Bug 766 - dns64 should synthesize results on timeout/errors
dns64 should synthesize results on timeout/errors
Status: RESOLVED FIXED
Product: unbound
Classification: Unclassified
Component: server
1.5.8
Other All
: P5 normal
Assigned To: unbound team
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-05-20 00:45 CEST by dsp
Modified: 2016-05-20 08:36 CEST (History)
2 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description dsp 2016-05-20 00:45:42 CEST
Presently, the dns64 module will only synthesize an answer when it receives a noerror/nodata response for the AAAA query.  IETF RFC 6147 section 5.1.2 states that AAAA should be synthesized for non-zero rcodes other than 3 (nxdomain):

<https://tools.ietf.org/html/rfc6147#section-5.1.2>

We ran into this querying portal.adp.com.  That cnames to portal.gslb.adp.com.  The nameservers for gslb.adp.com do not respond to AAAA queries, but do respond to A and other qtypes.

The same RFC goes on in section 5.1.3 to state that timeouts should be treated as rcode 2 (servfail), and I believe the implication is that you'd then synthesize for this case too.
Comment 1 Wouter Wijngaards 2016-05-20 08:36:55 CEST
Hi DSP,

Fixed with this patch:
Index: dns64/dns64.c
===================================================================
--- dns64/dns64.c        (revision 3720)
+++ dns64/dns64.c        (working copy)
@@ -521,13 +521,14 @@
      *   - An internal query.
      *   - A query for a record type other than AAAA.
      *   - CD FLAG was set on querier
-     *   - An AAAA query for which an error was returned.
+     *   - An AAAA query for which an error was returned.(qstate.return_rcode)
+     *     -> treated as servfail thus synthesize (sec 5.1.3 6147), thus
+     *        synthesize in (sec 5.1.2 of RFC6147).
      *   - A successful AAAA query with an answer.
      */
         if ( (enum dns64_qstate)qstate->minfo[id] == DNS64_INTERNAL_QUERY
             || qstate->qinfo.qtype != LDNS_RR_TYPE_AAAA
             || (qstate->query_flags & BIT_CD)
-            || qstate->return_rcode != LDNS_RCODE_NOERROR  
             || (qstate->return_msg &&
                     qstate->return_msg->rep &&
                     reply_find_answer_rrset(&qstate->qinfo,

Thank you for the report.

Best regards, Wouter