[Pdns-users] PowerDNS 2.9.16 + dnscache not working

Matt Dainty matt at bodgit-n-scarper.com
Sat Apr 10 20:02:45 UTC 2004 

On Sun, 2004-04-04 at 00:06, Matt Dainty wrote:
> On Thu, 2004-04-01 at 20:40, bert hubert wrote:
> > is this problem still there?
> 
> Hmm, I decided to look at this, so I put some debug in dnsproxy.cc to
> print out the id, d_xor, and id^d_xor result at the following places:
> 
> DNSProxy::sendPacket() after p->spoofID(id^d_xor);
> Before and after the #ifdef'd byteswapping code in DNSProxy::mainloop()
> 
> I'm guessing the id's should match, so when it says reusing id 0 and
> discarding id 7000-odd, something's gone wrong. Now, I get:
> 
> DNSProxy::sendPacket(): Sending packet with id=0, d_xor=45287,
> id^d_xor=45287
> DNSProxy::mainloop(): (BEFORE) Received packet with id=59312,
> d_xor=45287,d.id^d_xor=22359
> DNSProxy::mainloop(): (AFTER) Received packet with id=45031,
> d_xor=45287, d.id^d_xor=7936
> Discarding untracked packet from recursor backend with id 7936. Contrack
> table size=1
> 
> So it's fairly obvious the WORDS_BIGENDIAN code *is* being coded in, but
> the id is ending up 256 less than it should be for some reason. If I
> make the byteswap code:
> 
> d.id = ( 256 * ( (u_int16_t)buffer[1] + 1 ) ) + (u_int16_t)buffer[0];
> 
> ...then it works and queries via the recursor work, but I'm guessing the
> id is getting messed up earlier on. Someone more familiar with the code
> have an idea before I litter it with more print statements? :-)

I sniffed the traffic going between PowerDNS and dnscache to make sure
the ID isn't being altered there, and it appears to be correct, the ID
in the network traffic matches what I get before the byteswap code, and
when I manually byteswap that value, I get the right answer, whereas the
original byteswap code is wrong by 256.

Assuming therefore that the byteswap code was wrong, I replaced it with:

d.id = ( ( d.id >> 8  ) & 0xff ) | ( ( d.id & 0xff ) << 8 );

...and this works without the silly '+ 1' in my previous mail, and it
also looks better code in general, (IMHO).

Thing is, I was sure the original code was okay, and when I test it 
in a small C program, it gives the right answers, so I think something
more subtle is going on somewhere.

Feel free to replace the byteswap code in dnsproxy.cc as above, this
fixes it for me, and I'm happier to leave the code like this rather than
my previous '+ 1' fudge.

Matt

> > On Sat, Mar 13, 2004 at 12:55:52AM +0100, Roderick Groesbeek wrote:
> > > Hello Matt,
> > > 
> > > > From: "Matt Dainty" <matt at bodgit-n-scarper.com>
> > > >
> > > > polymorph# env DNSCACHEIP=192.168.23.15 dnsqr a www.google.com
> > > > Mar 12 22:42:50 polymorph pdns[108]: Recursive query for remote
> > > 192.168.23.15 with internal id 1 was not answered by backend within timeout,
> > > reusing id
> > > > Mar 12 22:42:50 polymorph pdns[108]: Discarding untracked packet from
> > > recursor backend with id 7937. Contrack table size=2
> > > > Mar 12 22:42:53 polymorph pdns[108]: Discarding untracked packet from
> > > recursor backend with id 7938. Contrack table size=3
> > > >
> > > > What's puzzling me is that in the dnscache logs, I can see dnscache get
> > > > the query and return the answer immediately:
> > > >
> > > 
> > > Probably you wanna check that the following code *DOES* get compiled in on
> > > your
> > > system.
> > > 
> > > ~~
> > > #ifdef WORDS_BIGENDIAN
> > >         // this is needed because spoof ID down below does not respect the
> > > nativ
> > > e byteorder
> > >         d.id = ( 256 * (u_int16_t)buffer[1] ) + (u_int16_t)buffer[0];
> > > #endif
> > > "dnsproxy.cc" [Read only] line 176 of 216 --81%--
> > > ~~
> > > 
> > > Or recompile your code with "CXXFLAGS=-DWORDS_BIGENDIAN ./configure" just to
> > > be sure.
> > > 
> > > 
> > > Vriendelijke Groet,
> > > 
> > > Roderick
> > > --
> > > Pettemerstraat 12A                                  T r I p l e
> > > 1823 CW Alkmaar                                         T
> > > Tel. +31 (0)72-5129516
> > > fax. +31 (0)72-5129520                              Automatisering
> > > www.triple-it.nl                                 "Laat uw Net Werken!"
> > > 
> > > _______________________________________________
> > > Pdns-users mailing list
> > > Pdns-users at mailman.powerdns.com
> > > http://mailman.powerdns.com/mailman/listinfo/pdns-users
> 
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> http://mailman.powerdns.com/mailman/listinfo/pdns-users
>

More information about the Pdns-users mailing list