Date: Tue, 11 Aug 2020 14:28:57 -0400 From: Waitman Gobble <gobble.wa@gmail.com> To: FreeBSD <freebsd-questions@freebsd.org> Subject: strange results using src/lib/libc/resolv Message-ID: <CAFuo_fxagN=URub5dCb5App7VJW0_EzYMirY-NDHZq4eQFzhqQ@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
I've noticed an issue with the PHP function dns_get_record(), on some FreeBSD 12.1 servers it *always* returns "False" with no response, but on other FreeBSD 12.1 servers it returns the correct results. A simple example: <?php $h='google.com'; $x = dns_get_record($h); var_dump($x); on some servers it /*always*/ outputs: bool(false) no matter what dns name is searched. on some servers it outputs the correct info: [0]=> array(5) { ["host"]=> string(10) "google.com" ["class"]=> string(2) "IN" ["ttl"]=> int(85496) ["type"]=> string(2) "NS" ["target"]=> string(14) "ns4.google.com" } ..... etc On FreeBSD, PHP calls the function res_nsearch() which is defined in /usr/include/resolv.h On the servers without a response, res_nsearch returns -1 which is an error condition, but the error code set in herrno is 0, which is: "Resolver Error 0 (no error)" I created a basic C program which uses res_nsearch and have the same results. https://gist.github.com/arduent/a33756d7e3ddfcf51a0eaca908612a16 # clang -o main main.c -I/usr/include On some servers it returns errors: # ./main ;; res_nquerydomain(google.com, <Nil>, 1, 255) ;; res_query(google.com, 1, 255) ;; res_nmkquery(QUERY, google.com, IN, ANY) ;; res_nopt() ;; res_send() ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65018 ;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; google.com, type = ANY, class = IN ; EDNS: version: 0, udp=65535, flags=0000 ;; Querying server (# 1) address = 127.0.0.1 ;; new DG socket ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65018 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; google.com, type = ANY, class = IN ; EDNS: version: 0, udp=4096, flags=0000 ;; rcode = (NOERROR), counts = an:0 ns:0 ar:1 ;; res_nquerydomain(google.com, smq.io, 1, 255) ;; res_query(google.com.smq.io, 1, 255) ;; res_nmkquery(QUERY, google.com.smq.io, IN, ANY) ;; res_nopt() ;; res_send() ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26844 ;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; google.com.smq.io, type = ANY, class = IN ; EDNS: version: 0, udp=65535, flags=0000 ;; Querying server (# 1) address = 127.0.0.1 ;; new DG socket ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26844 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; google.com.smq.io, type = ANY, class = IN ; EDNS: version: 0, udp=4096, flags=0000 ;; rcode = (NOERROR), counts = an:0 ns:0 ar:1 Error occured during search. But it works on other servers: # ./main ;; res_nquerydomain(google.com, <Nil>, 1, 255) ;; res_query(google.com, 1, 255) ;; res_nmkquery(QUERY, google.com, IN, ANY) ;; res_nopt() ;; res_send() ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44131 ;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; google.com, type = ANY, class = IN ; EDNS: version: 0, udp=65535, flags=0000 ;; Querying server (# 1) address = 127.0.0.1 ;; new DG socket ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44131 ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1 ;; google.com, type = ANY, class = IN google.com. 23h36m53s IN NS ns4.google.com. google.com. 23h36m53s IN NS ns3.google.com. google.com. 23h36m53s IN NS ns1.google.com. google.com. 23h36m53s IN NS ns2.google.com. ; EDNS: version: 0, udp=4096, flags=0000 Not sure what's going on. It doesn't seem to matter if 'search domain' is set in resolv.conf, or options edns0 is set in resolv.conf. Update: I did just notice that on the servers where it is failing, it _DOES_ work if the nameserver is set to google 8.8.8.8 or 8.8.4.4, but so far that's it. If it's set to localhost / unbound it fails. Or cloudflares 1.1.1.1 it fails, ISP's nameservers it fails. That's weird. So on some machines res_nsearch() only works with google nameservers, but on other machnines it works with any nameservers. On the servers where it always gets the correct results, it doesn't matter what nameserver is used. Any help with this is appreciated. -- Waitman Gobble
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAFuo_fxagN=URub5dCb5App7VJW0_EzYMirY-NDHZq4eQFzhqQ>