Skip to content

Kresd fails resolve divelog.blue in (non forwarding mode)

There is also post on forum about this https://forum.turris.cz/t/kresd-resolver-bug/3876/2.

I tested this behavior on omnia with kresd from full-forward branch

Without forwarding

root@turris:~# dig  divelog.blue 
; <<>> DiG 9.9.8-P4 <<>> divelog.blue
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 35767
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;divelog.blue.			IN	A

;; Query time: 305 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Apr 03 13:20:50 CEST 2017
;; MSG SIZE  rcvd: 30
kresd log
root@turris:~# kresd -k /etc/root.keys -v
[ ta ] new state of root trust anchors:
.                   	3600	DS	19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5
[system] interactive mode
> [    0][plan] plan 'divelog.blue.' type 'A'
[47469][iter]   'divelog.blue.' type 'A' id was assigned, parent id 0
[47469][resl]   => using root hints
[25645][iter]   'divelog.blue.' type 'A' id was assigned, parent id 0
[25645][plan]   plan '.' type 'DNSKEY'
[   91][iter]     '.' type 'DNSKEY' id was assigned, parent id 25645
[   91][ rc ]     => satisfied from cache
[   91][iter]     <= rcode: NOERROR
[   91][vldr]     <= parent: updating DNSKEY
[   91][vldr]     <= answer valid, OK
[48098][iter]   'divelog.blue.' type 'A' id was assigned, parent id 0
[48098][resl]   => querying: '2001:dc3::35' score: 10 zone cut: '.' m12n: 'divElOg.bLUe.' type: 'A' proto: 'udp'
[48098][resl]   => querying: '202.12.27.33' score: 10 zone cut: '.' m12n: 'divElOg.bLUe.' type: 'A' proto: 'udp'
[48098][resl]   => querying: '2001:500:9f::42' score: 10 zone cut: '.' m12n: 'divElOg.bLUe.' type: 'A' proto: 'udp'
[48098][resl]   => querying: '199.7.83.42' score: 10 zone cut: '.' m12n: 'divElOg.bLUe.' type: 'A' proto: 'udp'
[48098][iter]   <= malformed response
[48098][vldr]   <= bogus proof of DS non-existence
[    0][resl] finished: 8, queries: 1, mempool: 32784 B
[    0][plan] plan '.' type 'DNSKEY'
[43478][iter]   '.' type 'DNSKEY' id was assigned, parent id 0
[43478][ rc ]   => satisfied from cache
[43478][iter]   <= rcode: NOERROR
[    0][resl] finished: 4, queries: 1, mempool: 98328 B
[ ta ] key: 19036 state: AddPend
[ ta ] new state of root trust anchors:
.                   	3600	DS	19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5
[ ta ] next refresh in 1 hours
[    0][plan] plan '.' type 'NS'
[28042][iter]   '.' type 'NS' id was assigned, parent id 0
[28042][resl]   => using root hints
[36818][iter]   '.' type 'NS' id was assigned, parent id 0
[36818][plan]   plan '.' type 'DNSKEY'
[38174][iter]     '.' type 'DNSKEY' id was assigned, parent id 36818
[38174][ rc ]     => satisfied from cache
[38174][iter]     <= rcode: NOERROR
[38174][vldr]     <= parent: updating DNSKEY
[38174][vldr]     <= answer valid, OK
[46270][iter]   '.' type 'NS' id was assigned, parent id 0
[46270][resl]   => querying: '2001:dc3::35' score: 10 zone cut: '.' m12n: '.' type: 'NS' proto: 'udp'
[46270][resl]   => querying: '202.12.27.33' score: 10 zone cut: '.' m12n: '.' type: 'NS' proto: 'udp'
[46270][resl]   => querying: '2001:500:9f::42' score: 10 zone cut: '.' m12n: '.' type: 'NS' proto: 'udp'
[46270][resl]   => querying: '199.7.83.42' score: 10 zone cut: '.' m12n: '.' type: 'NS' proto: 'udp'
[46270][iter]   <= rcode: NOERROR
[46270][vldr]   <= answer valid, OK
[46270][resl]   <= server: '2001:dc3::35' rtt: >=303 ms
[46270][resl]   <= server: '202.12.27.33' rtt: >=203 ms
[46270][resl]   <= server: '2001:500:9f::42' rtt: >=103 ms
[46270][resl]   <= server: '199.7.83.42' rtt: 3 ms
[    0][resl] finished: 4, queries: 2, mempool: 98328 B

With full forwarding

root@turris:~# dig  divelog.blue 
; <<>> DiG 9.9.8-P4 <<>> divelog.blue
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35394
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;divelog.blue.			IN	A

;; ANSWER SECTION:
divelog.blue.		85209	IN	A	81.209.182.12

;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Apr 03 13:33:57 CEST 2017
;; MSG SIZE  rcvd: 57
kresd log
root@turris:/tmp# kresd -v -c /tmp/kresd.config_new 
[    0][hint] reading '/tmp/kresd/hints.tmp'
[    0][hint] loaded 0 hints
[system] interactive mode
> [    0][plan] plan 'divelog.blue.' type 'A'
[27667][iter]   'divelog.blue.' type 'A' id was assigned, parent id 0
[27667][resl]   => querying: '192.168.2.1' score: 1425 zone cut: '.' m12n: 'DIvelOg.bLUE.' type: 'A' proto: 'udp'
[27667][iter]   <= rcode: NOERROR
[27667][resl]   <= server: '192.168.2.1' rtt: 0 ms
[    0][resl] finished: 4, queries: 1, mempool: 16392 B
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information