[Bug 1785383] Re: missing EDNS0 record confuses systemd-resolved

Paride Legovini 1785383 at bugs.launchpad.net
Thu Oct 14 13:37:00 UTC 2021 

I retriggered those two tests and they passed.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1785383

Title:
  missing EDNS0 record confuses systemd-resolved

Status in systemd:
  Fix Released
Status in dnsmasq package in Ubuntu:
  Fix Released
Status in systemd package in Ubuntu:
  Fix Released
Status in dnsmasq source package in Bionic:
  Fix Committed
Status in systemd source package in Bionic:
  Fix Released
Status in dnsmasq source package in Focal:
  Fix Released
Status in systemd source package in Focal:
  Fix Released
Status in dnsmasq source package in Groovy:
  Fix Released
Status in systemd source package in Groovy:
  Fix Released
Status in dnsmasq source package in Hirsute:
  Fix Released
Status in systemd source package in Hirsute:
  Fix Released
Status in dnsmasq source package in Impish:
  Fix Released
Status in systemd source package in Impish:
  Fix Released

Bug description:
  [Impact]

  dnsmasq 2.79 and below omits EDNS0 OPT records [1] when returning an
  empty answer for a domain it is authoritative for. systemd-resolved
  seems to get confused by this in certain circumstances; when using the
  stub resolver and requesting an address for which there are no AAAA
  records, there can sometimes be a five second hang in resolution.

  [1] https://en.wikipedia.org/wiki/Extension_Mechanisms_for_DNS

  [Test Plan]

  Test case for bionic:

  -----------------------------------------
  IFACE=dummy0
  SUBNET=10.0.0

  ip link add $IFACE type dummy
  ifconfig $IFACE ${SUBNET}.1/24
  dnsmasq -h -R -d -C /dev/null -2 $IFACE -z -i $IFACE -I lo --host-record=test.test,${SUBNET}.1 --server=/test/ &

  dig -t a test.test @10.0.0.1 | grep EDNS
  # returns "; EDNS ..."
  dig -t aaaa test.test @10.0.0.1 | grep EDNS
  # again, should return "; EDNS ..." but doesn't.
  # does so with the -proposed package.
  -----------------------------------------

  [Where problems could occur]

  Problems may occur in case a client queries dnsmasq and relies on
  EDNS0 not being available for behaving correctly. This covers cases
  where the software querying dnsmasq is buggy or misconfigured.

  [Development Fix]

  Fixed upstream in dnsmasq >= 2.80.

  [Stable Fix]

  Partial cherry-pick of upstream commit
  http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=1682d15a744880b0398af75eadf68fe66128af78

  The cherry-pick is partial because half if it is already in the
  package .diff we have in Bionic.

To manage notifications about this bug go to:
https://bugs.launchpad.net/systemd/+bug/1785383/+subscriptions

More information about the foundations-bugs mailing list