From: bert hubert Date: Sun, 21 Aug 2016 12:21:28 +0000 (+0200) Subject: The PowerDNS Recursor shuffles answers randomly, so no single A record gets overloade... X-Git-Tag: rec-4.0.2~10^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=27b85f24de25a192336d7f9b0022da1860863495;p=thirdparty%2Fpdns.git The PowerDNS Recursor shuffles answers randomly, so no single A record gets overloaded. This logic also took care not to shuffle a CNAME record until after the name it points to, because we theorized this would upset some resolvers. Our logic however assumed all the CNAMEs would initially be at the front of the packet. We'd start our shuffling after skipping all the CNAMEs up front. It now turns out that sometimes we end up with a 'CNAME A CNAME A' packet to shuffle. This would happily shuffle the last three records. With this PR, we put the CNAMEs up front explicitly before commencing the shuffle. Closes #4339. Still to be investigated: why didn't this bite us before? --- diff --git a/pdns/misc.cc b/pdns/misc.cc index bca2bbd80e..4c20b2cbd6 100644 --- a/pdns/misc.cc +++ b/pdns/misc.cc @@ -581,12 +581,20 @@ void shuffle(vector& rrs) // we don't shuffle the rest } +static uint16_t mapCnameToFirst(uint16_t type) +{ + if(type == QType::CNAME) + return 0; + else + return 1; +} + // make sure rrs is sorted in d_place order to avoid surprises later // then shuffle the parts that desire shuffling void orderAndShuffle(vector& rrs) { std::stable_sort(rrs.begin(), rrs.end(), [](const DNSRecord&a, const DNSRecord& b) { - return a.d_place < b.d_place; + return std::make_tuple(a.d_place, mapCnameToFirst(a.d_type)) < std::make_tuple(b.d_place, mapCnameToFirst(b.d_type)); }); shuffle(rrs); }