Bug 3431 - Error running query: dns: failed to unpack truncated message - What does this even mean?
Error running query: dns: failed to unpack truncated message - What does this...
Status: ASSIGNED
Product: unbound
Classification: Unclassified
Component: server
unspecified
x86_64 Windows
: P5 normal
Assigned To: unbound team
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-01-17 21:46 CET by own3mall
Modified: 2018-01-18 08:47 CET (History)
2 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description own3mall 2018-01-17 21:46:28 CET
https://community.letsencrypt.org/t/no-valid-ip-addresses-found-for-dns-a-record-exists-and-works/50528

What is the output of unbound trying to say here "Error running query: dns: failed to unpack truncated message"?  What's wrong with the way I setup my DNS?  It appears to resolve in normal environments without any issues.
Comment 1 Wouter Wijngaards 2018-01-18 08:24:56 CET
Hi own3mall,

This seems to be printed by the unboundtest.com script.  I guess what might be happening is that the result is large and the TC bit is set.  Unbound does not log that string.  This seems to also be what mnordhoff is saying in your referenced thread.

Best regards, Wouter
Comment 2 Wouter Wijngaards 2018-01-18 08:47:57 CET
Hi,

The referenced domain has a very large server set, that makes the response 1116 bytes because of authority section processing.  This doesn't upset most servers, because of the EDNS support they have (and 4K buffers).  For unbound there is an option for unbound.conf, minimal-responses: yes

That option should make unbound omit the large authority section to clients, making the response smaller.  This doesn't actually fix that smaller buffer in the querying scripts, but responses are made a little smaller by unbound and then are more likely to fit.

Best regards, Wouter