[dnsdist] dnsdist 1.5.1 doh + options bug ?

Winfried Angele abang at t-ipnet.net
Tue Oct 6 04:23:16 UTC 2020


Hi Dave,

 > { reusePort=True }
lua -e 'print(True) print(true)'
nil
true

In Lua some things are true but not <True>.

Winfried

On 06.10.20 02:14, Dave Knight via dnsdist wrote:
> Hello all,
> 
> Recently started exploring dnsdist and joined the mail list just today.
> 
> I'd been playing with DoT and DoH in 1.4.0 without problems. Since switching to 1.5.0 and now 1.5.1 I have problems with DoH.
> 
> I did some fiddling in the config and found that DoH doesn't work for a listener configured where addDOHLocal has { options }.
> 
> Is this a bug, or am I doing something stupid ? :-)
> 
> 
> 
> Running on
> 
> root at dnsdist-21vzgq2:# dnsdist --version
> 
> dnsdist 1.5.1 (Lua 5.3.3)
> Enabled features: dns-over-tls(gnutls openssl) dns-over-https(DOH) ebpf fstrm ipcipher protobuf recvmmsg/sendmmsg systemd
> 
> root at dnsdist-21vzgq2:# lsb_release -a
> 
> No LSB modules are available.
> Distributor ID:	Ubuntu
> Description:	Ubuntu 20.04.1 LTS
> Release:	20.04
> Codename:	focal
> 
> 
> I scripted testing various config changes
> 
> # for version in 1 2 3 4 ; do
> 	echo === $version ===
> 	echo
> 	ln -sf dnsdist.conf.${version} dnsdist.conf
> 	systemctl restart dnsdist
> 	cat dnsdist.conf
> 	echo
> 	doh -k www.example.com https://[::1]/dns-query
> 	echo
> done
> 
> === 1 ===
> 
> newServer({ address="8.8.8.8",
>             qps=100000,
>             useClientSubnet=true
>           })
> 
> setServerPolicy(firstAvailable)
> 
> setACL({ '0.0.0.0/0', '::0/0' })
> 
> addDOHLocal( '[::1]:443',
>              '/etc/ssl/certs/bigalsfancydns.com.pem',
>              '/etc/ssl/private/bigalsfancydns.com.key',
>              { reusePort=True } )
> 
> Probe for AAAA got response: 404
> Probe for A got response: 404
> 
> === 2 ===
> 
> newServer({ address="8.8.8.8",
>             qps=100000,
>             useClientSubnet=true
>           })
> 
> setServerPolicy(firstAvailable)
> 
> setACL({ '0.0.0.0/0', '::0/0' })
> 
> addDOHLocal( '[::1]:443',
>              '/etc/ssl/certs/bigalsfancydns.com.pem',
>              '/etc/ssl/private/bigalsfancydns.com.key',
>              { reusePort=False } )
> 
> Probe for AAAA got response: 404
> Probe for A got response: 404
> 
> === 3 ===
> 
> newServer({ address="8.8.8.8",
>             qps=100000,
>             useClientSubnet=true
>           })
> 
> setServerPolicy(firstAvailable)
> 
> setACL({ '0.0.0.0/0', '::0/0' })
> 
> addDOHLocal( '[::1]:443',
>              '/etc/ssl/certs/bigalsfancydns.com.pem',
>              '/etc/ssl/private/bigalsfancydns.com.key',
>              { } )
> 
> Probe for A got response: 404
> Probe for AAAA got response: 404
> 
> === 4 ===
> 
> newServer({ address="8.8.8.8",
>             qps=100000,
>             useClientSubnet=true
>           })
> 
> setServerPolicy(firstAvailable)
> 
> setACL({ '0.0.0.0/0', '::0/0' })
> 
> addDOHLocal( '[::1]:443',
>              '/etc/ssl/certs/bigalsfancydns.com.pem',
>              '/etc/ssl/private/bigalsfancydns.com.key' )
> 
> [www.example.com]
> TTL: 20767 seconds
> A: 93.184.216.34
> AAAA: 2606:2800:0220:0001:0248:1893:25c8:1946
> _______________________________________________
> dnsdist mailing list
> dnsdist at mailman.powerdns.com
> https://mailman.powerdns.com/mailman/listinfo/dnsdist
> 


More information about the dnsdist mailing list