From: Baptiste Assmann <bassmann@haproxy.com>
Date: Mon, 21 Aug 2017 14:51:09 +0000 (+0200)
Subject: MINOR: dns: automatic reduction of DNS accpeted payload size
X-Git-Tag: v1.8-dev3~163
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e70bc05b3a62ca84b5ce4440d340440f00411886;p=thirdparty%2Fhaproxy.git

MINOR: dns: automatic reduction of DNS accpeted payload size

RFC 6891 states that if a DNS client announces "big" payload size and
doesn't receive a response (because some equipments on the path may
block/drop UDP fragmented packets), then it should try asking for
smaller responses.
---

diff --git a/src/dns.c b/src/dns.c
index 62291fe1fc..52e02026ff 100644
--- a/src/dns.c
+++ b/src/dns.c
@@ -2085,6 +2085,12 @@ struct task *dns_process_resolve(struct task *t)
 				LIST_DEL(&requester->list);
 				LIST_ADDQ(&resolution->requester.wait, &requester->list);
 			}
+
+			/* this might be triggered by too big UDP packets dropped
+			 * somewhere on the network, so lowering the accepted_payload_size
+			 * announced */
+			if (resolvers->accepted_payload_size > 1280)
+				resolvers->accepted_payload_size = 1280;
 			goto out;
 		}