[dnsdist] dnsdist timeout with unknown opcode query

Arnaud Gavara arnaud.gavara at umontpellier.fr
Wed Sep 23 14:03:17 UTC 2020


While doing tests on dnsdist (v1.5.0) I noticed a strange (wrong ?) behavior.

If I request dnsdist with an intentionally unknown opcode, I get a timeout:
(dig with +noedns +noad +opcode=15 +norec +header-only)
;; connection timed out; no servers could be reached

If I make the same request directly to the backend server of dnsdist, then I get a correct answer:
;; - >> HEADER << - opcode: RESERVED15, status: NOTIMP, id: 31326

Note that the drop counter is not incremented when I do this test.
Bug or bad configuration ?

Thanks you.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2050 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20200923/24be2b2c/attachment.bin>

More information about the dnsdist mailing list