I should run a DNS cache locally, though.
On 10/10/22 19:23, Guillermo wrote:
El lun, 10 oct 2022 a las 13:28, Laurent Bercot escribió:s6dns_engine filters answers that do not seem relevant to in-flight queries. That includes malformed answers or ones that do not follow RFC 1035. I was made aware (thanks, Ermine) that some caches fail to set the RD bit in their responses to queries containing the RD bit; these answers were ignored.However, the OS would still deliver them to skadnsd in a recv() / recvfrom() call, right? If my reading of the truss outputs is correct, the HardenedBSD system isn't getting a response at all, and whatever error happens with the program running on the OmniOS system, if any, does not involve the network (I can't tell if skadnsd is delivering all received answers to the client). I feel that packet capture tools like tcpdump(1) or OmniOS' snoop(8) would be better suited for answering the questions that have been raised so far (malformed packets, ignored responses, lack of responses, etc.). Also, aren't 18 outstanding queries in a short amount of time from one single host, like, a lot? Couldn't Shaw's caches think that they are being DoS'ed :P ? G:
-- Ellenor Agnes Bjornsdottir (she) sysadmin umbrellix.net jabber: ellenor ~on~ umbrellix.net
OpenPGP_0x4FF7A78866B94DA6.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
