Correctly identify forwarded queries with DNSTAP

Queries using forwarders where not being correctly identified
when using dnstap.

(cherry picked from commit 38b626d58d9e7ee8075ec096861fe880e4dba73f)

diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c
index f872c56588a08e45e7eaa3ca0ee334aa0ff4532e..c2125459429a87b2d2af0b7ac0c331f683e94f5a 100644 (file)
--- a/lib/dns/resolver.c
+++ b/lib/dns/resolver.c
@@ -2738,7 +2738,7 @@ resquery_send(resquery_t *query) {
        /*
         * Log the outgoing query via dnstap.
         */
-       if ((fctx->qmessage->flags & DNS_MESSAGEFLAG_RD) != 0) {
+       if (ISFORWARDER(query->addrinfo)) {
                dtmsgtype = DNS_DTTYPE_FQ;
        } else {
                dtmsgtype = DNS_DTTYPE_RQ;
@@ -9892,7 +9892,13 @@ rctx_logpacket(respctx_t *rctx) {
        }
        dns_compress_invalidate(&cctx);
 
-       if ((fctx->qmessage->flags & DNS_MESSAGEFLAG_RD) != 0) {
+       /*
+        * Check if the response came from a forwarder to correctly
+        * classify as Forward Response (FR) vs Recursive Response (RR)
+        * for DNSTAP logging. This is more accurate than using the RD
+        * flag which only indicates the original query intent.
+        */
+       if (ISFORWARDER(rctx->query->addrinfo)) {
                dtmsgtype = DNS_DTTYPE_FR;
        } else {
                dtmsgtype = DNS_DTTYPE_RR;