Bug#1051517: dnsmasq: only returns SOA for A queries on the first (going-to-upstream) query, returns empty on subsequent ones

наб Fri, 08 Sep 2023 17:15:17 -0700

Package: dnsmasq
Version: 2.89-1
Severity: normal

Dear Maintainer,


I run dnsmasq :53 in front of unbound :5353, and:

$ read -r uuid < /proc/sys/kernel/random/uuid
$ dig a $uuid.host
;; ->>HEADER<<- opcode: QUERY; status: NXDOMAIN; id: 35035
;; Flags: qr rd ra; QUERY: 1; ANSWER: 0; AUTHORITY: 1; ADDITIONAL: 0

;; QUESTION SECTION:
;; 2a5630ac-12ac-46fa-b4c7-1fcdddfc2f8b.host.   IN      A

;; AUTHORITY SECTION:
host.                   3600    IN      SOA     ns0.centralnic.net.
hostmaster.centralnic.net. 3000457776 900 1800 6048000 3600

;; Received 124 B
;; Time 2023-09-09 02:07:26 CEST
;; From 127.0.0.1@53(UDP) in 84.1 ms
$ dig a $uuid.host
;; ->>HEADER<<- opcode: QUERY; status: NXDOMAIN; id: 1526
;; Flags: qr rd ra; QUERY: 1; ANSWER: 0; AUTHORITY: 0; ADDITIONAL: 0

;; QUESTION SECTION:
;; 2a5630ac-12ac-46fa-b4c7-1fcdddfc2f8b.host.   IN      A

;; Received 59 B
;; Time 2023-09-09 02:07:29 CEST
;; From 127.0.0.1@53(UDP) in 0.3 ms
$ dig a $uuid.host
;; ->>HEADER<<- opcode: QUERY; status: NXDOMAIN; id: 33318
;; Flags: qr rd ra; QUERY: 1; ANSWER: 0; AUTHORITY: 0; ADDITIONAL: 0

;; QUESTION SECTION:
;; 2a5630ac-12ac-46fa-b4c7-1fcdddfc2f8b.host.   IN      A

;; Received 59 B
;; Time 2023-09-09 02:07:32 CEST
;; From 127.0.0.1@53(UDP) in 0.3 ms


Which is. Probably not right?

Asking for SOA explicitly works:
$ dig soa $uuid.host
;; ->>HEADER<<- opcode: QUERY; status: NXDOMAIN; id: 20830
;; Flags: qr rd ra; QUERY: 1; ANSWER: 0; AUTHORITY: 1; ADDITIONAL: 0

;; QUESTION SECTION:
;; 2a5630ac-12ac-46fa-b4c7-1fcdddfc2f8b.host.   IN      SOA

;; AUTHORITY SECTION:
host.                   3581    IN      SOA     ns0.centralnic.net.
hostmaster.centralnic.net. 3000457776 900 1800 6048000 3600

;; Received 124 B
;; Time 2023-09-09 02:07:46 CEST
;; From 127.0.0.1@53(UDP) in 26.5 ms


And unbound behaves correctly here:

$ dig -p 5353 a $uuid.host
;; ->>HEADER<<- opcode: QUERY; status: NXDOMAIN; id: 33325
;; Flags: qr rd ra; QUERY: 1; ANSWER: 0; AUTHORITY: 1; ADDITIONAL: 0

;; QUESTION SECTION:
;; 2a5630ac-12ac-46fa-b4c7-1fcdddfc2f8b.host.   IN      A

;; AUTHORITY SECTION:
host.                   3462    IN      SOA     ns0.centralnic.net.
hostmaster.centralnic.net. 3000457776 900 1800 6048000 3600

;; Received 124 B
;; Time 2023-09-09 02:09:45 CEST
;; From 127.0.0.1@5353(UDP) in 0.3 ms
$ dig -p 5353 a $uuid.host
;; ->>HEADER<<- opcode: QUERY; status: NXDOMAIN; id: 11425
;; Flags: qr rd ra; QUERY: 1; ANSWER: 0; AUTHORITY: 1; ADDITIONAL: 0

;; QUESTION SECTION:
;; 2a5630ac-12ac-46fa-b4c7-1fcdddfc2f8b.host.   IN      A

;; AUTHORITY SECTION:
host.                   3462    IN      SOA     ns0.centralnic.net.
hostmaster.centralnic.net. 3000457776 900 1800 6048000 3600

;; Received 124 B
;; Time 2023-09-09 02:09:45 CEST
;; From 127.0.0.1@5353(UDP) in 0.3 ms
$ dig -p 5353 soa $uuid.host
;; ->>HEADER<<- opcode: QUERY; status: NXDOMAIN; id: 47525
;; Flags: qr rd ra; QUERY: 1; ANSWER: 0; AUTHORITY: 1; ADDITIONAL: 0

;; QUESTION SECTION:
;; 2a5630ac-12ac-46fa-b4c7-1fcdddfc2f8b.host.   IN      SOA

;; AUTHORITY SECTION:
host.                   3458    IN      SOA     ns0.centralnic.net.
hostmaster.centralnic.net. 3000457776 900 1800 6048000 3600

;; Received 124 B
;; Time 2023-09-09 02:09:49 CEST
;; From 127.0.0.1@5353(UDP) in 0.4 ms


So this is a............. dnsmasq cache-hit thing?

Best,
наб

-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 
'stable-debug'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-9-amd64 (SMP w/24 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_FIRMWARE_WORKAROUND, 
TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages dnsmasq depends on:
ii  dnsmasq-base [dnsmasq-base]  2.89-1
ii  init-system-helpers          1.65.2
ii  netbase                      6.4
ii  runit-helper                 2.15.2
ii  sysvinit-utils [lsb-base]    3.06-4

dnsmasq recommends no packages.

Versions of packages dnsmasq suggests:
pn  resolvconf  <none>

-- Configuration Files:
/etc/default/dnsmasq changed:
ENABLED=1
CONFIG_DIR=/etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new
IGNORE_RESOLVCONF=yes

/etc/dnsmasq.conf changed:
domain-needed
bogus-priv
no-resolv
server=127.0.0.1#5353
interface=bridge1
bind-interfaces
expand-hosts
domain=nabijaczleweli.xyz
local-ttl=300
localise-queries
cache-size=10000
log-async


-- no debconf information

signature.asc
Description: PGP signature

Bug#1051517: dnsmasq: only returns SOA for A queries on the first (going-to-upstream) query, returns empty on subsequent ones

Reply via email to