Hi, Good news is that on git HEAD there's no such bug! 🎉
But it's reproducible on dnsmasq 2.86 https://thekelleys.org.uk/dnsmasq/dnsmasq-2.86.tar.gz Maybe it would be useful if you'd like to trace the cause/fix. /usr/local/sbin/dnsmasq -k --log-facility=- --server=/com/8.8.8.8 --log-queries=extra --log-debug --port=10054 --cache-size=0 1. dig +short -p 10054 example.com dnsmasq[1479386]: 1 127.0.0.1/54512 query[A] example.com from 127.0.0.1 dnsmasq[1479386]: 1 127.0.0.1/54512 forwarded example.com to 8.8.8.8 2. dig +short +tcp -p 10054 example.com dnsmasq[1482914]: 3 127.0.0.1/35851 query[A] example.com from 127.0.0.1 dnsmasq[1482914]: 3 127.0.0.1/35851 forwarded example.com to 8.8.8.8 3. dig +short +tcp -p 10054 example.COM dnsmasq[1484740]: 103 127.0.0.1/35249 query[A] example.COM from 127.0.0.1 dnsmasq[1484740]: 103 127.0.0.1/35249 forwarded example.COM to 127.0.0.1 On Thu, Sep 15, 2022 at 10:59 AM Simon Kelley <si...@thekelleys.org.uk> wrote: > > > On 14/09/2022 22:32, Dmitry Pasiukevich via Dnsmasq-discuss wrote: > > Hi, > > > > TLDR: DNS request to dnsmasq with upper-case domain is handled > > differently if request is sent over TCP vs UDP > > > > I run a server to forward "cluster.local" queries to another process: > > > /usr/sbin/dnsmasq-k--cache-size=1000--no-negcache--dns-forward-max=1500--log-facility=---server=/cluster.local/ > 127.0.0.1#10053--log-queries=extra--log-debug > > <http://127.0.0.1/#10053--log-queries=extra--log-debug> > > > > dnsmasq 2.86 with IP 10.64.0.7 > > > > 1. When I run: > > dig +tcp kubernetes.default.svc.cluster.LOCAL @10.64.0.7 < > http://10.64.0.7/> > > > > I get NOERROR but no data in the response. dnsmasq logs: > > I0913 06:15:04.790606 1 nanny.go:146] dnsmasq[86]: 44065 > > 10.64.1.4/33015 <http://10.64.1.4/33015> query[A] > > kubernetes.default.svc.CLUSTER.LOCAL from 10.64.1.4 > > I0913 06:15:04.851065 1 nanny.go:146] dnsmasq[86]: 44065 > > 10.64.1.4/33015 <http://10.64.1.4/33015> forwarded > > kubernetes.default.svc.CLUSTER.LOCAL to 169.254.169.254 > > > > As you can see dnsmasq doesn't modify the domain. Because it's a > > "CLUSTER.LOCAL" and not a "cluster.local" it's forwarded to the server > > 169.254.169.254 set in the /etc/resolv.conf. And not the > > --server=/cluster.local/127.0.0.1#10053 <http://127.0.0.1/#10053> > > > > 2. When I run exactly the same query but over UDP not TCP: > > dig kubernetes.default.svc.CLUSTER.LOCAL @10.64.0.7 <http://10.64.0.7/> > > > > I get NOERROR and correct response: > > kubernetes.default.svc.CLUSTER.LOCAL. 30 IN A 10.68.0.1 > > > > dnsmasq logs in this case: > > I0913 06:19:20.820425 1 nanny.go:146] dnsmasq[11]: 44471 > > 10.64.1.4/49622 <http://10.64.1.4/49622> query[A] > > kubernetes.default.svc.CLUSTER.LOCAL from 10.64.1.4 > > I0913 06:19:20.820866 1 nanny.go:146] dnsmasq[11]: 44471 > > 10.64.1.4/49622 <http://10.64.1.4/49622> forwarded > > kubernetes.default.svc.cluster.local to 127.0.0.1 > > > > In this case the domain in the query is changed to the lower-case and it > > matches "cluster.local" and forwards to 127.0.0.1 as expected. > > > > 3. When I run exactly the same query over TCP but fully lower-case it > > works as well. > > > > Is this a bug or intended behaviour or maybe I misunderstood the logs? > > Thanks! > > > > Definitely not intended behaviour. > > Also not immediately reproducible in the current development code, > though I don't recall fixing anything that might cause this. Would it be > easy for you to repeat the tests using the git HEAD branch for a quick > win? If that fails for you I'll try harder to reproduce the problem. > > > Cheers, > > Simon. > > > _______________________________________________ > > Dnsmasq-discuss mailing list > > Dnsmasq-discuss@lists.thekelleys.org.uk > > https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss > > _______________________________________________ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss > -- Dmitry Pasiukevich Software Engineer
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
