Bug#519774: libc6: causes many programs not to be able to resolve dns addresses

To: Mark Kamichoff <prox@prolixium.com>
Cc: 519774@bugs.debian.org, Petr Vandrovec <petr@vandrovec.name>, Aurelien Jarno <aurelien@aurel32.net>
Subject: Bug#519774: libc6: causes many programs not to be able to resolve dns addresses
From: Florian Weimer <fw@deneb.enyo.de>
Date: Tue, 17 Mar 2009 20:51:50 +0100
Message-id: <[🔎] 87y6v4lyg9.fsf@mid.deneb.enyo.de>
Reply-to: Florian Weimer <fw@deneb.enyo.de>, 519774@bugs.debian.org
In-reply-to: <[🔎] 20090316161026.GA26642@prolixium.com> (Mark Kamichoff's message of "Mon, 16 Mar 2009 12:10:26 -0400")
References: <[🔎] 20090316161026.GA26642@prolixium.com>

* Mark Kamichoff:

> Hi - 
>
>> The problem is that the DNS server of your ISP does not conform to the
>> RFC and only answer to the AAAA query with a void answer. It never
>> answer to the A query, so the glibc resolver can only conclude the
>> whole query has no answer.
>
> Just a thought, many DNS ALGs on firewalls (eg, Juniper NetScreen) will
> close the UDP/53 session after one packet (response, presumably) is
> received, and drop any subsequent response packets.

This will break other clients, too.  For instance, a BIND forwarder
without source port randomization, who happens to have multiple
queries in flight.

Has it been verified that the second DNS packet actually leaves the
box?  I think there was word of a kernel bug leading to dropped UDP
packets which might cause this.

Reply to:

References:
- Bug#519774: libc6: causes many programs not to be able to resolve dns addresses
  - From: Mark Kamichoff <prox@prolixium.com>

Prev by Date: Bug#518027: Dependence on configuration?
Next by Date: Bug#516218: getaddrinfo not working while gethostbyname works
Previous by thread: Bug#519774: libc6: causes many programs not to be able to resolve dns addresses
Next by thread: Bug#519781: glibc-doc: various pthread_* manpages gone in squeeze package
Index(es):
- Date
- Thread