Bug 2124416
| Summary: | aardvark-dns: Recursion Available bit is not set in response header | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Sameer <snangare> |
| Component: | podman | Assignee: | Jindrich Novy <jnovy> |
| Status: | CLOSED ERRATA | QA Contact: | Joy Pu <ypu> |
| Severity: | medium | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 8.6 | CC: | bbaude, dornelas, dwalsh, jligon, jnovy, lsm5, mheon, pthomas, tsweeney, umohnani, ypu |
| Target Milestone: | rc | Keywords: | Triaged |
| Target Release: | --- | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | aardvark-dns-1.4.0-1.el8 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2023-05-16 08:20:37 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Can reproduce with aardvark-dns-1.0.1-35.module+el8.6.0+15917+093ca6f8.x86_64 with dig. The WARNING message is there: # podman exec foo dig bar ; <<>> DiG 9.11.36-RedHat-9.11.36-5.el8_7.2 <<>> bar ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54510 ;; flags: qr rd ad; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; COOKIE: 047712cd672895f9 (echoed) ;; QUESTION SECTION: ;bar. IN A ;; ANSWER SECTION: bar. 86400 IN A 10.89.0.10 bar. 86400 IN AAAA fda7:1969:afb3:f334::8 bar. 86400 IN A 10.89.0.10 bar. 86400 IN AAAA fda7:1969:afb3:f334::8 ;; Query time: 1 msec ;; SERVER: 10.89.0.1#53(10.89.0.1) ;; WHEN: Mon Jan 30 10:15:43 UTC 2023 ;; MSG SIZE rcvd: 132 And test with aardvark-dns-1.4.0-1.module+el8.8.0+17823+c4e3c815.x86_64 # podman exec foo dig bar ; <<>> DiG 9.11.36-RedHat-9.11.36-5.el8_7.2 <<>> bar ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6342 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; COOKIE: 526514d091d3cbff (echoed) ;; QUESTION SECTION: ;bar. IN A ;; ANSWER SECTION: bar. 86400 IN A 10.89.0.6 ;; Query time: 0 msec ;; SERVER: 10.89.0.1#53(10.89.0.1) ;; WHEN: Mon Jan 30 10:15:25 UTC 2023 ;; MSG SIZE rcvd: 60 So add Tested flag Checked with aardvark-dns-1.5.0-2.module+el8.8.0+18060+3f21f2cc.x86_64, the AAAA lines is not shows up again. So move it to verified. More details: # podman exec foo dig bar ; <<>> DiG 9.11.36-RedHat-9.11.36-5.el8_7.2 <<>> bar ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27316 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; COOKIE: 16de3ff688875c7d (echoed) ;; QUESTION SECTION: ;bar. IN A ;; ANSWER SECTION: bar. 86400 IN A 10.89.2.2 ;; Query time: 1 msec ;; SERVER: 10.89.2.1#53(10.89.2.1) ;; WHEN: Mon Feb 13 07:39:58 UTC 2023 ;; MSG SIZE rcvd: 60 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: container-tools:rhel8 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2023:2758 |
Description of problem: - The issue is observed on `aardvark-dns` package version 1.0.1-35, that Recursion Available bit is not set in response header. Version-Release number of selected component (if applicable): - aardvark-dns-1.0.1-35 How reproducible: - Mostly Steps to Reproduce: 1. # Configuration ## Dual stack network { "name": "dual", "id": "2697203bf4180da9e7a6d074e38cbafb2fad4c8a3436522bde4ac573c059caa6", "driver": "bridge", "network_interface": "podman1", "created": "2022-08-24T04:03:37.236675178-05:00", "subnets": [ { "subnet": "192.168.227.0/24", "gateway": "192.168.227.1" }, { "subnet": "fdf8:192:168:227::/120", "gateway": "fdf8:192:168:227::1" } ], "ipv6_enabled": true, "internal": false, "dns_enabled": true, "ipam_options": { "driver": "host-local" } } 2. ## Two containers, foo and bar, resolving bar from foo [root@foo /]# cat /etc/resolv.conf search dns.podman nameserver 192.168.227.1 nameserver fdf8:192:168:227::1 # Issue observed ## nslookup complains "Got recursion not available from 192.168.227.1, trying next server" [root@foo /]# nslookup bar ;; Got recursion not available from 192.168.227.1, trying next server ;; connection timed out; no servers could be reached [root@foo /]# 3. ## dig also complains "WARNING: recursion requested but not available" [root@foo /]# dig bar ; <<>> DiG 9.11.36-RedHat-9.11.36-3.el8 <<>> bar ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13400 ;; flags: qr rd ad; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; COOKIE: b8dbf9748e7ba467 (echoed) ;; QUESTION SECTION: ;bar. IN A ;; ANSWER SECTION: bar. 86400 IN A 192.168.227.9 bar. 86400 IN AAAA fdf8:192:168:227::9 bar. 86400 IN A 192.168.227.9 bar. 86400 IN AAAA fdf8:192:168:227::9 ;; Query time: 0 msec ;; SERVER: 192.168.227.1#53(192.168.227.1) ;; WHEN: Fri Aug 26 10:23:45 UTC 2022 ;; MSG SIZE rcvd: 132 [root@foo /]# Actual results: ## nslookup complains "Got recursion not available from 192.168.227.1, trying next server" [root@foo /]# nslookup bar ;; Got recursion not available from 192.168.227.1, trying next server - Expected results: - nslookup should prompt an output without any complains Additional info: - Link to original issue - https://github.com/containers/aardvark-dns/issues/204. This is being worked upon and it's almost fixed there.