Re: [Pdns-users] Recursor v3.2 and v3.3 malformed answer in case of big response from authoritative
On Mon, Apr 11, 2011 at 05:11:41PM +0200, bert hubert wrote: On Mon, Apr 11, 2011 at 04:53:16PM +0200, Thor Spruyt wrote: Last week I discovered an issue with recursor v3.2. Hi Thor, Thanks! You've uncovered an interesting bug which was quite devious. It has been solved in http://wiki.powerdns.com/trac/changeset/2150 The problem was that powerdns would indeed try to serve infinitely large answers over TCP/IP, even though TCP/IP answers are still limited to 65KB. However, since yesterday the domain auinmeio.com.br appears to have developed its own problems, so it still does not resolve, but for a new reason. It looks like it is just broken. Can you verify using http://svn.powerdns.com/snapshots/pdns-recursor-3.4-pre.tar.bz2 ? Bert ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Recursor v3.2 and v3.3 malformed answer in case of big response from authoritative
Bert, Quick check is looking good ... [thor@tns125 named]$ dig -t MX auinmeio.com.br @195.130.158.234 ;; Truncated, retrying in TCP mode. ; DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 -t MX auinmeio.com.br @195.130.158.234 ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 24511 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1569, AUTHORITY: 0, ADDITIONAL: 1353 ;; Query time: 282 msec ;; SERVER: 195.130.158.234#53(195.130.158.234) ;; WHEN: Wed Apr 13 01:22:30 2011 ;; MSG SIZE rcvd: 65531 Apr 13 01:22:30 tns125 pdns_recursor[16024]: 1 [36] question for 'auinmeio.com.br.|MX' from 195.130.158.234 Apr 13 01:22:30 tns125 pdns_recursor[16024]: 1 [36] answer to question 'auinmeio.com.br.|MX': 19 answers, 0 additional, took 0 packets, 0 throttled, 0 timeouts, 0 tcp connections, rcode=0 Apr 13 01:22:30 tns125 pdns_recursor[16024]: 1 [37] TCP question for 'auinmeio.com.br.|MX' from 195.130.158.234 Apr 13 01:22:30 tns125 pdns_recursor[16024]: 1 [37] answer to question 'auinmeio.com.br.|MX': 1569 answers, 1353 additional, took 0 packets, 0 throttled, 0 timeouts, 0 tcp connections, rcode=0 Kind regards, Thor. - Original Message - From: bert hubert bert.hub...@netherlabs.nl To: Thor Spruyt thor.spr...@telenet.be Cc: pdns-users@mailman.powerdns.com Sent: Tuesday, April 12, 2011 3:38:26 PM GMT +01:00 Amsterdam / Berlin / Bern / Rome / Stockholm / Vienna Subject: Re: [Pdns-users] Recursor v3.2 and v3.3 malformed answer in case of big response from authoritative On Mon, Apr 11, 2011 at 05:11:41PM +0200, bert hubert wrote: On Mon, Apr 11, 2011 at 04:53:16PM +0200, Thor Spruyt wrote: Last week I discovered an issue with recursor v3.2. Hi Thor, Thanks! You've uncovered an interesting bug which was quite devious. It has been solved in http://wiki.powerdns.com/trac/changeset/2150 The problem was that powerdns would indeed try to serve infinitely large answers over TCP/IP, even though TCP/IP answers are still limited to 65KB. However, since yesterday the domain auinmeio.com.br appears to have developed its own problems, so it still does not resolve, but for a new reason. It looks like it is just broken. Can you verify using http://svn.powerdns.com/snapshots/pdns-recursor-3.4-pre.tar.bz2 ? Bert ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] Recursor v3.2 and v3.3 malformed answer in case of big response from authoritative
Hi,
Last week I discovered an issue with recursor v3.2.
It appears to return a malformed answer to the client in case the data (incl.
additional data) exceeds the 65536 maximum (2 bytes length field).
An example real-life lookup which has this issue as a result is MX of
auinmeio.com.br
When asking one of the authoritative servers, dig yields (note ANSWER,
ADDITIONAL and MSG SIZE):
[thor@tns125 named]$ dig -t MX auinmeio.com.br @ns1.auinmeio.com.br
;; Truncated, retrying in TCP mode.
; DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 -t MX auinmeio.com.br
@ns1.auinmeio.com.br
;; global options: printcmd
;; Got answer:
;; -HEADER- opcode: QUERY, status: NOERROR, id: 25661
;; flags: qr aa rd; QUERY: 1, ANSWER: 1569, AUTHORITY: 6, ADDITIONAL: 1376
;; QUESTION SECTION:
;auinmeio.com.br. IN MX
snip
;; Query time: 765 msec
;; SERVER: 65.98.112.162#53(65.98.112.162)
;; WHEN: Mon Apr 11 16:16:25 2011
;; MSG SIZE rcvd: 65531
When asking powerdns v3.3, dig yields (note ANSWER, ADDITIONAL and MSG SIZE):
[thor@tns125 named]$ dig -t MX auinmeio.com.br @195.130.158.234
;; Truncated, retrying in TCP mode.
;; Warning: Message parser reports malformed message packet.
; DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 -t MX auinmeio.com.br
@195.130.158.234
;; global options: printcmd
;; Got answer:
;; -HEADER- opcode: QUERY, status: NOERROR, id: 11531
;; flags: qr rd ra; QUERY: 1, ANSWER: 1569, AUTHORITY: 0, ADDITIONAL: 1569
;; QUESTION SECTION:
;auinmeio.com.br. IN MX
snip
;; Query time: 63 msec
;; SERVER: 195.130.158.234#53(195.130.158.234)
;; WHEN: Mon Apr 11 16:19:00 2011
;; MSG SIZE rcvd: 4427
From a packet trace, I see that the UDP answer is correct with 20 MX answered
in a truncated reponse.
The client then asks the same question via TCP:
Domain Name System (query)
[Response In: 8]
Length: 33
Transaction ID: 0x2648
Flags: 0x0100 (Standard query)
0... = Response: Message is a query
.000 0... = Opcode: Standard query (0)
..0. = Truncated: Message is not truncated
...1 = Recursion desired: Do query recursively
.0.. = Z: reserved (0)
...0 = Non-authenticated data OK: Non-authenticated data
is unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
auinmeio.com.br: type MX, class IN
Name: auinmeio.com.br
Type: MX (Mail exchange)
Class: IN (0x0001)
And then powerdns answers with:
Domain Name System (response)
[Request In: 6]
[Time: 0.055456000 seconds]
Length: 4465
Transaction ID: 0x2648
Flags: 0x8180 (Standard query response, No error)
1... = Response: Message is a response
.000 0... = Opcode: Standard query (0)
.0.. = Authoritative: Server is not an authority for
domain
..0. = Truncated: Message is not truncated
...1 = Recursion desired: Do query recursively
1... = Recursion available: Server can do recursive
queries
.0.. = Z: reserved (0)
..0. = Answer authenticated: Answer/authority portion
was not authenticated by the server
= Reply code: No error (0)
Questions: 1
Answer RRs: 1569
Authority RRs: 0
Additional RRs: 1569
Queries
auinmeio.com.br: type MX, class IN
Name: auinmeio.com.br
Type: MX (Mail exchange)
Class: IN (0x0001)
Answers
auinmeio.com.br: type MX, class IN, preference 0, mx
pm02-58.auinmeio.com.br
Name: auinmeio.com.br
Type: MX (Mail exchange)
Class: IN (0x0001)
Time to live: 1 minute, 25 seconds
Data length: 12
Preference: 0
Mail exchange: pm02-58.auinmeio.com.br
snip
auinmeio.com.br: type MX, class IN
Name: auinmeio.com.br
Type: MX (Mail exchange)
Class: IN (0x0001)
Time to live: 1 minute, 25 seconds
Data length: 12
[Malformed Packet: DNS]
[Expert Info (Error/Malformed): Malformed Packet (Exception occurred)]
[Message: Malformed Packet (Exception occurred)]
[Severity level: Error]
[Group: Malformed]
[Malformed Packet: DNS]
[Expert Info (Error/Malformed): Malformed Packet (Exception occurred)]
[Message: Malformed Packet (Exception occurred)]
[Severity level: Error]
[Group: Malformed]
Domain Name System (query)
Length: 1889
Transaction ID: 0x6c35
Flags: 0x372d (Unknown operation)
0... = Response: Message is a query
.011 0... = Opcode: Unknown (6)
..1. = Truncated: Message is truncated
...1 = Recursion desired: Do query
Re: [Pdns-users] Recursor v3.2 and v3.3 malformed answer in case of big response from authoritative
On Mon, Apr 11, 2011 at 04:53:16PM +0200, Thor Spruyt wrote: Last week I discovered an issue with recursor v3.2. This is probably fixed in 3.3.1: Discovered by John J and Robin J, the PowerDNS Recursor did not process packets that were truncated in mid-record, and also did not act on the 'truncated' (TC) flag in that case. This broke a very small number of domains, most of them served by very old versions of the PowerDNS Authoritative Server. Fix in commit 1740. 3.3.1 has not been formally released, but is in wide production and can be found on http://svn.powerdns.com/snapshots/pdns-recursor-3.3.1.tar.bz2 3.3.1 here resolves auinmeio.com.br|MX just fine, although it takes a stunning 193 packets (!!). However, it does end up delivering a slightly weird answer, which we are investigating (trailing bytes). Can you open a ticket on http://wiki.powerdns.com? thanks! ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
