dnsproxy report error when dnsmasq uses use-stale-cache option

[cattyhouse]

i feel like this is still an issue worth reporting:

client definition:

the client who uses gateway's dns services, not the client who runs dnsproxy or dnsmasq

gateway definition:

the machine runs dnsproxy and dnsmasq, to provide dns services

only reproducable from macOS client

linux client does not have this issue

on gateway 192.168.1.1 (debian)

1. start dnsmasq on 5353, upstream set to dnsproxy 9999

   dnsmasq --port=5353 --server='127.0.0.1#9999' --use-stale-cache --no-daemon --filter-AAAA --no-resolv --no-poll --domain-needed --log-queries=extra --log-async  --log-debug --log-facility=- --fast-dns-retry --edns-packet-max=1232

2. start dnsproxy on 9999

dnsproxy -l 127.0.0.1 -p 9999 -u https://1.1.1.1/dns-query -u https://8.8.8.8/dns-query --ipv6-disabled --all-servers

on macOS client

while true ; do dig @192.168.1.1 -p 5353 api.github.com +short ; sleep 10 ; done

# we sleep 10 because api.github.com ttl is around 70s

when dnsmasq report after ttl (70s for apt.github.com) expired :

cached-stale api.github.com is 192.30.255.116
forwarded api.github.com to 127.0.0.1#9999
forwarded api.github.com to 127.0.0.1#9999
forwarded api.github.com to 127.0.0.1#9999

# no reply any more

dnsproxy report :

dnsproxy: unpacking udp packet: dns: overflowing header size
dnsproxy: unpacking udp packet: dns: overflowing header size
dnsproxy: unpacking udp packet: dns: overflowing header size
dnsproxy: unpacking udp packet: dns: overflowing header size

my conclusion

• this means, the first query was ok, cache was ok, but the query after stale-cache, dnsmasq does not get reply from dnsproxy

• change --server='127.0.0.1#9999' to --server='1.1.1.1' on dnsmasq, it went ok after stale-cache, this means 1.1.1.1 handles dnsmasq query after stale-cache ok. but dnsproxy does not handle this

• change dig to other dns tools, same issue. so it is not dig's issue.

on Linux client and gateway itself

same command while true ; do dig @192.168.1.1 -p 5353 api.github.com +short ; sleep 10 ; done

no issue found on dnsmasq and dnsproxy.

dig output difference

macOS client vs Linux client after gateway stale-cache query

macOS :

; EDNS: version: 0, flags:; udp: 1232
; OPT=15: 00 03 ("..")

Linux :

; EDNS: version: 0, flags:; udp: 1232
; EDE: 3 (Stale Answer)

Questions

• i really like the idea of --use-stale-cache from dnsmasq, and i really like dnsproxy as well
• you mentioned tcpdump, what command should i run on tcpdump to get more info?

[cattyhouse]

the error message is from this project?

https://github.com/miekg/dns/blob/f07f1e694f394f5b205b224f7abdd30d433d8019/msg_helpers.go#L141

[cattyhouse]

tcpdump command on gateway (debian)

tcpdump -nn -s0 -vvv -i lo udp dst port 9999 -T domain
tcpdump: listening on lo, link-type EN10MB (Ethernet), snapshot length 262144 bytes

query from macOS client

• first query, dnsmasq -> dnsproxy

  20:42:13.023644 IP (tos 0x0, ttl 64, id 8429, offset 0, flags [DF], proto UDP (17), length 71)
  127.0.0.1.60938 > 127.0.0.1.9999: 18363+ [1au] A? api.github.com. ar: . OPT UDPsize=1232 (43)

• query after stale-cache, dnsmasq -> dnsproxy

  20:43:03.378250 IP (tos 0x0, ttl 64, id 19309, offset 0, flags [DF], proto UDP (17), length 71)
  127.0.0.1.38170 > 127.0.0.1.9999: 29676+ [1au] A? api.github.com. ar: . OPT [|domain]
  20:43:04.381726 IP (tos 0x0, ttl 64, id 19527, offset 0, flags [DF], proto UDP (17), length 71)
  127.0.0.1.38170 > 127.0.0.1.9999: 29676+ [1au] A? api.github.com. ar: . OPT [|domain]
  20:43:06.385968 IP (tos 0x0, ttl 64, id 19654, offset 0, flags [DF], proto UDP (17), length 71)
  127.0.0.1.38170 > 127.0.0.1.9999: 29676+ [1au] A? api.github.com. ar: . OPT [|domain]

query from Linux client (no issue query from linux client, just here for compare)

• first query, dnsmasq -> dnsproxy

20:44:15.658298 IP (tos 0x0, ttl 64, id 25923, offset 0, flags [DF], proto UDP (17), length 83)
    127.0.0.1.35265 > 127.0.0.1.9999: 15747+ [1au] A? api.github.com. ar: . OPT UDPsize=1232 [COOKIE b2285511cf13d8ae] (55)

• query after stale-cache, dnsmasq -> dnsproxy

20:45:16.328696 IP (tos 0x0, ttl 64, id 31246, offset 0, flags [DF], proto UDP (17), length 83)
    127.0.0.1.50230 > 127.0.0.1.9999: 16837+ [1au] A? api.github.com. ar: . OPT UDPsize=1232 [Opt15 0003] (55)

[cattyhouse]

query from macOS client (tcpdump on gateway with showing hex)

first query , dnsmasq -> dnsproxy

21:13:23.275378 IP (tos 0x0, ttl 64, id 31750, offset 0, flags [DF], proto UDP (17), length 71)
    127.0.0.1.13590 > 127.0.0.1.9999: 16382+ [1au] A? api.github.com. ar: . OPT UDPsize=1232 (43)
        0x0000:  0000 0000 0000 0000 0000 0000 0800 4500  ..............E.
        0x0010:  0047 7c06 4000 4011 c09d 7f00 0001 7f00  .G|.@.@.........
        0x0020:  0001 3516 270f 0033 fe46 3ffe 0120 0001  ..5.'..3.F?.....
        0x0030:  0000 0000 0001 0361 7069 0667 6974 6875  .......api.githu
        0x0040:  6203 636f 6d00 0001 0001 0000 2904 d000  b.com.......)...
        0x0050:  0000 0000 00                             .....

query after stale-cache dnsmasq -> dnsproxy

21:13:44.072807 IP (tos 0x0, ttl 64, id 35421, offset 0, flags [DF], proto UDP (17), length 71)
    127.0.0.1.63375 > 127.0.0.1.9999: 28918+ [1au] A? api.github.com. ar: . OPT [|domain]
        0x0000:  0000 0000 0000 0000 0000 0000 0800 4500  ..............E.
        0x0010:  0047 8a5d 4000 4011 b246 7f00 0001 7f00  .G.]@.@..F......
        0x0020:  0001 f78f 270f 0033 fe46 70f6 0120 0001  ....'..3.Fp.....
        0x0030:  0000 0000 0001 0361 7069 0667 6974 6875  .......api.githu
        0x0040:  6203 636f 6d00 0001 0001 0000 2904 d000  b.com.......)...
        0x0050:  0000 0000 06                             .....

[cattyhouse]

dnsmasq has fixed the issue

https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=d774add784d01c8346b271e8fb5cbedc44d7ed08

/close

[ameshkov]

thank you for reporting this to us and dnsmasq, glad it got resolved