I'm observing the following problem with dnsmasq 2.76 on arm7 platform. Dnsmasq is responing with bad packet, but shouldn't. This is somehow related to DNSSEC, ial.ru is signed.
this is through local dnsmasq forwarding server: # dig soa guardian.ial.ru @127.0.0.1 ;; Got bad packet: bad compression pointer 131 bytes a8 45 83 80 00 01 00 01 00 01 00 01 08 67 75 61 .E...........gua 72 64 69 61 6e 03 69 61 6c 02 72 75 00 00 06 00 rdian.ial.ru.... 01 c0 0c 00 05 00 01 00 00 0e 0f 00 10 08 67 75 ..............gu 61 72 64 69 61 6e 02 75 6b 02 74 6f 00 c0 36 00 ardian.uk.to..6. 06 00 01 00 00 0e 10 00 2f 03 6e 73 31 06 61 66 ......../.ns1.af 72 61 69 64 03 6f 72 67 00 08 64 6e 73 61 64 6d raid.org..dnsadm 69 6e c1 d9 65 76 95 a3 00 01 51 80 00 00 1c 20 in..ev....Q..... 00 24 ea 00 00 00 0e 10 00 00 29 10 00 00 00 00 .$........)..... 00 00 00 ... this is though google dns on the same host: # dig soa guardian.ial.ru @8.8.8.8 ; <<>> DiG 9.10.4-P5 <<>> soa guardian.ial.ru @8.8.8.8 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31031 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;guardian.ial.ru. IN SOA ;; ANSWER SECTION: guardian.ial.ru. 12 IN CNAME guardian.uk.to. ;; AUTHORITY SECTION: uk.to. 1666 IN SOA ns1.afraid.org. dnsadmin.afraid.org. 1702270369 86400 7200 2419200 3600 ;; Query time: 63 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Mon Feb 27 14:05:09 UTC 2017 ;; MSG SIZE rcvd: 131 this is related info: # dnsmasq -v Dnsmasq version 2.76 Copyright (c) 2000-2016 Simon Kelley Compile time options: IPv6 GNU-getopt no-RTC no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset Tomato-helper auth DNSSEC loop-detect inotify This software comes with ABSOLUTELY NO WARRANTY. Dnsmasq is free software, and you are welcome to redistribute it under the terms of the GNU General Public License, version 2 or 3. # uname -a Linux guardian 2.6.36.4brcmarm #1 SMP PREEMPT Thu Feb 2 21:42:22 CET 2017 armv7l GNU/Linux # drill soa guardian.ial.ru Error: error sending query: Invalid compression pointer # drill -v drill version 1.6.17 (ldns version 1.6.17) Written by NLnet Labs. Copyright (c) 2004-2008 NLnet Labs. Licensed under the revised BSD license. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Best regards, Igor Lidin _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
