git.ipfire.org Git - thirdparty/haproxy.git/commit

author	Christopher Faulet <cfaulet@haproxy.com>
	Thu, 11 Sep 2025 13:20:35 +0000 (15:20 +0200)
committer	Christopher Faulet <cfaulet@haproxy.com>
	Thu, 11 Sep 2025 13:46:45 +0000 (15:46 +0200)
commit	3023e981998da3dc6fb03de7bd955d5775f68a7b
tree	10f30b82ac041fd60154b41515670d6420ff0a3a	tree \| snapshot
parent	37abe56b186356f570d63d0f6e2fb4b851ae8660	commit \| diff

BUG/MINOR: resolvers: Restore round-robin selection on records in DNS answers

Since the commit dcb696cd3 ("MEDIUM: resolvers: hash the records before
inserting them into the tree"), When several records are found in a DNS
answer, the round robin selection over these records is no longer performed.

Indeed, before a list of records was used. To ensure each records was
selected one after the other, at each selection, the first record of the
list was moved at the end. When this list was replaced bu a tree, the same
mechanism was preserved. However, the record is indexed using its key, a
hash of the record. So its position never changes. When it is removed and
reinserted in the tree, its position remains the same. When we walk though
the tree, starting from the root, the records are always evaluated in the
same order. So, even if there are several records in a DNS answer, the same
IP address is always selected.

It is quite easy to trigger the issue with a do-resolv action.

To fix the issue, the node to perform the next selection is now saved. So
instead of restarting from the root each time, we can restart from the next
node of the previous call.

Thanks to Damien Claisse for the issue analysis and for the reproducer.

This patch should fix the issue #3116. It must be backported as far as 2.6.

include/haproxy/resolvers-t.h		diff \| blob \| blame \| history
src/resolvers.c		diff \| blob \| blame \| history