Prevent query loops for misbehaving servers

If a TCP connection fails while attempting to send a query to a server,
the fetch context will be restarted without marking the target server as
a bad one.  If this happens for a server which:

  - was already marked with the DNS_FETCHOPT_EDNS512 flag,
  - responds to EDNS queries with the UDP payload size set to 512 bytes,
  - does not send response packets larger than 512 bytes,

and the response for the query being sent is larger than 512 byes, then
named will pointlessly alternate between sending UDP queries with EDNS
UDP payload size set to 512 bytes (which are responded to with truncated
answers) and TCP connections until the fetch context retry limit is
reached.  Prevent such query loops by marking the server as bad for a
given fetch context if the advertised EDNS UDP payload size for that
server gets reduced to 512 bytes and it is impossible to reach it using
TCP.

diff --git a/bin/tests/system/legacy/tests.sh b/bin/tests/system/legacy/tests.sh
index 6d1e807511ccd1dbd74553fd01a5890f25b7d85e..a7319840ddc56aa34d51030a483a160d9661bf39 100755 (executable)
--- a/bin/tests/system/legacy/tests.sh
+++ b/bin/tests/system/legacy/tests.sh
@@ -230,6 +230,17 @@ resolution_fails edns512-notcp. || ret=1
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=`expr $status + $ret`
 
+n=`expr $n + 1`
+echo_i "checking recursive lookup to edns 512 + no tcp server does not cause query loops ($n)"
+ret=0
+sent=`grep -c -F "sending packet to 10.53.0.7" ns1/named.run`
+if [ $sent -ge 10 ]; then
+       echo_i "ns1 sent $sent queries to ns7, expected less than 10"
+       ret=1
+fi
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=`expr $status + $ret`
+
 $PERL $SYSTEMTESTTOP/stop.pl --use-rndc --port ${CONTROLPORT} legacy ns1
 copy_setports ns1/named2.conf.in ns1/named.conf
 $PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} legacy ns1

diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c
index 9d11349da3bb0ddc04f1f8b5330b128b1b055908..11ef066608f4343357a50d0951df348e49ea2dfd 100644 (file)
--- a/lib/dns/resolver.c
+++ b/lib/dns/resolver.c
@@ -2956,6 +2956,19 @@ resquery_connected(isc_task_t *task, isc_event_t *event) {
                         * No route to remote.
                         */
                        isc_socket_detach(&query->tcpsocket);
+                       /*
+                        * Do not query this server again in this fetch context
+                        * if we already tried reducing the advertised EDNS UDP
+                        * payload size to 512 bytes and the server is
+                        * unavailable over TCP.  This prevents query loops
+                        * lasting until the fetch context restart limit is
+                        * reached when attempting to get answers whose size
+                        * exceeds 512 bytes from broken servers.
+                        */
+                       if ((query->options & DNS_FETCHOPT_EDNS512) != 0) {
+                               add_bad(fctx, query->addrinfo, sevent->result,
+                                       badns_unreachable);
+                       }
                        fctx_cancelquery(&query, NULL, NULL,
                                         true, false);
                        retry = true;