It is possible to hit the "unable to complete DNS exchange" error

[evelynhathaway]

Terraform CLI and Provider Versions

Terraform v1.3.1
DNS Provider v3.3.2

Terraform Configuration

provider "dns" {
  update {
    server    = "dns.example.com"
    transport = "tcp"
  }
}

Expected Behavior

When our DNS servers are not behaving correctly in the CI environment that Terraform runs in, a helpful error message should be provided.

Actual Behavior

Instead, the provider returns an error message that is generic.

Error: Error querying DNS record:

[address of DNS record resource]

unable to complete DNS exchange

The message reads as a computer telling me "I cannot do what you asked because I cannot do what you asked" (haha). Perhaps more information could be provided to help narrow down the problem, or at least demonstrate how it's not Terraform's fault in some instances.

I can imagine more information from the DNS exchange function would have added if the DNS server causing this error was known at the time, which I believe it wasn't due to a comment reading "we should never be hitting this line".

terraform-provider-dns/internal/provider/provider.go

Lines 540 to 541 in 7bf7f11

	//we should never be hitting this line
	return nil, fmt.Errorf("unable to complete DNS exchange")

Steps to Reproduce

A solid set of steps to reproduce is unknown to me. The cause of this error on my end is hard to replicate as it's an internal DNS server intermittently not being reachable or returning the correct response.

What I do know is that the DNS server was responding with something that caused the debug logs to include these lines about a nil response. These would repeat up to the number of retries in the case of failure, and in the case of intermittent success, somewhere between 0 and the number of retries minus 1 would appear until a real answer was provided.

[DEBUG] provider.terraform-provider-dns_v3.3.2_x5: 2023/11/21 19:15:51 [DEBUG] Sending DNS message to server (dns.example.com:53):
[DEBUG] provider.terraform-provider-dns_v3.3.2_x5: ;; opcode: QUERY, status: NOERROR, id: 1000
[DEBUG] provider.terraform-provider-dns_v3.3.2_x5: ;; flags:; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
[DEBUG] provider.terraform-provider-dns_v3.3.2_x5: 
[DEBUG] provider.terraform-provider-dns_v3.3.2_x5: ;; QUESTION SECTION:
[DEBUG] provider.terraform-provider-dns_v3.3.2_x5: ;subdomain.example.com.	IN	 CNAME
[DEBUG] provider.terraform-provider-dns_v3.3.2_x5: 2023/11/21 19:15:53 [DEBUG] Receiving DNS message from server (dns.example.com:53):
[DEBUG] provider.terraform-provider-dns_v3.3.2_x5: <nil> MsgHdr

If the plan and querying was successful in the case of many retries or getting lucky, the apply phase would behave similarly. Terraform was able to remove the old record, the DNS server may misbehave, causing Terraform to bail before adding the replacement record.

Since I was able to replicate the DNS issues outside of Terraform, I believe Terraform behaved in an acceptable way, except that I couldn't understand what happened because of the generic error. This error made me initially guess that Terraform or my configuration inside Terraform was the culprit, which it was not.

Forwarding information from any other errors may be a simple but effective alternative to a full reproduction of this intermittent issue of a DNS server where Terraform was not at fault.

How much impact is this issue causing?

Low

Logs

No response

Additional Information

No response

Code of Conduct

• I agree to follow this project's Code of Conduct