Issue #12838 has been updated by Jon-Erik Schneiderhan.


I looked through some of the DNS RFCs, at the suggestion of a colleague, to see if there was any mention of a standard way of dealing with duplicate responses. I didn't see anything specifically calling out duplicates, but I did find this section in the "Resolver Implementation" section of RFC 1035:

> The next step is to match the response to a current resolver request. The recommended strategy is to do a preliminary matching using the ID field in the domain header, and then to verify that the question section corresponds to the information currently desired.  This requires that the transmission algorithm devote several bits of the domain ID field to a request identifier of some sort.

I think the current problem is that the transaction ID in the response is not being matched up with the transaction ID in the request. "sender_for(from, msg)" is looking up the sender based on the ID in the response, but it is never checked to see if the ID matches the ID of the message sent earlier on in the "request" method.

----------------------------------------
Bug #12838: Duplication of UDP packets for DNS responses causing "no address" results for valid hostnames
https://bugs.ruby-lang.org/issues/12838#change-60901

* Author: Jon-Erik Schneiderhan
* Status: Open
* Priority: Normal
* Assignee: 
* ruby -v: ruby 2.3.1p112 (2016-04-26 revision 54768) [x86_64-darwin14]
* Backport: 2.1: UNKNOWN, 2.2: UNKNOWN, 2.3: UNKNOWN
----------------------------------------
A network that I'm running a Ruby app on has an issue where it is duplicating UDP packets (a separate issue that I need to fix). This is resulting in intermittent "not found" results for valid hostnames.

In my case, my resolver is setup to use multiple search domains, say bad1.com, bad2.com, and good.com. A lookup for hostname 'example' will perform lookups on example.bad1.com, example.bad2.com, example.good.com, and then finally plain 'example'. Say example.good.com is a valid hostname with a corresponding record. What I am seeing is that the duplication of the response s for the first two DNS queries are being read as the response for example.good.com, and I am getting a "no address for example.good.com" error message. Note that this is only happening every once in awhile, when the responses are duplicated.

I have been able to reproduce with the attached server.rb and client.rb files. I also noticed that if I changed the following line to:

https://github.com/ruby/ruby/blob/5827d8e887d881eb3a6e6ea7410590261c90545f/lib/resolv.rb#L709
if (s = sender_for(from, msg)) && s == sender

then my problems went away. I have to admit though, I don't really understand the entirely of that file. Not from lack of effort.

You should be able to reproduce the error by running server.rb and client.rb. You may need to use sudo for server.rb in order to bind to port 53 (or you can modify the files to use a higher port).

---Files--------------------------------
server.rb (2.17 KB)
client.rb (239 Bytes)
check-sender.diff (429 Bytes)


-- 
https://bugs.ruby-lang.org/

Unsubscribe: <mailto:ruby-core-request / ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>