Hi Remi,
>At a quick glance the only place in the code where we increase the
>'servfail-packets' counter but do not add the offending query to the
>'servfail-queries' ring-buffer is when we receive a query for a DNS name that
>has an 8-bit byte in it and '8bit-dns' [1] is not set >(which is the default),
>so I assume that's what you are experiencing.
Thank you. That could explain my experience...
I just took a look at the sources and found in packethandler.cc at line 1190+
the code you are referring to:
// XXX FIXME do this in DNSPacket::parse ?
if(!validDNSName(p.qdomain)) {
if(d_logDNSDetails)
g_log<<Logger::Error<<"Received a malformed qdomain from
"<<p.getRemote()<<", '"<<p.qdomain<<"': sending servfail"<<endl;
S.inc("corrupt-packets");
S.ringAccount("remotes-corrupt", p.d_remote);
S.inc("servfail-packets");
r->setRcode(RCode::ServFail);
return r;
}
>Note that in that case we also increase the 'corrupt-packets' counter and
>place the offending query into the 'remotes-corrupt' ring-buffer,
I'm afraid, this is not the case. In "remotes-corrupt" ring-buffer, i can only
find the IP address and a "value" (in my case range from 1 to 3) which i don't
understand...
>so you might be able to figure out what query caused this. Be aware however
>that there are other cases where we increase >'corrupt-packets' and insert
>into 'remotes-corrupt', like a QR or TC bit set in a query, or a query that we
>simply could not parse.
Thanks.
I turned on 8-bit-dns and will see, what happens...
Regards
MK
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
