[Bug 1716976] Re: DNS resolver silently switches to an unknown DNS server

gpothier gpothier at gmail.com
Thu Oct 26 21:43:56 UTC 2017 

This is still happening with 17.10 final. I have been digging a bit and
found something that makes me think that this is a caching / IPv6 issue.
Attached is the screenshot of a Wireshark capture of the DNS packets on
all interfaces on the affected machine (the IP address of the machine is
192.168.0.154).

When querying a hostname that should be resolved to a local network address (in this case odoo.caligrafix.cl), the resolver makes two requests to our local DNS server 192.168.0.2 (and not to any external DNS server, as I first thought): 
1. The request for odoo.caligrafix.cl
2. A request for o3.caligrafix.cl.

The second request is made before receiving the response to the first
request. This second request can be explained by the fact that outside
of our network, the name odoo.caligrafix.cl resolves to a CNAME
o3.caligrafix.cl, and for some reason the resolver uses this cached
information instead of waiting for the result of the first request.

The response to the first request, which correctly indicates the
expected local network address, seems to be discarded, and the result of
subsequent requests that resolves to our public address trough a chain
of CNAMES, is used instead.

The funny thing is that after flushing the resolver's cache, the
resolver also makes two requests to our local DNS server, but both with
the name odoo.caligrafix.cl, and gets the correct answer. But then it
makes a request for the AAAA (IPv6) record, and gets the chain the CNAME
records that lead to our public IP. So it seems that somehow the IPv6
and IPv4 caches get mixed up afterwards.

Although I guess I could (and will attempt to) mitigate the issue by configuring the AAAA record differently on our DNS server, I think the current behavior of the resolver is incorrect, as it uses cached info for an IPv6 record when querying an IPv4 record.
 


** Attachment added: "Wireshark capture of failed resolution"
   https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1716976/+attachment/4997137/+files/Screenshot%20from%202017-10-26%2018-22-20.png

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1716976

Title:
  DNS resolver mixes IPv6 and IPv4 caches

Status in systemd package in Ubuntu:
  New

Bug description:
  In our network we have a DNS server that resolves some names to local
  addresses, while the same names are resolved to our public IP when
  public DNSs are used. For instance (using fictitious names and IPs),
  xyz.mydomain.com resolves to the public IP 65.254.242.180 when using
  an external DNS server, but resolves to 192.168.0.14 when using our
  internal DNS server (which all our computers are told to use via
  DHCP).

  This used to work fine until a somewhat recent update in Ubuntu 17.10.
  Now, xyz.domain.com almost always resolves to the public IP instead of
  the internal IP. Interestingly, restarting the systemd-resolved
  service fixes the problem for a while (from a few seconds to a few
  minutes). Right after restarting the service, the dig command reports
  the expected internal IP, but after a while it gets back to reporting
  the public IP. Forcing the dig command to query our DNS server instead
  of the local resolver returns the correct IP.

  ProblemType: Bug
  DistroRelease: Ubuntu 17.10
  Package: systemd 234-2ubuntu9
  ProcVersionSignature: Ubuntu 4.12.0-13.14-generic 4.12.10
  Uname: Linux 4.12.0-13-generic x86_64
  ApportVersion: 2.20.7-0ubuntu1
  Architecture: amd64
  CurrentDesktop: ubuntu:GNOME
  Date: Wed Sep 13 13:34:50 2017
  InstallationDate: Installed on 2015-01-23 (963 days ago)
  InstallationMedia: Ubuntu-GNOME 14.04.1 LTS "Trusty Tahr" - Release amd64 (20140722.2)
  MachineType: LENOVO 20266
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.12.0-13-generic.efi.signed root=UUID=eecad38d-4fff-462c-92bc-357fa12e5515 ro quiet splash vt.handoff=7
  SourcePackage: systemd
  UpgradeStatus: Upgraded to artful on 2017-06-15 (90 days ago)
  dmi.bios.date: 03/30/2015
  dmi.bios.vendor: LENOVO
  dmi.bios.version: 76CN43WW
  dmi.board.asset.tag: No Asset Tag
  dmi.board.name: Yoga2
  dmi.board.vendor: LENOVO
  dmi.board.version: 31900058STD
  dmi.chassis.asset.tag: No Asset Tag
  dmi.chassis.type: 10
  dmi.chassis.vendor: LENOVO
  dmi.chassis.version: Lenovo Yoga 2 Pro
  dmi.modalias: dmi:bvnLENOVO:bvr76CN43WW:bd03/30/2015:svnLENOVO:pn20266:pvrLenovoYoga2Pro:rvnLENOVO:rnYoga2:rvr31900058STD:cvnLENOVO:ct10:cvrLenovoYoga2Pro:
  dmi.product.family: IDEAPAD
  dmi.product.name: 20266
  dmi.product.version: Lenovo Yoga 2 Pro
  dmi.sys.vendor: LENOVO

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1716976/+subscriptions

More information about the foundations-bugs mailing list