[Unbound-users] Again: use-caps-for-id trouble

A. Schulze sca at andreasschulze.de
Fri Oct 10 13:44:59 UTC 2014


A. Schulze:

> Last week I had an issue with a domain I could analyse in detail.
> The external customer run a Debian Squeeze + bind 9.7.3 for his  
> domain and rDNS
>
> The rDNS was broken because we sent queries for *.In.ADr.ArpA.
>
> The Debian servers was "protected" by a Cisco firewall.
> This device had a "content inspection" for DNS enabled which broke  
> his bind9 answers.
>
> Unfortunately the latest 0x20 patches for unbound-1.4.22 did not catch that.
>
> @Wouter, if you'r interested I could setup a test environment...

today we hit a powerdns server responding in a unexpected manner:

$ dig @ns1.ipandmore.de MAIL1.IPANDMORE.DE +norecurse +noall +answer

; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> @ns1.ipandmore.de  
MAIL1.IPANDMORE.DE +norecurse +noall +answer
; (1 server found)
;; global options: +cmd
MAIL1.IPANDMORE.DE.     14400   IN      A       213.252.2.157

-> OK

$ dig @ns1.ipandmore.de 157.2.252.213.in-addr.arpa. PTR +norecurse  
+noall +answer

; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> @ns1.ipandmore.de  
157.2.252.213.in-addr.arpa. PTR +norecurse +noall +answer
; (1 server found)
;; global options: +cmd
157.2.252.213.in-addr.arpa. 900 IN      PTR     mail1.ipandmore.de.

-> OK

BUT:
$ dig @ns1.ipandmore.de 157.2.252.213.IN-ADDR.ARPA. PTR +norecurse  
+noall +answer

; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> @ns1.ipandmore.de  
157.2.252.213.IN-ADDR.ARPA. PTR +norecurse +noall +answer
; (1 server found)
;; global options: +cmd
157.2.252.213.in-addr.arpa. 900 IN      PTR     mail1.ipandmore.de.

-> OK?, notice the lowercase "in-addr.arpa." in the answer.

We had a similar issue in June:
http://unbound.net/pipermail/unbound-users/2014-June/003377.html

Wouter wrote a patch I'm using here to handle the situation where DNS  
servers don't answer
to uppercase queries at all. But that mechanism fail here because  
there is no timeout.

I run 1.4.22 with the attached patch.
Ideas / Updates?

Andreas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fix4caps.patch
Type: text/x-diff
Size: 17034 bytes
Desc: not available
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20141010/1c761b3f/attachment.bin>


More information about the Unbound-users mailing list