[Bug 1818217] Re: Systemd Resolve cache handling issues
Abam
1818217 at bugs.launchpad.net
Mon Mar 4 14:57:24 UTC 2019
** Description changed:
I am facing really strange issues with systemd-resolved.
-
Local cache of DNS replies seems to be unreliable.
For example, when a try to get ANY record for github.com, I get A, AAAA,
MX, CAA, TXT and NS records.
- When the TTL of entries expires, the same request is this ignoring them.
+ When the TTL of entries expires, the same request is just ignoring them.
The result is getting narrowed.
-
First try:
dig ANY github.com
; <<>> DiG 9.11.3-1ubuntu1.5-Ubuntu <<>> ANY github.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4140
;; flags: qr rd ra; QUERY: 1, ANSWER: 18, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;github.com. IN ANY
;; ANSWER SECTION:
github.com. 227 IN SOA ns-1707.awsdns-21.co.uk. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
github.com. 2927 IN MX 10 alt4.aspmx.l.google.com.
github.com. 2927 IN MX 1 aspmx.l.google.com.
github.com. 2927 IN MX 5 alt1.aspmx.l.google.com.
github.com. 2927 IN MX 5 alt2.aspmx.l.google.com.
github.com. 2927 IN MX 10 alt3.aspmx.l.google.com.
github.com. 2927 IN TXT "MS=6BF03E6AF5CB689E315FB6199603BABF2C88D805"
github.com. 2927 IN TXT "docusign=087098e3-3d46-47b7-9b4e-8a23028154cd"
github.com. 2927 IN TXT "v=spf1 ip4:192.30.252.0/22 ip4:208.74.204.0/22 ip4:46.19.168.0/23 include:_spf.google.com include:esp.github.com include:_spf.createsend.com include:servers.mcsv.net ~all"
github.com. 2927 IN TXT "MS=ms44452932"
github.com. 227 IN NS ns-421.awsdns-52.com.
github.com. 227 IN NS ns4.p16.dynect.net.
github.com. 227 IN NS ns3.p16.dynect.net.
github.com. 227 IN NS ns-1707.awsdns-21.co.uk.
github.com. 227 IN NS ns2.p16.dynect.net.
github.com. 227 IN NS ns1.p16.dynect.net.
github.com. 227 IN NS ns-520.awsdns-01.net.
github.com. 227 IN NS ns-1283.awsdns-32.org.
;; Query time: 9 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Fri Mar 01 12:13:58 CET 2019
;; MSG SIZE rcvd: 758
-
Second try (A records are now missing):
dig ANY github.com
; <<>> DiG 9.11.3-1ubuntu1.5-Ubuntu <<>> ANY github.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42356
;; flags: qr rd ra; QUERY: 1, ANSWER: 18, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;github.com. IN ANY
;; ANSWER SECTION:
github.com. 30 IN SOA ns-1707.awsdns-21.co.uk. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
github.com. 2730 IN MX 5 alt2.aspmx.l.google.com.
github.com. 2730 IN MX 10 alt3.aspmx.l.google.com.
github.com. 2730 IN MX 10 alt4.aspmx.l.google.com.
github.com. 2730 IN MX 1 aspmx.l.google.com.
github.com. 2730 IN MX 5 alt1.aspmx.l.google.com.
github.com. 2730 IN TXT "v=spf1 ip4:192.30.252.0/22 ip4:208.74.204.0/22 ip4:46.19.168.0/23 include:_spf.google.com include:esp.github.com include:_spf.createsend.com include:servers.mcsv.net ~all"
github.com. 2730 IN TXT "MS=ms44452932"
github.com. 2730 IN TXT "MS=6BF03E6AF5CB689E315FB6199603BABF2C88D805"
github.com. 2730 IN TXT "docusign=087098e3-3d46-47b7-9b4e-8a23028154cd"
github.com. 30 IN NS ns1.p16.dynect.net.
github.com. 30 IN NS ns-421.awsdns-52.com.
github.com. 30 IN NS ns2.p16.dynect.net.
github.com. 30 IN NS ns4.p16.dynect.net.
github.com. 30 IN NS ns-1707.awsdns-21.co.uk.
github.com. 30 IN NS ns-1283.awsdns-32.org.
github.com. 30 IN NS ns-520.awsdns-01.net.
github.com. 30 IN NS ns3.p16.dynect.net.
;; Query time: 8 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Fri Mar 01 12:17:15 CET 2019
;; MSG SIZE rcvd: 758
-
Third try (No more NS) :
dig ANY github.com
; <<>> DiG 9.11.3-1ubuntu1.5-Ubuntu <<>> ANY github.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34183
;; flags: qr rd ra; QUERY: 1, ANSWER: 9, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;github.com. IN ANY
;; ANSWER SECTION:
github.com. 2688 IN MX 10 alt4.aspmx.l.google.com.
github.com. 2688 IN MX 1 aspmx.l.google.com.
github.com. 2688 IN MX 5 alt1.aspmx.l.google.com.
github.com. 2688 IN MX 5 alt2.aspmx.l.google.com.
github.com. 2688 IN MX 10 alt3.aspmx.l.google.com.
github.com. 2688 IN TXT "MS=ms44452932"
github.com. 2688 IN TXT "MS=6BF03E6AF5CB689E315FB6199603BABF2C88D805"
github.com. 2688 IN TXT "docusign=087098e3-3d46-47b7-9b4e-8a23028154cd"
github.com. 2688 IN TXT "v=spf1 ip4:192.30.252.0/22 ip4:208.74.204.0/22 ip4:46.19.168.0/23 include:_spf.google.com include:esp.github.com include:_spf.createsend.com include:servers.mcsv.net ~all"
;; Query time: 3 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Fri Mar 01 12:17:57 CET 2019
;; MSG SIZE rcvd: 477
And so on.
- That's not the only bug that I have noticed. If I look for an non existing record, the response is cached. And any legit request is this ignored. See https://github.com/systemd/systemd/issues/11789 for more details.
-
-
- Try to resolv github.com CNAME record dig CNAME github.com
-
- This will return an empty result.
-
- Then try to resolve github.com A record dig A github.com.
-
- This will now return empty result unless you restart systemd-resolved or
- wait for cache expiration.
-
-
systemd version the issue has been seen with
Installed: 237-3ubuntu10.13
Used distribution
Distributor ID: Ubuntu
Description: Ubuntu 18.04.2 LTS
Release: 18.04
Codename: bionic
+ dnsutils version
- Note: I am facing the same issues in ubuntu 16.04 with systemd 229-4ubuntu21.2.
+ 9.11.3+dfsg-1ubuntu1.5
+
+
+ Note: I am facing the same issues in ubuntu 16.04 with systemd
+ 229-4ubuntu21.2.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1818217
Title:
Bind9 cache handling issues for dig ANY request
Status in systemd package in Ubuntu:
New
Bug description:
I am facing really strange issues with systemd-resolved.
Local cache of DNS replies seems to be unreliable.
For example, when a try to get ANY record for github.com, I get A,
AAAA, MX, CAA, TXT and NS records.
When the TTL of entries expires, the same request is just ignoring
them. The result is getting narrowed.
First try:
dig ANY github.com
; <<>> DiG 9.11.3-1ubuntu1.5-Ubuntu <<>> ANY github.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4140
;; flags: qr rd ra; QUERY: 1, ANSWER: 18, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;github.com. IN ANY
;; ANSWER SECTION:
github.com. 227 IN SOA ns-1707.awsdns-21.co.uk. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
github.com. 2927 IN MX 10 alt4.aspmx.l.google.com.
github.com. 2927 IN MX 1 aspmx.l.google.com.
github.com. 2927 IN MX 5 alt1.aspmx.l.google.com.
github.com. 2927 IN MX 5 alt2.aspmx.l.google.com.
github.com. 2927 IN MX 10 alt3.aspmx.l.google.com.
github.com. 2927 IN TXT "MS=6BF03E6AF5CB689E315FB6199603BABF2C88D805"
github.com. 2927 IN TXT "docusign=087098e3-3d46-47b7-9b4e-8a23028154cd"
github.com. 2927 IN TXT "v=spf1 ip4:192.30.252.0/22 ip4:208.74.204.0/22 ip4:46.19.168.0/23 include:_spf.google.com include:esp.github.com include:_spf.createsend.com include:servers.mcsv.net ~all"
github.com. 2927 IN TXT "MS=ms44452932"
github.com. 227 IN NS ns-421.awsdns-52.com.
github.com. 227 IN NS ns4.p16.dynect.net.
github.com. 227 IN NS ns3.p16.dynect.net.
github.com. 227 IN NS ns-1707.awsdns-21.co.uk.
github.com. 227 IN NS ns2.p16.dynect.net.
github.com. 227 IN NS ns1.p16.dynect.net.
github.com. 227 IN NS ns-520.awsdns-01.net.
github.com. 227 IN NS ns-1283.awsdns-32.org.
;; Query time: 9 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Fri Mar 01 12:13:58 CET 2019
;; MSG SIZE rcvd: 758
Second try (A records are now missing):
dig ANY github.com
; <<>> DiG 9.11.3-1ubuntu1.5-Ubuntu <<>> ANY github.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42356
;; flags: qr rd ra; QUERY: 1, ANSWER: 18, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;github.com. IN ANY
;; ANSWER SECTION:
github.com. 30 IN SOA ns-1707.awsdns-21.co.uk. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
github.com. 2730 IN MX 5 alt2.aspmx.l.google.com.
github.com. 2730 IN MX 10 alt3.aspmx.l.google.com.
github.com. 2730 IN MX 10 alt4.aspmx.l.google.com.
github.com. 2730 IN MX 1 aspmx.l.google.com.
github.com. 2730 IN MX 5 alt1.aspmx.l.google.com.
github.com. 2730 IN TXT "v=spf1 ip4:192.30.252.0/22 ip4:208.74.204.0/22 ip4:46.19.168.0/23 include:_spf.google.com include:esp.github.com include:_spf.createsend.com include:servers.mcsv.net ~all"
github.com. 2730 IN TXT "MS=ms44452932"
github.com. 2730 IN TXT "MS=6BF03E6AF5CB689E315FB6199603BABF2C88D805"
github.com. 2730 IN TXT "docusign=087098e3-3d46-47b7-9b4e-8a23028154cd"
github.com. 30 IN NS ns1.p16.dynect.net.
github.com. 30 IN NS ns-421.awsdns-52.com.
github.com. 30 IN NS ns2.p16.dynect.net.
github.com. 30 IN NS ns4.p16.dynect.net.
github.com. 30 IN NS ns-1707.awsdns-21.co.uk.
github.com. 30 IN NS ns-1283.awsdns-32.org.
github.com. 30 IN NS ns-520.awsdns-01.net.
github.com. 30 IN NS ns3.p16.dynect.net.
;; Query time: 8 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Fri Mar 01 12:17:15 CET 2019
;; MSG SIZE rcvd: 758
Third try (No more NS) :
dig ANY github.com
; <<>> DiG 9.11.3-1ubuntu1.5-Ubuntu <<>> ANY github.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34183
;; flags: qr rd ra; QUERY: 1, ANSWER: 9, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;github.com. IN ANY
;; ANSWER SECTION:
github.com. 2688 IN MX 10 alt4.aspmx.l.google.com.
github.com. 2688 IN MX 1 aspmx.l.google.com.
github.com. 2688 IN MX 5 alt1.aspmx.l.google.com.
github.com. 2688 IN MX 5 alt2.aspmx.l.google.com.
github.com. 2688 IN MX 10 alt3.aspmx.l.google.com.
github.com. 2688 IN TXT "MS=ms44452932"
github.com. 2688 IN TXT "MS=6BF03E6AF5CB689E315FB6199603BABF2C88D805"
github.com. 2688 IN TXT "docusign=087098e3-3d46-47b7-9b4e-8a23028154cd"
github.com. 2688 IN TXT "v=spf1 ip4:192.30.252.0/22 ip4:208.74.204.0/22 ip4:46.19.168.0/23 include:_spf.google.com include:esp.github.com include:_spf.createsend.com include:servers.mcsv.net ~all"
;; Query time: 3 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Fri Mar 01 12:17:57 CET 2019
;; MSG SIZE rcvd: 477
And so on.
systemd version the issue has been seen with
Installed: 237-3ubuntu10.13
Used distribution
Distributor ID: Ubuntu
Description: Ubuntu 18.04.2 LTS
Release: 18.04
Codename: bionic
dnsutils version
9.11.3+dfsg-1ubuntu1.5
Note: I am facing the same issues in ubuntu 16.04 with systemd
229-4ubuntu21.2.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1818217/+subscriptions
More information about the foundations-bugs
mailing list