0.0.1 -s 8.8.8.8 -n www.gnu.org
- from second terminal run client:
Good answer (no SERVFAIL simulation):
glibc-build> ./testrun.sh ../getaddrinfo sourceware.org.
8.43.85.97
::2620:52:3:1:0:246e
Bad answer (IPv6 only) - SERVFAIL + AF_UNSPEC:
glibc-build> ./testrun.sh ../getaddrinfo www.gnu.org.
::2001:470:142:3:0:0
Good answer - SERVFAIL + AF_INET:
glibc-build> ./testrun.sh ../getaddrinfo -4 www.gnu.org.
209.51.188.148
*Possible workarounds:
- set "options single-request" in /etc/resolv.conf
- do not use AF_UNSPEC (unrealistic for 3rd party software)
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 2+ messages in thread
* [Bug libc/26601] getaddrinfo()/AF_UNSPEC: resolver does not try next DNS if SERVFAIL received for IPv4
2020-09-11 13:43 [Bug libc/26601] New: getaddrinfo()/AF_UNSPEC: resolver does not try next DNS if SERVFAIL received for IPv4 rkarbowski at amadeus dot com
@ 2020-09-11 13:47 ` rkarbowski at amadeus dot com
0 siblings, 0 replies; 2+ messages in thread
From: rkarbowski at amadeus dot com @ 2020-09-11 13:47 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=26601
Robert Karbowski <rkarbowski at amadeus dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |rkarbowski at amadeus dot com
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-09-11 13:47 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-09-11 13:43 [Bug libc/26601] New: getaddrinfo()/AF_UNSPEC: resolver does not try next DNS if SERVFAIL received for IPv4 rkarbowski at amadeus dot com
2020-09-11 13:47 ` [Bug libc/26601] " rkarbowski at amadeus dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).