Bug 4144 - dns64 module caches wrong (negative) information
dns64 module caches wrong (negative) information
Status: RESOLVED FIXED
Product: unbound
Classification: Unclassified
Component: server
unspecified
x86_64 Linux
: P5 normal
Assigned To: unbound team
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-08-10 02:40 CEST by minoura
Modified: 2018-08-11 07:09 CEST (History)
3 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description minoura 2018-08-10 02:40:50 CEST
When dns64 module is configured, and validator module is disabled (module-config: "dns64 iterator"), querying a CNAME that points to another name without a AAAA seems to leave a wrong negative cache entry of the target name.

Confirmed with 1.7.3, HEAD (as of yesterday), 1.6.6-1.el7.x86_64 RPM, all on CentOS Linux release 7.4.1708 (Core)

Example A:
$ host -t AAAA jp.archive.ubuntu.com ::1
Using domain server:
Name: ::1
Address: ::1#53
Aliases: 

jp.archive.ubuntu.com is an alias for ubuntutym.u-toyama.ac.jp.
ubuntutym.u-toyama.ac.jp is an alias for ubuntutym3.u-toyama.ac.jp.
ubuntutym3.u-toyama.ac.jp has IPv6 address 64:ff9b::a01a:2bb
$ host -t AAAA ubuntutym3.u-toyama.ac.jp ::1
Using domain server:
Name: ::1
Address: ::1#53
Aliases: 

ubuntutym3.u-toyama.ac.jp has no AAAA record

Other examples: de.archive.ubuntu.com, www.hitachi.co.jp, www.amazon.co.jp


Example B: similar names that do not reproduce the problem:
$ host -t AAAA www.yahoo.co.jp ::1
Using domain server:
Name: ::1
Address: ::1#53
Aliases: 

www.yahoo.co.jp is an alias for edge.g.yimg.jp.
edge.g.yimg.jp has IPv6 address 64:ff9b::b616:1ffc
$ host -t AAAA edge.g.yimg.jp ::1
Using domain server:
Name: ::1
Address: ::1#53
Aliases: 

edge.g.yimg.jp has IPv6 address 64:ff9b::b616:1ffc

Other examples: www.abc.com


For examples A, unbound seems to reply with an authority RR but it does not for examples B:
(packet dump)
Domain Name System (response)
    Transaction ID: 0x6c26
    Flags: 0x8180 Standard query response, No error
(snip)
    Questions: 1
    Answer RRs: 0
    Authority RRs: 1
    Additional RRs: 1
    Queries
        ubuntutym3.u-toyama.ac.jp: type AAAA, class IN


Domain Name System (response)
    Transaction ID: 0xdabf
    Flags: 0x8180 Standard query response, No error
(snip)
    Questions: 1
    Answer RRs: 1
    Authority RRs: 0
    Additional RRs: 1
    Queries
        edge.g.yimg.jp: type A, class IN


For examples A, there are correct entries in the RRSet cache but not in the MSG cache:

# unbound-control dump_cache
START_RRSET_CACHE
...
;rrset 86398 1 0 8 0
ubuntutym3.u-toyama.ac.jp.      86398   IN      AAAA    64:ff9b::a01a:2bb
...
END_RRSET_CACHE
START_MSG_CACHE
...
msg ubuntutym3.u-toyama.ac.jp. IN AAAA 32896 1 3598 0 0 1 0
u-toyama.ac.jp. IN SOA 4
...
Comment 1 Wouter Wijngaards 2018-08-10 08:15:44 CEST
Hi Minoura,

Do you have private-address: ... set for IPv6 addresses?

That would also remove the IPv6 address from resolution, and leave an empty msg in the cache, as you observed.

Best regards, Wouter
Comment 2 minoura 2018-08-10 09:39:39 CEST
No, I don't. The default unbound.conf (example.conf) file just with one modified line, module-config:, could reproduce the problem.
Comment 3 Wouter Wijngaards 2018-08-10 10:05:22 CEST
Hi Minoura,

Fixed the bug, it removes the offending AAAA msg cache entry.  This diff is below and can also be found in the code repository.  Thank you for the report!

Best regards, Wouter


Index: dns64/dns64.c
===================================================================
--- dns64/dns64.c	(revision 4845)
+++ dns64/dns64.c	(working copy)
@@ -809,6 +809,12 @@
 			rrset_cache_remove(super->env->rrset_cache, dk->rk.dname, 
 					   dk->rk.dname_len, LDNS_RR_TYPE_AAAA, 
 					   LDNS_RR_CLASS_IN, 0);
+			/* Delete negative AAAA in msg cache for CNAMEs,
+			 * stored by the iterator module */
+			if(i != 0) /* if not the first RR */
+			    msg_cache_remove(super->env, dk->rk.dname,
+				dk->rk.dname_len, LDNS_RR_TYPE_AAAA,
+				LDNS_RR_CLASS_IN, 0);
 		} else {
 			dk->entry.hash = fk->entry.hash;
 			dk->rk.dname = (uint8_t*)regional_alloc_init(super->region,
Index: services/cache/dns.c
===================================================================
--- services/cache/dns.c	(revision 4845)
+++ services/cache/dns.c	(working copy)
@@ -109,7 +109,7 @@
 }
 
 /** delete message from message cache */
-static void
+void
 msg_cache_remove(struct module_env* env, uint8_t* qname, size_t qnamelen, 
 	uint16_t qtype, uint16_t qclass, uint16_t flags)
 {
Index: services/cache/dns.h
===================================================================
--- services/cache/dns.h	(revision 4845)
+++ services/cache/dns.h	(working copy)
@@ -238,4 +238,16 @@
 	uint8_t* qname, size_t qnamelen, uint16_t qtype, uint16_t qclass,
 	uint16_t flags, time_t now, int wr);
 
+/**
+ * Remove entry from the message cache.  For unwanted entries.
+ * @param env: with message cache.
+ * @param qname: query name, in wireformat
+ * @param qnamelen: length of qname, including terminating 0.
+ * @param qtype: query type, host order.
+ * @param qclass: query class, host order.
+ * @param flags: flags
+ */
+void msg_cache_remove(struct module_env* env, uint8_t* qname, size_t qnamelen,
+	uint16_t qtype, uint16_t qclass, uint16_t flags);
+
 #endif /* SERVICES_CACHE_DNS_H */
Comment 4 minoura makoto 2018-08-11 07:09:10 CEST
It fixed my problem.  Thanks a lot!