Bug 1319296
Summary: | System DNS name resolver won't switch to TCP if DNS resolve not available over UDP | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Michal Ambroz <rebus> | ||||||
Component: | glibc | Assignee: | Florian Weimer <fweimer> | ||||||
Status: | CLOSED UPSTREAM | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||
Severity: | unspecified | Docs Contact: | |||||||
Priority: | unspecified | ||||||||
Version: | 23 | CC: | arjun.is, codonell, dj, fweimer, jakub, law, mfabian, pfrankli, rebus, siddhesh | ||||||
Target Milestone: | --- | ||||||||
Target Release: | --- | ||||||||
Hardware: | Unspecified | ||||||||
OS: | Unspecified | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2016-03-23 12:21:37 UTC | Type: | Bug | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Attachments: |
|
Description
Michal Ambroz
2016-03-18 18:18:58 UTC
Created attachment 1137837 [details]
ping_bugzilla_ipv6.pcap
pcap captured when trying "ping bugzilla.redhat.com"
The response has the TC bit set (requesting retry with TCP), but it lacks the RA bit, indicating that the server is not willing to perform recursion. This means that the glibc stub resolver will not use it. I asked on the dns-operations list for comments, but the message is currently stuck in the moderation queue. The mailing list thread is here: https://lists.dns-oarc.net/pipermail/dns-operations/2016-March/014548.html BTW the mentioned Google DNS behaviour was gone today cca 16:00 GMT. Now the ipv6 Google DNS (2001:4860:4860::8844) is responding again over UDP. Mik This is arguably not a bug because the RFC clearly says that RA must be correct even for a TC response. But I understand that DNS has evolved from the original specification, so I have filed and upstream bug to come up with some enhancements in this area (although there is no quick fix). Google treats this as an operational issue for their public DNS service and is working on a modification to their servers: https://lists.dns-oarc.net/pipermail/dns-operations/2016-March/014551.html |