Habbie
commented
1 year ago Alternative outcome: we move the UDP path to stubDoResolve too.
Open klaus-nicat opened 1 year ago
Habbie
commented
1 year ago Alternative outcome: we move the UDP path to stubDoResolve too.
klaus-nicat
commented
1 year ago A very fast workaround/fix until a clean solution:
local.sin4.sin_port = htons(32768+dns_random(28000));
zeha
commented
2 months ago Alternative outcome: we move the UDP path to stubDoResolve too.
I did the simple thing and made the port range configurable.
Moving the UDP path into stubDoResolve would imply having a thread pool, I guess? If I misunderstood, please explain what you had in mind there :)
Habbie
commented
2 months ago Moving the UDP path into
stubDoResolvewould imply having a thread pool, I guess? If I misunderstood, please explain what you had in mind there :)
It's already in a thread pool - the one holding database connections, which are not free. So a separate thread pool might be cool, but also is not easy.
However, meanwhile people solve this with LUA (which also runs in the thread holding a db connection) and they appear to be happy. So just calling stubDoResolve from the packet handler might just be fine. It would also simplify a few things, including DNSSEC.
Short description
When PowerDNS resolves ALIAS targets in UDP mode, it uses https://github.com/PowerDNS/pdns/blob/master/pdns/dnsproxy.cc#L67 which chooses a random port and uses this for the PDNS lifetime. This works around the typical Linux ephmeral port selection and hence may cause conflicts with other local services running on high ports.
One solution would be to just let the OS select the ephmeral port, ie:
Environment