Hi guys,

While working with consul, I discovered a "false positive" corner case
which triggers a downgrade of the accepted_payload_size.
This patch fixes this issue by ensuring that we downgrade this value only
when the resolution status is a timeout.

Baptiste
From 587329053581d438edd4c0f7b8a0412465329308 Mon Sep 17 00:00:00 2001
From: Baptiste Assmann <bed...@gmail.com>
Date: Mon, 19 Feb 2018 18:47:59 +0100
Subject: [PATCH] BUG/MINOR: dns: false positive downgrade of
 accepted_payload_size

When admins expect to get many records in DNS responses, they have to
enable accepted_payload_size. This feature will make HAProxy send an
additional OPT record to announce eDNS extension, which includes an
announce for big DNS responses.
HAProxy automatically failover to 1280 bytes if accepted_payload_size is
bigger that 1280 and if we don't have any responses from the server.

That said, current code implementation takes into account any kind of
errors, while this should be applied to resolutions in timeout only.

This patch fixes this behavior to ensure that the downgrade happens only
for the timeout cases.


Backport status: 1.8

---
 src/dns.c | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/src/dns.c b/src/dns.c
index 280bc15..b89d339 100644
--- a/src/dns.c
+++ b/src/dns.c
@@ -1728,17 +1728,20 @@ static struct task *dns_process_resolvers(struct task *t)
 			list_for_each_entry(req, &res->requesters, list)
 				req->requester_error_cb(req, res->status);
 
+			if (res->status == RSLV_STATUS_TIMEOUT) {
+				/* This might be triggered by too big UDP packets
+				 * dropped somewhere on the network, so lowering the
+				 * accepted_payload_size announced */
+				if (resolvers->accepted_payload_size > 1280)
+					resolvers->accepted_payload_size = 1280;
+			}
+
 			/* Clean up resolution info and remove it from the
 			 * current list */
 			dns_reset_resolution(res);
 			LIST_DEL(&res->list);
 			LIST_ADDQ(&resolvers->resolutions.wait, &res->list);
 
-			/* This might be triggered by too big UDP packets
-			 * dropped somewhere on the network, so lowering the
-			 * accepted_payload_size announced */
-			if (resolvers->accepted_payload_size > 1280)
-				resolvers->accepted_payload_size = 1280;
 		}
 		else {
 			/* Otherwise resend the DNS query and requeue the resolution */
-- 
2.7.4

Reply via email to