Got an error in UDP question thread: Trying to read past the end of the buffer #3290

Closed
rygl opened this Issue Jan 23, 2016 · 5 comments

Projects

None yet

3 participants

@rygl
rygl commented Jan 23, 2016

Hello,
Maybe it is not harmful, but I am trying to keep the log clean:

Jan 22 22:48:50 rzt-lvs1 dnsdist[19829]: Got an error in UDP question thread: Trying to read past the end of the buffer
Jan 22 22:48:50 rzt-lvs1 dnsdist[19829]: Got an error in UDP question thread: Trying to read past the end of the buffer
Jan 23 01:05:24 rzt-lvs1 dnsdist[19829]: Got an error in UDP question thread: Trying to read past the end of the buffer
Jan 23 01:05:24 rzt-lvs1 dnsdist[19829]: Got an error in UDP question thread: Trying to read past the end of the buffer
Jan 23 03:46:49 rzt-lvs1 dnsdist[19829]: Got an error in UDP question thread: Trying to read past the end of the buffer
Jan 23 03:46:49 rzt-lvs1 dnsdist[19829]: Got an error in UDP question thread: Trying to read past the end of the buffer
Jan 23 03:46:51 rzt-lvs1 dnsdist[19829]: Got an error in UDP question thread: Trying to read past the end of the buffer

What does it mean? dnsdist 0.0.659g717609c, clients are mainly on IPv6, 10k qps

Regards
Ales

@rgacogne rgacogne self-assigned this Jan 23, 2016
@rgacogne rgacogne added this to the dnsdist-1.0.0 milestone Jan 23, 2016
@rgacogne rgacogne added a commit to rgacogne/pdns that referenced this issue Jan 23, 2016
@rgacogne rgacogne dnsdist: Drop queries with no question (qdcount == 0)
Added a counter for these dropped queries, `emptyQueries` too.
This might be an issue for DNS cookies some day, as it uses
query with no question [1].
Additionnaly drops queries with QR set over TCP too to be
consistent with UDP.
This might close #3290.

[1]: https://tools.ietf.org/html/draft-ietf-dnsop-cookies-09#section-5.4
2efd427
@rgacogne
Member

Hi Aleš,

Thank you for reporting this. Do you get these a lot? It means that we got to the end of the packet sooner than we expected when trying to parse the question's qname. This might be a bug, a malformed query, or an empty one (no question). This commit 1 deals more gracefully with that last case. It might not play well with DNS Cookies 2, but it won't be worse that what we are currently doing anyway.
If it doesn't help, we might need to add some debugging information to understand what's happening.

@rygl
rygl commented Jan 23, 2016

Hi Remi,
you are welcome. It is not so bad. I have up to 100 such errors per hour. The rate is not constant. Sometimes there is nothing within an hour. Comparing to the query rate (~12k qps) it is rare. It seems to me that it is rather related to a malformed query.

Sometimes I can also see this in dmesg output:
[Fri Jan 22 18:04:37 2016] UDP: bad checksum. From 93.153.83.14:12499 to 62.141.0.2:53 ulen 48
[Fri Jan 22 22:10:53 2016] UDP: bad checksum. From 10.85.31.44:54707 to 62.141.0.2:53 ulen 48
[Sat Jan 23 09:44:23 2016] UDP: bad checksum. From 93.153.83.14:13564 to 62.141.0.2:53 ulen 49
[Sat Jan 23 11:26:17 2016] UDP: bad checksum. From 10.180.163.222:55938 to 62.141.0.2:53 ulen 44
[Sat Jan 23 11:37:42 2016] UDP: bad checksum. From 10.180.163.222:47193 to 62.141.0.2:53 ulen 44

The occurrence does not seem to correlate with buffer errors.
Just a question. I am using Debian repo. How often are the new packages built? Is the latest package there containing the commit you have mentioned? I am not familiar to github build process...

Thanks
Ales

@ahupowerdns ahupowerdns closed this in #3292 Jan 23, 2016
@rygl
rygl commented Jan 23, 2016

Hi Remi, hi Hubert,
Thanks!!

@ahupowerdns
Member

maybe good to know, if you listen to traffic from stub resolvers ... you will be receiving quite some weird traffic. Authoritative servers get far cleaner traffic.

@rygl
rygl commented Jan 23, 2016

Yes, this is the case. dnsdist is used by ADSL CPEs for IPv6 at the moment. And they can bother a lot.
Btw. I have already some hits in empty-queries and no buffer errors in the log.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment