[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
This bug was fixed in the package dnsmasq - 2.79-1ubuntu0.5 --- dnsmasq (2.79-1ubuntu0.5) bionic; urgency=medium * src/forward.c: add missing EDNS0 section. (LP: #1785383) -- Paride Legovini Fri, 24 Sep 2021 13:05:51 +0200 ** Changed in: dnsmasq (Ubuntu Bionic) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
Bionic verification done according to the [Test Plan]. ** Tags removed: verification-needed verification-needed-bionic ** Tags added: verification-done verification-done-bionic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
I retriggered those two tests and they passed. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
Hello Steve, or anyone else affected, Accepted dnsmasq into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/dnsmasq/2.79-1ubuntu0.5 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed- bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification- failed-bionic. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: dnsmasq (Ubuntu Bionic) Status: In Progress => Fix Committed ** Tags added: verification-needed verification-needed-bionic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
The MP got reviewed and the dnsmasq upload is currently waiting in the Bionic unapproved queue. Being a format 1.0 package the diff [1] looks huge at first glance, but the real changes are actually very limited (those in the MP). [1] https://launchpadlibrarian.net/560828569/dnsmasq_2.79-1ubuntu0.5.diff.gz ** Merge proposal linked: https://code.launchpad.net/~paride/ubuntu/+source/dnsmasq/+git/dnsmasq/+merge/409149 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
MP to fix this bug in Bionic, already reviewed and uploaded: https://code.launchpad.net/~paride/ubuntu/+source/dnsmasq/+git/dnsmasq/+merge/409149 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
I dropped the verification-* as there were about the systemd SRU, while I'm preparing the dnsmasq one at the moment. ** Description changed: [Impact] - dnsmasq 2.79 and below omits EDNS0 OPT records when returning an empty answer for a domain it is authoritative for. systemd-resolved seems to get confused by this in certain circumstances; when using the stub resolver and requesting an address for which there are no records, there can sometimes be a five second hang in resolution. - [Fix] - This is fixed by upstream commit http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=1682d15a744880b0398af75eadf68fe66128af78 + dnsmasq 2.79 and below omits EDNS0 OPT records [1] when returning an + empty answer for a domain it is authoritative for. systemd-resolved + seems to get confused by this in certain circumstances; when using the + stub resolver and requesting an address for which there are no + records, there can sometimes be a five second hang in resolution. - Not sure if it is worth cherry picking? I imagine the most likely - trigger will be dnsmasq on routers which are not likely to be running - Ubuntu, but maybe just in case. + [1] https://en.wikipedia.org/wiki/Extension_Mechanisms_for_DNS - I also think there are some logic issues in systemd-resolved, upstream - bug filed: + [Test Plan] - https://github.com/systemd/systemd/issues/9785 + Test case for bionic: - [Test Case] - Simple-ish test case for bionic: - - --- + - IFACE=dummy0 SUBNET=10.0.0 ip link add $IFACE type dummy ifconfig $IFACE ${SUBNET}.1/24 dnsmasq -h -R -d -C /dev/null -2 $IFACE -z -i $IFACE -I lo --host-record=test.test,${SUBNET}.1 --server=/test/ & dig -t a test.test @10.0.0.1 | grep EDNS # should return "; EDNS ..." dig -t test.test @10.0.0.1 | grep EDNS # again, should return "; EDNS ..." but doesn't - --- + - - To reproduce the systemd-resolved side of the problem + [Where problems could occur] - --- - # as above, but - # now configure systemd-resolved to look at only 10.0.0.1, then + Problems may occur in case a client queries dnsmasq and relies on EDNS0 + not being available for behaving correctly. This covers cases where the + software querying dnsmasq is buggy or misconfigured. - systemd-resolve --reset-server-features - # should exhibit five second delay then connect, assuming sshd is running :) - ssh test.test - --- + [Development Fix] + Fixed upstream in dnsmasq >= 2.80. - More detailed test case for focal and later: + [Stable Fix] - install dnsmasq on a bionic system and start it, listening to an - interface that is externally reachable, e.g. for a normal libvirt vm - with interface name 'ens3': + Partial cherry-pick of upstream commit + http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=1682d15a744880b0398af75eadf68fe66128af78 - IFACE=ens3 - dnsmasq -h -R -d -C /dev/null -2 $IFACE -z -i $IFACE -I lo --host-record=test.test,1.2.3.4 --server=/test/ - - note that the '1.2.3.4' address doesn't matter, any addr is ok. - - then setup a test system that can reach the dnsmasq system, and - configure networkd to use the dnsmasq server, e.g. using config like: - - [Match] - Name=ens3 - - [Network] - DHCP=yes - DNS=DNSMASQ_IP_ADDRESS - Domains=test - - [DHCPv4] - UseDNS=no - UseDomains=no - - replace 'DNSMASQ_IP_ADDRESS' with the addr of the bionic system where - dnsmasq is running, and replace 'ens3' with whatever the test system - interface name is. Then restart systemd-networkd, and test: - - systemd-resolve --reset-server-features - systemd-resolve --flush-caches - host test.test - - The lookup using 'host' should complete immediately;. - - [Discussion] - ProblemType: Bug - DistroRelease: Ubuntu 18.04 - Package: dnsmasq-base 2.79-1 - ProcVersionSignature: Ubuntu 4.15.0-23.25-generic 4.15.18 - Uname: Linux 4.15.0-23-generic x86_64 - ApportVersion: 2.20.9-0ubuntu7.2 - Architecture: amd64 - Date: Sat Aug 4 11:33:56 2018 - InstallationDate: Installed on 2018-05-31 (64 days ago) - InstallationMedia: Xubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426) - ProcEnviron: - TERM=xterm - PATH=(custom, no user) - LANG=en_GB.UTF-8 - SHELL=/bin/bash - SourcePackage: dnsmasq - UpgradeStatus: No upgrade log present (probably fresh install) + The cherry-pick is partial because half if it is already in the package + .diff we have in Bionic. ** Tags removed: verification-done verification-done-bionic verification-done-focal verification-done-groovy verification-done- hirsute ** Description changed: [Impact] dnsmasq 2.79 and below omits EDNS0 OPT records [1] when returning an empty answer for a domain it is authoritative for. systemd-resolved seems to get confused by this in certain circumstances; when using the stub resolver and requesting an address for which there are no records, there can sometimes be a five second hang in resolu
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
** Changed in: dnsmasq (Ubuntu Bionic) Status: Triaged => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
The only task that remains to tackled here is dnsmasq on Bionic. By following the [Test Case] I verified that applying [1] fixes the bug in Bionic. The first two hunks of the patch are already applied in the Ubuntu package, what remains to apply is in the attached patch. [1] http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=1682d15a744880b0398af75eadf68fe66128af78 ** Patch added: "lp1785383-dnsmasq-bionic.patch" https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1785383/+attachment/5527343/+files/lp1785383-dnsmasq-bionic.patch ** Changed in: dnsmasq (Ubuntu Bionic) Assignee: (unassigned) => Paride Legovini (paride) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
> This is related to the ubuntu server (bug) maintenance ah, https://wiki.ubuntu.com/ServerTeam#Daily_Bug_Expiration just part of the internal canonical server team bug tracking, got it. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
On Mon, Sep 6, 2021 at 4:05 PM Dan Streetman <1785...@bugs.launchpad.net> wrote: > > > [commenting so the bug doesn't get expired as we still need to look at > the Bionic fix for dnsmasq] > > AFAIK, launchpad bugs only auto-expire if set to 'incomplete'. bugs set > to anything else, like this one set to 'triaged', won't auto-expire and > don't need comments added to keep them from auto-expiring, unless there > is something i'm missing. Hi Dan, There is a secondary layer of server-team triage to ensure we stay aware of our bugs really well. In that there are 60 and 180 day expiration periods depending on some other factors we might ping a bug to ensure it comes back up again. This is related to the ubuntu server (bug) maintenance [1] and not general launchpad expiry mechanims. [1]: https://github.com/canonical/ubuntu-maintainers- handbook/blob/main/BugTriage.md -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
> [commenting so the bug doesn't get expired as we still need to look at the Bionic fix for dnsmasq] AFAIK, launchpad bugs only auto-expire if set to 'incomplete'. bugs set to anything else, like this one set to 'triaged', won't auto-expire and don't need comments added to keep them from auto-expiring, unless there is something i'm missing. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
[commenting so the bug doesn't get expired as we still need to look at the Bionic fix for dnsmasq] -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
This bug was fixed in the package systemd - 248.3-1ubuntu2 --- systemd (248.3-1ubuntu2) impish; urgency=medium [ Kai-Heng Feng ] * d/p/hwdb-Add-ProBook-to-use-micmute-hotkey.patch: - Add ProBook to use micmute hotkey (LP: #1930910) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=30b96fac92d911cb725f7220a9539085a24fe5f7 [ Jeremy Szu ] * d/p/lp1932352-hwdb-Add-mic-mute-key-mapping-for-HP-Elite-Dragonfly.patch: - Fix micmute hotkeys on HP Elite Dragonfly (LP: #1932352) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=ac93cfcca200644b743deab94f655ccd74ff90a6 [ Dan Streetman ] * d/p/debian/UBUNTU-resolved-Mitigate-DVE-2018-0001-by-retrying-NXDOMAIN-with.patch: Remove no-longer-needed patch for DVE-2018-0001 (LP: #1785383) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=943b2dd5884e67c67d6336c24352b02e17809df0 * d/p/lp1931578/0001-network-default-RequiredForOnline-false-if-Activacti.patch, d/p/lp1931578/0002-networkctl-add-field-Required-For-Online.patch, d/p/lp1931578/0003-test-add-test-to-verify-RequiredForOnline-setting-wi.patch: Adjust default for RequiredForOnline when using ActivationPolicy (LP: #1931578) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=d0b8629ec14396f1a5d5f7c132c9b687065136b0 * d/p/lp1894622-Add-systemd-resolve-backwards-compatibility-section-.patch: Add man page symlink and deprecation notice for systemd-resolve (LP: #1894622) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f719185253f989d6708c894150c0878cabee6589 * d/p/lp1858210/0001-time-simplify-get_timezones.patch, d/p/lp1858210/0002-time-split-get_timezone-into-main-function-and-zone1.patch, d/p/lp1858210/0003-time-get-timezones-from-tzdata.zi.patch: Parse tzdata.zi so timedatectl list-timezones also lists aliases (LP: #1858210) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=8e5b0a7c7c4e1e29b5e81511a1145633d9b75be5 -- Dan Streetman Tue, 06 Jul 2021 13:37:59 -0400 ** Changed in: systemd (Ubuntu Impish) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
This bug was fixed in the package systemd - 237-3ubuntu10.48 --- systemd (237-3ubuntu10.48) bionic; urgency=medium * d/p/lp1925216-seccomp-rework-functions-for-parsing-system-call-fil.patch: Downgrade syscall group parsing failure logs to debug (LP: #1925216) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=8c0181e24f7c0128a48c706d1f4b28ec0f225fd7 * d/p/lp1929560-network-move-set-MAC-and-set-nomaster-operations-out.patch: Move link mac and master config out of link_up() (LP: #1929560) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=d808ea22366ca7ba4b5bb32815ab0ca2eea8a49f * d/p/resolved-Mitigate-DVE-2018-0001-by-retrying-NXDOMAIN-with.patch, d/p/resolved_disable-connection-downgrade-when-DNSSEC-yes.patch, d/p/lp1880258-log-nxdomain-as-debug.patch, d/p/lp1785383-resolved-address-DVE-2018-0001.patch: - Use upstream patch for DVE-2018-0001 handling (LP: #1785383) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b6258fda64c84c34b0f8026e6e29bcfffa8dc4f1 -- Dan Streetman Thu, 27 May 2021 11:18:38 -0400 ** Changed in: systemd (Ubuntu Bionic) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
This bug was fixed in the package systemd - 245.4-4ubuntu3.7 --- systemd (245.4-4ubuntu3.7) focal; urgency=medium [ Andy Chi ] * debian/patches/lp1926547-hwdb-60-keyboard-Update-Dell-Privacy-Local-Mic-Mute-.patch - Apply upstream patch to correct key and device mapping. (LP: #1926547) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=62c3ce6d6b2cab762b24aa610d6d135a67bdd76a [ Dan Streetman ] * d/p/lp1921696/0001-rfkill-improve-error-logging.patch, d/p/lp1921696/0002-rfkill-use-short-writes-and-accept-long-reads.patch: Handle rfkill api change in kernel 5.10 (LP: #1921696) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=ff0c23ba4fbcfa7f68e98adb6d62798ce54ca1da * d/p/lp1929122-network-check-that-received-ifindex-is-valid.patch: Check if ifindex is valid (LP: #1929122) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=6378191818bc7d169b657e6f7a2b50cfddb4275e * d/p/lp1929560-network-move-set-MAC-and-set-nomaster-operations-out.patch: Move link mac and master config out of link_up() (LP: #1929560) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=28cff7ee02a9ebd4ab93026af9fceaa2283725b3 * d/p/lp1902891-core-mount-mount-command-may-fail-after-adding-the-c.patch: Handle failed mount command (LP: #1902891) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b425189a483d7455db870b0ec5b2443c0eea7d76 * d/p/resolved-Mitigate-DVE-2018-0001-by-retrying-NXDOMAIN-with.patch, d/p/lp1880258-log-nxdomain-as-debug.patch, d/p/lp1785383-resolved-address-DVE-2018-0001.patch: - Use upstream patch for DVE-2018-0001 handling (LP: #1785383) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=ec45ebfee362ad3e429642f7519e8b88f16dc221 [ Łukasz 'sil2100' Zemczak ] * d/p/lp1664844/0001-network-add-ActivationPolicy-configuration-parameter.patch, d/p/lp1664844/0002-test-add-ActivationPolicy-unit-tests.patch, d/p/lp1664844/0003-save-link-activation-policy-to-state-file-and-displa.patch: - add support for configuring the activation policy for an interface (LP: #1664844) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=94f7b72d8128c743f35b308101a87d2c53a4074c -- Dan Streetman Thu, 27 May 2021 11:16:17 -0400 ** Changed in: systemd (Ubuntu Focal) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
This bug was fixed in the package systemd - 246.6-1ubuntu1.4 --- systemd (246.6-1ubuntu1.4) groovy; urgency=medium [ Andy Chi ] * debian/patches/lp1926547-hwdb-60-keyboard-Update-Dell-Privacy-Local-Mic-Mute-.patch - Apply upstream patch to correct key and device mapping. (LP: #1926547) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=a4c14d1c8370445e315ffa59b0a7ce593a79fbf4 [ Dan Streetman ] * d/p/lp1921696/0001-rfkill-improve-error-logging.patch, d/p/lp1921696/0002-rfkill-use-short-writes-and-accept-long-reads.patch: Handle rfkill api change in kernel 5.10 (LP: #1921696) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b683c842c74b5f193555fd79bc76e574a025f5b1 * d/p/lp1929560-network-move-set-MAC-and-set-nomaster-operations-out.patch: Move link mac and master config out of link_up() (LP: #1929560) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=a90963d52a70c0ed1b429b1025b95f8c0fa6e7aa * d/p/lp1902891-core-mount-mount-command-may-fail-after-adding-the-c.patch: Handle failed mount command (LP: #1902891) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=d83f3bce38e04395c6406c3c45efbc9977ae1138 * d/p/debian/UBUNTU-resolved-Mitigate-DVE-2018-0001-by-retrying-NXDOMAIN-with.patch, d/p/lp1880258-log-nxdomain-as-debug.patch, d/p/lp1785383-resolved-address-DVE-2018-0001.patch: - Use upstream patch for DVE-2018-0001 handling (LP: #1785383) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=eb311ad89c5fd570bf3af362d8a2af1b357be3dd [ Łukasz 'sil2100' Zemczak ] * d/p/lp1664844/0001-network-add-ActivationPolicy-configuration-parameter.patch, d/p/lp1664844/0002-test-add-ActivationPolicy-unit-tests.patch, d/p/lp1664844/0003-save-link-activation-policy-to-state-file-and-displa.patch: - add support for configuring the activation policy for an interface (LP: #1664844) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=0b0a9202964b24fb8d9fb4b28bdb22c6aadd25b7 -- Dan Streetman Thu, 27 May 2021 11:13:07 -0400 ** Changed in: systemd (Ubuntu Groovy) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
This bug was fixed in the package systemd - 247.3-3ubuntu3.1 --- systemd (247.3-3ubuntu3.1) hirsute; urgency=medium [ Andy Chi ] * debian/patches/lp1926547-hwdb-60-keyboard-Update-Dell-Privacy-Local-Mic-Mute-.patch - Apply upstream patch to correct key and device mapping. (LP: #1926547) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f360a705d992205e3da511910c859e81390e93c6 [ Łukasz 'sil2100' Zemczak ] * d/p/lp1664844/0001-network-add-ActivationPolicy-configuration-parameter.patch, d/p/lp1664844/0002-test-add-ActivationPolicy-unit-tests.patch, d/p/lp1664844/0003-save-link-activation-policy-to-state-file-and-displa.patch: - add support for configuring the activation policy for an interface (LP: #1664844) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=ae75627f573f5946169819e4fdfe89290badaf21 [ Dan Streetman ] * d/p/debian/UBUNTU-resolved-Mitigate-DVE-2018-0001-by-retrying-NXDOMAIN-with.patch, d/p/lp1785383-resolved-address-DVE-2018-0001.patch: - Use upstream patch for DVE-2018-0001 handling (LP: #1785383) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=6c6e948e4364649a4a803a8f1c9cdd5c70e1f0ab * d/p/lp1929849-rfkill-add-some-casts-to-silence-Werror-sign-compare.patch: - Fix FTBFS due to kernel header change (LP: #1929849) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=656bfde76b7a2d172d84d4e7905d80e1dfa2b68d -- Dan Streetman Thu, 27 May 2021 11:09:57 -0400 ** Changed in: systemd (Ubuntu Hirsute) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
ubuntu@lp1785383-b:~$ dpkg -l systemd|grep systemd ii systemd237-3ubuntu10.47 amd64system and service manager ubuntu@lp1785383-b:~$ sudo systemd-resolve --reset-server-features ubuntu@lp1785383-b:~$ sudo systemd-resolve --flush-caches ubuntu@lp1785383-b:~$ time host test.test test.test has address 1.2.3.4 real0m5.024s user0m0.012s sys 0m0.008s ubuntu@lp1785383-b:~$ dpkg -l systemd|grep systemd ii systemd237-3ubuntu10.48 amd64system and service manager ubuntu@lp1785383-b:~$ sudo systemd-resolve --reset-server-features ubuntu@lp1785383-b:~$ sudo systemd-resolve --flush-caches ubuntu@lp1785383-b:~$ time host test.test test.test has address 1.2.3.4 real0m0.023s user0m0.013s sys 0m0.000s ** Tags removed: verification-needed verification-needed-bionic ** Tags added: verification-done verification-done-bionic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
ubuntu@lp1785383-f:~$ dpkg -l systemd|grep systemd ii systemd245.4-4ubuntu3.6 amd64system and service manager ubuntu@lp1785383-f:~$ systemd-resolve --reset-server-features ubuntu@lp1785383-f:~$ systemd-resolve --flush-caches ubuntu@lp1785383-f:~$ time host test.test test.test has address 1.2.3.4 real0m5.047s user0m0.015s sys 0m0.018s ubuntu@lp1785383-f:~$ dpkg -l systemd|grep systemd ii systemd245.4-4ubuntu3.7 amd64system and service manager ubuntu@lp1785383-f:~$ systemd-resolve --reset-server-features ubuntu@lp1785383-f:~$ systemd-resolve --flush-caches ubuntu@lp1785383-f:~$ time host test.test test.test has address 1.2.3.4 real0m0.020s user0m0.008s sys 0m0.008s ** Tags removed: verification-needed-focal ** Tags added: verification-done-focal -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
ubuntu@lp1785383-g:~$ dpkg -l systemd|grep systemd ii systemd246.6-1ubuntu1.3 amd64system and service manager ubuntu@lp1785383-g:~$ systemd-resolve --reset-server-features ubuntu@lp1785383-g:~$ systemd-resolve --flush-caches ubuntu@lp1785383-g:~$ time host test.test test.test has address 1.2.3.4 real0m5.040s user0m0.013s sys 0m0.013s ubuntu@lp1785383-g:~$ dpkg -l systemd|grep systemd ii systemd246.6-1ubuntu1.4 amd64system and service manager ubuntu@lp1785383-g:~$ systemd-resolve --reset-server-features ubuntu@lp1785383-g:~$ systemd-resolve --flush-caches ubuntu@lp1785383-g:~$ time host test.test test.test has address 1.2.3.4 real0m0.023s user0m0.010s sys 0m0.011s ** Tags removed: verification-needed-groovy ** Tags added: verification-done-groovy -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
ubuntu@lp1785383-h:~$ dpkg -l systemd|grep systemd ii systemd247.3-3ubuntu3 amd64system and service manager ubuntu@lp1785383-h:~$ systemd-resolve --reset-server-features ubuntu@lp1785383-h:~$ systemd-resolve --flush-caches ubuntu@lp1785383-h:~$ time host test.test test.test has address 1.2.3.4 real0m5.066s user0m0.012s sys 0m0.012s ubuntu@lp1785383-h:~$ dpkg -l systemd|grep systemd ii systemd247.3-3ubuntu3.1 amd64system and service manager ubuntu@lp1785383-h:~$ systemd-resolve --reset-server-features ubuntu@lp1785383-h:~$ systemd-resolve --flush-caches ubuntu@lp1785383-h:~$ time host test.test test.test has address 1.2.3.4 real0m0.044s user0m0.006s sys 0m0.017s ** Tags removed: verification-needed-hirsute ** Tags added: verification-done-hirsute -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
Hello Steve, or anyone else affected, Accepted systemd into focal-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/systemd/245.4-4ubuntu3.7 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed- focal to verification-done-focal. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification- failed-focal. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: systemd (Ubuntu Focal) Status: In Progress => Fix Committed ** Tags added: verification-needed-focal ** Changed in: systemd (Ubuntu Bionic) Status: In Progress => Fix Committed ** Tags added: verification-needed-bionic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
Hello Steve, or anyone else affected, Accepted systemd into groovy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/systemd/246.6-1ubuntu1.4 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed- groovy to verification-done-groovy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification- failed-groovy. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: systemd (Ubuntu Groovy) Status: In Progress => Fix Committed ** Tags added: verification-needed-groovy -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
Hello Steve, or anyone else affected, Accepted systemd into hirsute-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/systemd/247.3-3ubuntu3.1 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed- hirsute to verification-done-hirsute. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-hirsute. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: systemd (Ubuntu Hirsute) Status: Incomplete => Fix Committed ** Tags added: verification-needed verification-needed-hirsute -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
@brian-murray I've merged the fix to the git repository thus it will be part of the next upload. ** Changed in: systemd (Ubuntu Impish) Status: Triaged => Fix Committed ** Changed in: systemd (Ubuntu Impish) Importance: Undecided => Medium -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
marking incomplete for hirsute based on Brian's comment above. ** Changed in: systemd (Ubuntu Hirsute) Status: In Progress => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
The SRU of systemd for Hirsute (and all its accompanying bugs) looks good to me, but I'd like to see this fix merged for Impish at least per SRU policy. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
** Merge proposal linked: https://code.launchpad.net/~ddstreet/ubuntu/+source/systemd/+git/systemd/+merge/403382 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
** Description changed: [Impact] dnsmasq 2.79 and below omits EDNS0 OPT records when returning an empty answer for a domain it is authoritative for. systemd-resolved seems to get confused by this in certain circumstances; when using the stub resolver and requesting an address for which there are no records, there can sometimes be a five second hang in resolution. [Fix] This is fixed by upstream commit http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=1682d15a744880b0398af75eadf68fe66128af78 Not sure if it is worth cherry picking? I imagine the most likely trigger will be dnsmasq on routers which are not likely to be running Ubuntu, but maybe just in case. I also think there are some logic issues in systemd-resolved, upstream bug filed: https://github.com/systemd/systemd/issues/9785 [Test Case] - Simple-ish test case: + Simple-ish test case for bionic: --- IFACE=dummy0 SUBNET=10.0.0 ip link add $IFACE type dummy ifconfig $IFACE ${SUBNET}.1/24 - dnsmasq -h -R -d -C /dev/null -2 $IFACE -z -i $IFACE -I lo --host-record=test.test,${SUBNET}.1 & + dnsmasq -h -R -d -C /dev/null -2 $IFACE -z -i $IFACE -I lo --host-record=test.test,${SUBNET}.1 --server=/test/ & dig -t a test.test @10.0.0.1 | grep EDNS # should return "; EDNS ..." dig -t test.test @10.0.0.1 | grep EDNS # again, should return "; EDNS ..." but doesn't --- To reproduce the systemd-resolved side of the problem --- # as above, but # now configure systemd-resolved to look at only 10.0.0.1, then systemd-resolve --reset-server-features # should exhibit five second delay then connect, assuming sshd is running :) ssh test.test --- + + + More detailed test case for focal and later: + + install dnsmasq on a bionic system and start it, listening to an + interface that is externally reachable, e.g. for a normal libvirt vm + with interface name 'ens3': + + IFACE=ens3 + dnsmasq -h -R -d -C /dev/null -2 $IFACE -z -i $IFACE -I lo --host-record=test.test,1.2.3.4 --server=/test/ + + note that the '1.2.3.4' address doesn't matter, any addr is ok. + + then setup a test system that can reach the dnsmasq system, and + configure networkd to use the dnsmasq server, e.g. using config like: + + [Match] + Name=ens3 + + [Network] + DHCP=yes + DNS=DNSMASQ_IP_ADDRESS + Domains=test + + [DHCPv4] + UseDNS=no + UseDomains=no + + replace 'DNSMASQ_IP_ADDRESS' with the addr of the bionic system where + dnsmasq is running, and replace 'ens3' with whatever the test system + interface name is. Then restart systemd-networkd, and test: + + systemd-resolve --reset-server-features + systemd-resolve --flush-caches + host test.test + + The lookup using 'host' should complete immediately;. [Discussion] ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: dnsmasq-base 2.79-1 ProcVersionSignature: Ubuntu 4.15.0-23.25-generic 4.15.18 Uname: Linux 4.15.0-23-generic x86_64 ApportVersion: 2.20.9-0ubuntu7.2 Architecture: amd64 Date: Sat Aug 4 11:33:56 2018 InstallationDate: Installed on 2018-05-31 (64 days ago) InstallationMedia: Xubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426) ProcEnviron: TERM=xterm PATH=(custom, no user) LANG=en_GB.UTF-8 SHELL=/bin/bash SourcePackage: dnsmasq UpgradeStatus: No upgrade log present (probably fresh install) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
** Also affects: dnsmasq (Ubuntu Groovy) Importance: Undecided Status: New ** Also affects: systemd (Ubuntu Groovy) Importance: Undecided Status: New ** Also affects: dnsmasq (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: systemd (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: dnsmasq (Ubuntu Impish) Importance: Undecided Status: Triaged ** Also affects: systemd (Ubuntu Impish) Importance: Undecided Status: Triaged ** Also affects: dnsmasq (Ubuntu Hirsute) Importance: Undecided Status: New ** Also affects: systemd (Ubuntu Hirsute) Importance: Undecided Status: New ** Changed in: systemd (Ubuntu Hirsute) Status: New => In Progress ** Changed in: systemd (Ubuntu Hirsute) Assignee: (unassigned) => Dan Streetman (ddstreet) ** Changed in: systemd (Ubuntu Groovy) Importance: Undecided => Medium ** Changed in: systemd (Ubuntu Groovy) Status: New => In Progress ** Changed in: systemd (Ubuntu Groovy) Assignee: (unassigned) => Dan Streetman (ddstreet) ** Changed in: systemd (Ubuntu Focal) Importance: Undecided => Medium ** Changed in: systemd (Ubuntu Focal) Status: New => In Progress ** Changed in: systemd (Ubuntu Focal) Assignee: (unassigned) => Dan Streetman (ddstreet) ** Changed in: systemd (Ubuntu Bionic) Importance: Undecided => Medium ** Changed in: systemd (Ubuntu Bionic) Status: New => In Progress ** Changed in: systemd (Ubuntu Bionic) Assignee: (unassigned) => Dan Streetman (ddstreet) ** Changed in: systemd (Ubuntu Hirsute) Importance: Undecided => Medium ** Changed in: dnsmasq (Ubuntu Focal) Status: New => Fix Released ** Changed in: dnsmasq (Ubuntu Groovy) Status: New => Fix Released ** Changed in: dnsmasq (Ubuntu Hirsute) Status: New => Fix Released ** Changed in: dnsmasq (Ubuntu Impish) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
** Tags added: ddstreet -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
> although from comment #4 it sounds like it might be a regression caused by a security fix. it's not a security fix, it's a patch to get resolved working with specific broken captive portals, from bug 1727237 and bug 1766969. It was proposed upstream in this PR: https://github.com/systemd/systemd/pull/8608 but was never accepted upstream, only added to Ubuntu. As this bug shows, the patch does appear to actually still cause problems for people even without DNSSEC on (that problem was fixed in Ubuntu separately with bug 1796501). Fixing dnsmasq is good, but at some point we'll need to properly fix upstream to workaround buggy captive portals in a way that doesn't cause other problems. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
** Changed in: systemd Status: Unknown => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
** Tags added: server-next -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
Targeting to bionic, since disco/eoan/focal are on 2.80 which, per the OP, should already be carrying the requested fix. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
I've linked to the upstream systemd bug report, although from comment #4 it sounds like it might be a regression caused by a security fix. As to the dnsmasq patch mentioned in the issue description, what it appears to be doing is checking if there is a pseudoheader in the request, and if so adds the edns data structure to the response. I can't speak to what potential regressions might be concerns here, but the patch itself looks sensible to me. So, given adequate testing, I don't see a reason against considering SRU for this. ** Changed in: systemd (Ubuntu) Status: Confirmed => Triaged ** Also affects: dnsmasq (Ubuntu Bionic) Importance: Undecided Status: New ** Also affects: systemd (Ubuntu Bionic) Importance: Undecided Status: New ** Changed in: dnsmasq (Ubuntu Bionic) Status: New => Triaged -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
** Bug watch added: github.com/systemd/systemd/issues #9785 https://github.com/systemd/systemd/issues/9785 ** Also affects: systemd via https://github.com/systemd/systemd/issues/9785 Importance: Unknown Status: Unknown ** Description changed: - dnsmasq 2.79 and below omits EDNS0 OPT records when returning an empty - answer for a domain it is authoritative for. systemd-resolved seems to - get confused by this in certain circumstances; when using the stub - resolver and requesting an address for which there are no records, - there can sometimes be a five second hang in resolution. + [Impact] + dnsmasq 2.79 and below omits EDNS0 OPT records when returning an empty answer for a domain it is authoritative for. systemd-resolved seems to get confused by this in certain circumstances; when using the stub resolver and requesting an address for which there are no records, there can sometimes be a five second hang in resolution. - This is fixed by upstream commit - http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=1682d15a744880b0398af75eadf68fe66128af78 + [Fix] + This is fixed by upstream commit http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=1682d15a744880b0398af75eadf68fe66128af78 Not sure if it is worth cherry picking? I imagine the most likely trigger will be dnsmasq on routers which are not likely to be running Ubuntu, but maybe just in case. I also think there are some logic issues in systemd-resolved, upstream bug filed: https://github.com/systemd/systemd/issues/9785 + [Test Case] Simple-ish test case: --- IFACE=dummy0 SUBNET=10.0.0 ip link add $IFACE type dummy ifconfig $IFACE ${SUBNET}.1/24 dnsmasq -h -R -d -C /dev/null -2 $IFACE -z -i $IFACE -I lo --host-record=test.test,${SUBNET}.1 & dig -t a test.test @10.0.0.1 | grep EDNS # should return "; EDNS ..." dig -t test.test @10.0.0.1 | grep EDNS # again, should return "; EDNS ..." but doesn't --- To reproduce the systemd-resolved side of the problem --- # as above, but # now configure systemd-resolved to look at only 10.0.0.1, then systemd-resolve --reset-server-features # should exhibit five second delay then connect, assuming sshd is running :) ssh test.test --- + [Discussion] ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: dnsmasq-base 2.79-1 ProcVersionSignature: Ubuntu 4.15.0-23.25-generic 4.15.18 Uname: Linux 4.15.0-23-generic x86_64 ApportVersion: 2.20.9-0ubuntu7.2 Architecture: amd64 Date: Sat Aug 4 11:33:56 2018 InstallationDate: Installed on 2018-05-31 (64 days ago) InstallationMedia: Xubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426) ProcEnviron: - TERM=xterm - PATH=(custom, no user) - LANG=en_GB.UTF-8 - SHELL=/bin/bash + TERM=xterm + PATH=(custom, no user) + LANG=en_GB.UTF-8 + SHELL=/bin/bash SourcePackage: dnsmasq UpgradeStatus: No upgrade log present (probably fresh install) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
** Changed in: dnsmasq (Ubuntu) Status: Confirmed => Triaged -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
Any news on this? Recent upgrade has removed my patches to dnsmasq, and I'm hitting this again. Still convinced the Ubuntu-specific patch to systemd-resolved is flawed as well. I will try to get brain back into gear to have at look at this all again. If nothing else, would be good to SRU the dnsmasq upstream fix? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: systemd (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: dnsmasq (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
Returning NXDOMAIN is the behavior of Adblock on Turris-os (a derivative of OpenWRT) with Knot resolver as back-end. I am of the same opinion than @cbz . At the moment I will limit the logging rate. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
In my opinion the log message from system also needs to be dropped - a number of systems will use NXDOMAIN as a means of domain blocking/ad blocking, and this isn't thus an exceptional event that needs logging each time. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
Reverting the patch "resolved-Mitigate-DVE-2018-0001-by-retrying- NXDOMAIN-with.patch" solves this problem for me. My best guess is that the following patch segment changes some key logic: @@ -388,12 +388,12 @@ static int dns_transaction_pick_server(DnsTransaction *t) { if (!server) return -ESRCH; -/* If we changed the server invalidate the feature level clamping, as the new server might have completely - * different properties. */ -if (server != t->server) +/* If we changed the server invalidate the current & clamp feature levels, as the new server might have + * completely different properties. */ +if (server != t->server) { t->clamp_feature_level = _DNS_SERVER_FEATURE_LEVEL_INVALID; - -t->current_feature_level = dns_server_possible_feature_level(server); +t->current_feature_level = dns_server_possible_feature_level(server); +} Note that it makes the assignment dependent on the test, I don't know if this was intentional or not. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
On further investigation this seems to be specific to the Ubuntu version of systemd 237. I cannot reproduce it with the upstream release. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved
Amend to test case: dnsmasq -h -R -d -C /dev/null -2 $IFACE -z -i $IFACE -I lo -S /test/ --host-record=test.test,${SUBNET}.1 Cannot reproduce bug in systemd 239, but would be good to know which commit fixed the problem for cherry picking purposes. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785383 Title: missing EDNS0 record confuses systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1785383/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs