/pdns

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Got an error in UDP question thread: Trying to read past the end of the buffer #3290

Closed
rygl opened this Issue Jan 23, 2016 · 5 comments

Comments

Assignees

@rgacogne rgacogne

Labels
defect dnsdist
Projects
None yet
Milestone
  dnsdist-1.0.0
3 participants
@rygl @rgacogne @ahupowerdns
@rygl

rygl commented Jan 23, 2016

Hello,
Maybe it is not harmful, but I am trying to keep the log clean:

Jan 22 22:48:50 rzt-lvs1 dnsdist[19829]: Got an error in UDP question thread: Trying to read past the end of the buffer
Jan 22 22:48:50 rzt-lvs1 dnsdist[19829]: Got an error in UDP question thread: Trying to read past the end of the buffer
Jan 23 01:05:24 rzt-lvs1 dnsdist[19829]: Got an error in UDP question thread: Trying to read past the end of the buffer
Jan 23 01:05:24 rzt-lvs1 dnsdist[19829]: Got an error in UDP question thread: Trying to read past the end of the buffer
Jan 23 03:46:49 rzt-lvs1 dnsdist[19829]: Got an error in UDP question thread: Trying to read past the end of the buffer
Jan 23 03:46:49 rzt-lvs1 dnsdist[19829]: Got an error in UDP question thread: Trying to read past the end of the buffer
Jan 23 03:46:51 rzt-lvs1 dnsdist[19829]: Got an error in UDP question thread: Trying to read past the end of the buffer

What does it mean? dnsdist 0.0.659g717609c, clients are mainly on IPv6, 10k qps

Regards
Ales

@rgacogne rgacogne added defect dnsdist labels Jan 23, 2016

@rgacogne rgacogne self-assigned this Jan 23, 2016

@rgacogne rgacogne added this to the dnsdist-1.0.0 milestone Jan 23, 2016

rgacogne added a commit to rgacogne/pdns that referenced this issue Jan 23, 2016

@rgacogne
dnsdist: Drop queries with no question (qdcount == 0) 
Added a counter for these dropped queries, `emptyQueries` too.
This might be an issue for DNS cookies some day, as it uses
query with no question [1].
Additionnaly drops queries with QR set over TCP too to be
consistent with UDP.
This might close PowerDNS#3290.

[1]: https://tools.ietf.org/html/draft-ietf-dnsop-cookies-09#section-5.4
Loading status checks…
2efd427
@rgacogne

This comment has been minimized.

Sign in to view
Member

rgacogne commented Jan 23, 2016

Hi Aleš,

Thank you for reporting this. Do you get these a lot? It means that we got to the end of the packet sooner than we expected when trying to parse the question's qname. This might be a bug, a malformed query, or an empty one (no question). This commit 1 deals more gracefully with that last case. It might not play well with DNS Cookies 2, but it won't be worse that what we are currently doing anyway.
If it doesn't help, we might need to add some debugging information to understand what's happening.

@rgacogne rgacogne referenced this issue Jan 23, 2016

Merged

dnsdist: Drop queries with no question (qdcount == 0) #3292

@rygl

This comment has been minimized.

Sign in to view

rygl commented Jan 23, 2016

Hi Remi,
you are welcome. It is not so bad. I have up to 100 such errors per hour. The rate is not constant. Sometimes there is nothing within an hour. Comparing to the query rate (~12k qps) it is rare. It seems to me that it is rather related to a malformed query.

Sometimes I can also see this in dmesg output:
[Fri Jan 22 18:04:37 2016] UDP: bad checksum. From 93.153.83.14:12499 to 62.141.0.2:53 ulen 48
[Fri Jan 22 22:10:53 2016] UDP: bad checksum. From 10.85.31.44:54707 to 62.141.0.2:53 ulen 48
[Sat Jan 23 09:44:23 2016] UDP: bad checksum. From 93.153.83.14:13564 to 62.141.0.2:53 ulen 49
[Sat Jan 23 11:26:17 2016] UDP: bad checksum. From 10.180.163.222:55938 to 62.141.0.2:53 ulen 44
[Sat Jan 23 11:37:42 2016] UDP: bad checksum. From 10.180.163.222:47193 to 62.141.0.2:53 ulen 44

The occurrence does not seem to correlate with buffer errors.
Just a question. I am using Debian repo. How often are the new packages built? Is the latest package there containing the commit you have mentioned? I am not familiar to github build process...

Thanks
Ales

@ahupowerdns ahupowerdns closed this in #3292 Jan 23, 2016

@rygl

This comment has been minimized.

Sign in to view

rygl commented Jan 23, 2016

Hi Remi, hi Hubert,
Thanks!!
@ahupowerdns

This comment has been minimized.

Sign in to view
Member

ahupowerdns commented Jan 23, 2016

maybe good to know, if you listen to traffic from stub resolvers ... you will be receiving quite some weird traffic. Authoritative servers get far cleaner traffic.
@rygl

This comment has been minimized.

Sign in to view

rygl commented Jan 23, 2016

Yes, this is the case. dnsdist is used by ADSL CPEs for IPv6 at the moment. And they can bother a lot.
Btw. I have already some hits in empty-queries and no buffer errors in the log.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment