Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dns_msg_parse_reply() fails for response from DNS64 service #20355

Closed
benpicco opened this issue Feb 7, 2024 · 0 comments · Fixed by #20857
Closed

dns_msg_parse_reply() fails for response from DNS64 service #20355

benpicco opened this issue Feb 7, 2024 · 0 comments · Fixed by #20857
Assignees
@miri64 @kaspar030
Labels
Area: network Area: Networking Type: bug The issue reports a bug / The PR fixes a bug (including spelling errors)

Comments

@benpicco
Copy link
Contributor

benpicco commented Feb 7, 2024
edited
Loading

Description

TREX provides a public DNS64+NAT64 service that allows to reach IPv4 only hosts from an IPv6 only network.

The responses from this nameserver do confuse dns_msg_parse_reply() though.
It will fail in different places on subsequent requests which hints to a message parsing bug.

Steps to reproduce the issue

Configure the DNS64 nameserver and enable sock_dns:

USEMODULE += sock_dns
USEMODULE += auto_init_sock_dns

CFLAGS += -DCONFIG_AUTO_INIT_SOCK_DNS_SERVER_ADDR=\"2001:67c:2b0::6\"
CFLAGS += -DCONFIG_DNS_MSG_LEN=256 # response msg is 202 bytes

You can either run this on a board with a direct internet connection or on native if your host is connected to an IPv6 network. In his case, run

sudo dist/tools/tapsetup/tapsetup -u enp0s25

(in this case enp0s25 is the uplink ethernet interface)

Expected results

We can resolve any IPv4 only hostname.

$ dig @2001:67c:2b0::6 global.azure-devices-provisioning.net aaaa

; <<>> DiG 9.18.18-0ubuntu2-Ubuntu <<>> @2001:67c:2b0::6 global.azure-devices-provisioning.net aaaa
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7471
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;global.azure-devices-provisioning.net. IN AAAA

;; ANSWER SECTION:
global.azure-devices-provisioning.net. 569 IN CNAME id-prod-global-endpoint.trafficmanager.net.
id-prod-global-endpoint.trafficmanager.net. 59 IN CNAME	idsu-prod-am-001-su-az.westeurope.cloudapp.azure.com.
idsu-prod-am-001-su-az.westeurope.cloudapp.azure.com. 10 IN AAAA 2001:67c:2b0:db32::2871:b0aa

;; Query time: 96 msec
;; SERVER: 2001:67c:2b0::6#53(2001:67c:2b0::6) (UDP)
;; WHEN: Wed Feb 07 16:30:56 CET 2024
;; MSG SIZE  rcvd: 213

Actual results

The response from global.azure-devices-provisioning.net can't be parsed

2024-02-07 16:17:20,552 # > ping global.azure-devices-provisioning.net
2024-02-07 16:17:20,750 # DNS: got 202 bytes:
2024-02-07 16:17:20,759 # 0x00, 0x00, 0x81, 0x80, 0x00, 0x01, 0x00, 0x03, 0x00, 0x00, 0x00, 0x00, 0x06, 0x67, 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x1a, 0x61, 0x7a, 0x75, 0x72, 0x65, 0x2d, 0x64, 0x65, 0x76, 0x69, 0x63, 0x65, 0x73, 0x2d, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x03, 0x6e, 0x65, 0x74, 0x00, 0x00, 0x1c, 0x00, 0x01, 0xc0, 0x0c, 0x00, 0x05, 0x00, 0x01, 0x00, 0x00, 0x01, 0x61, 0x00, 0x29, 0x17, 0x69, 0x64, 0x2d, 0x70, 0x72, 0x6f, 0x64, 0x2d, 0x67, 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x2d, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x0e, 0x74, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0xc0, 0x2e, 0xc0, 0x43, 0x00, 0x05, 0x00, 0x01, 0x00, 0x00, 0x00, 0x5a, 0x00, 0x36, 0x16, 0x69, 0x64, 0x73, 0x75, 0x2d, 0x70, 0x72, 0x6f, 0x64, 0x2d, 0x61, 0x6d, 0x2d, 0x30, 0x30, 0x31, 0x2d, 0x73, 0x75, 0x2d, 0x61, 0x7a, 0x0a, 0x77, 0x65, 0x73, 0x74, 0x65, 0x75, 0x72, 0x6f, 0x70, 0x65, 0x08, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x61, 0x70, 0x70, 0x05, 0x61, 0x7a, 0x75, 0x72, 0x65, 0x03, 0x63, 0x6f, 0x6d, 0x00, 0xc0, 0x78, 0x00, 0x1c, 0x00, 0x01, 0x00, 0x00, 0x00, 0x0a, 0x00, 0x10, 0x20, 0x01, 0x06, 0x7c, 0x02, 0xb0, 0xdb, 0x32, 0x00, 0x00, 0x00, 0x01, 0x28, 0x71, 0xb0, 0xaa, 
2024-02-07 16:17:20,786 # DNS: got 202 bytes:
2024-02-07 16:17:20,791 # 0x00, 0x00, 0x81, 0x80, 0x00, 0x01, 0x00, 0x03, 0x00, 0x00, 0x00, 0x00, 0x06, 0x67, 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x1a, 0x61, 0x7a, 0x75, 0x72, 0x65, 0x2d, 0x64, 0x65, 0x76, 0x69, 0x63, 0x65, 0x73, 0x2d, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 0x03, 0x6e, 0x65, 0x74, 0x00, 0x00, 0x1c, 0x00, 0x01, 0xc0, 0x0c, 0x00, 0x05, 0x00, 0x01, 0x00, 0x00, 0x01, 0x61, 0x00, 0x29, 0x17, 0x69, 0x64, 0x2d, 0x70, 0x72, 0x6f, 0x64, 0x2d, 0x67, 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x2d, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x0e, 0x74, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0xc0, 0x2e, 0xc0, 0x43, 0x00, 0x05, 0x00, 0x01, 0x00, 0x00, 0x00, 0x5a, 0x00, 0x36, 0x16, 0x69, 0x64, 0x73, 0x75, 0x2d, 0x70, 0x72, 0x6f, 0x64, 0x2d, 0x61, 0x6d, 0x2d, 0x30, 0x30, 0x31, 0x2d, 0x73, 0x75, 0x2d, 0x61, 0x7a, 0x0a, 0x77, 0x65, 0x73, 0x74, 0x65, 0x75, 0x72, 0x6f, 0x70, 0x65, 0x08, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x61, 0x70, 0x70, 0x05, 0x61, 0x7a, 0x75, 0x72, 0x65, 0x03, 0x63, 0x6f, 0x6d, 0x00, 0xc0, 0x78, 0x00, 0x1c, 0x00, 0x01, 0x00, 0x00, 0x00, 0x0a, 0x00, 0x10, 0x20, 0x01, 0x06, 0x7c, 0x02, 0xb0, 0xdb, 0x32, 0x00, 0x00, 0x00, 0x01, 0x28, 0x71, 0xb0, 0xaa, 
2024-02-07 16:17:20,791 # can't resolve global.azure-devices-provisioning.net

While others work fine

2024-02-07 16:24:51,504 # > ping github.com
2024-02-07 16:24:51,626 # DNS: got 56 bytes:
2024-02-07 16:24:51,627 # 0x00, 0x00, 0x81, 0x80, 0x00, 0x01, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x06, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x03, 0x63, 0x6f, 0x6d, 0x00, 0x00, 0x1c, 0x00, 0x01, 0xc0, 0x0c, 0x00, 0x1c, 0x00, 0x01, 0x00, 0x00, 0x00, 0x3c, 0x00, 0x10, 0x20, 0x01, 0x06, 0x7c, 0x02, 0xb0, 0xdb, 0x32, 0x00, 0x00, 0x00, 0x01, 0x8c, 0x52, 0x79, 0x03, 
2024-02-07 16:24:51,698 # 12 bytes from 2001:67c:2b0:db32:0:1:8c52:7903: icmp_seq=0 ttl=46 time=71.737 ms
2024-02-07 16:24:52,699 # 12 bytes from 2001:67c:2b0:db32:0:1:8c52:7903: icmp_seq=1 ttl=46 time=71.654 ms
2024-02-07 16:24:53,700 # 12 bytes from 2001:67c:2b0:db32:0:1:8c52:7903: icmp_seq=2 ttl=46 time=72.748 ms
2024-02-07 16:24:53,700 # 
2024-02-07 16:24:53,701 # --- github.com PING statistics ---
2024-02-07 16:24:53,702 # 3 packets transmitted, 3 packets received, 0% packet loss
2024-02-07 16:24:53,702 # round-trip min/avg/max = 71.654/72.046/72.748 ms

dns.pcapng.gz

Versions

RIOT master, discovered in #20223
@benpicco benpicco added Type: bug The issue reports a bug / The PR fixes a bug (including spelling errors) Area: network Area: Networking labels Feb 7, 2024
benpicco added a commit to benpicco/RIOT that referenced this issue Sep 9, 2024
@benpicco
dns_msg: skip RDLENGTH_LENGTH field when skipping record
09305d5 
fixes RIOT-OS#20355
@benpicco benpicco mentioned this issue Sep 9, 2024
Merged
benpicco added a commit to benpicco/RIOT that referenced this issue Sep 12, 2024
@benpicco
dns_msg: skip RDLENGTH_LENGTH field when skipping record
74356c9 
fixes RIOT-OS#20355
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@miri64 miri64

@kaspar030 kaspar030

Labels
Area: network Area: Networking Type: bug The issue reports a bug / The PR fixes a bug (including spelling errors)
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

dns_msg: skip RDLENGTH_LENGTH field when skipping record benpicco/RIOT
3 participants
@miri64 @benpicco @kaspar030