search

matrix-org / matrix-federation-tester

Tester for matrix federation written in golang.
77 stars 17 forks source link

"No SRV Records" for many servers #104

Closed hex-m closed 4 years ago

hex-m commented 4 years ago

I noticed that the tester did not seem to recognize my SRV records. Comparing with other servers it seems that the tester may have a bug? Big servers like matrix.org and tchncs.de are shown to have no SRV records.

But they actually do:

$ dig +short SRV _matrix._tcp.matrix.org
10 5 8443 matrix-federation.matrix.org.cdn.cloudflare.net.

Interestingly, the SRV-record of chat.weho.st is recognized, although it looks exactly like the prior examples to me.

$ dig +short SRV _matrix._tcp.chat.weho.st
0 10 8448 chat.weho.st.
aaronraimist commented 4 years ago

It is working properly. Read https://matrix.org/docs/spec/server_server/r0.1.4#resolving-server-names.

erikjohnston commented 4 years ago

To be more explicit: matrix.org uses a .well-known, which is looked up before checking the SRV records. A lot of servers will have been using SRV and then migrated to .well-known and have just left their SRV records up.

It is a bit confusing, and maybe the federation tester UI should have a little note about that, or display what SRV records were checked (if any).

hex-m commented 4 years ago

Thanks!

So to clarify: When a correct .well-known entry is found, the tester will always say "No SRV Records". In the chat.weho.st example the SRV records are shown because the .well-known request was not successful.

erikjohnston commented 4 years ago

We do a SRV lookup on the record returned by .well-known (unless it contains an explicit port or IP), its just that most people don't use both a .well-known and an SRV record :slightly_smiling_face:

daenney commented 3 years ago

I think this is a really confusing UX thuogh.

"No SRV records" to me means "we checked for the _matrix._tcp. record and didn't find any". Not so much "oh we found a well-known so we skipped SRV checking entirely".

aaronraimist commented 3 years ago

@daenney if you read the message just above, you’ll see it is not skipped entirely, it just doesn’t work how you think it does.

daenney commented 3 years ago

That's fair. But then the frontend is still a bit broken from my point of view. "No SRV records" should mean "we did the equivalent of dig -t SRV" and got a NODATA/NXDOMAIN.

I think what the frontend is trying to convey is "we didn't check for SRV records in this case, because we found a well-known that contained a host:port tuple". Which is perfectly reasonable, since that's how federation is specified to work.

richvdh commented 3 years ago

Ah you have an explicit port. Opened a new issue at https://github.com/matrix-org/fed-tester-ui/issues/25.