Sources Bugzilla – Bug 12684
Multi-request DNS lookups do not properly fall back to secondary nameserver
Last modified: 2011-06-16 02:45:38 UTC
Created attachment 5678 [details] proposed patch The resolver does not properly handle a case where AF_UNSPEC query is started, two requests are therefore dispatched, and something like NOTIMP or SERVFAIL is returned to one of them (e.g. AF_INET6). In this case, the second nameserver in queue is not queried even though it should be. It is caused by an omission of resplen = 0 in the appropriate branch of send_dg() - therefore, when checking whether next nameserver should be queried, it is assumed that a proper reply was received from the first one.
I agree, something is wrong. But it's a bad idea to try the next server in case of NOTIMP replies etc for just one of the requests. Imagine all the servers return these errors. In this case it is better to live with the one successful answer. I added an appropriate patch.
$ nss/getent ahosts example.com ;; res_setoptions(" debug ", "conf").. ;; debug dots=1, statp->ndots=1, trailing_dot=0, name=example.com ;; res_nquerydomain(example.com, <Nil>, 1, 62321) ;; res_query(example.com, 1, 62321) ;; res_nmkquery(QUERY, example.com, IN, A) ;; res_nmkquery(QUERY, example.com, IN, AAAA) ;; res_send() ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24983 ;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; example.com, type = A, class = IN ;; Querying server (# 1) address = 127.0.0.1 res_send: send: Connection refused ;; got answer: ;; ns_initparse: Message too long ;; ns_initparse: Message too long Segmentation fault
Don't reopen bugs for reasons like this. The problem was caused by the patch but has nothing to do with the original problem. This is very much misleading. I've added a patch to fix two typos which caused crashes.