Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

external-dns is responding to questions for AAAA/MX with A records #4258

Closed
iliana opened this issue Oct 11, 2023 · 4 comments
Closed

external-dns is responding to questions for AAAA/MX with A records #4258

iliana opened this issue Oct 11, 2023 · 4 comments

Comments

@iliana
Copy link
Contributor

iliana commented Oct 11, 2023

Discovered while using host:

$ host recovery.sys.oxide.test 192.168.1.20
Using domain server:
Name: 192.168.1.20
Address: 192.168.1.20#53
Aliases:

recovery.sys.oxide.test has address 192.168.1.22
recovery.sys.oxide.test has address 192.168.1.23
recovery.sys.oxide.test has address 192.168.1.24
recovery.sys.oxide.test has address 192.168.1.22
recovery.sys.oxide.test has address 192.168.1.23
recovery.sys.oxide.test has address 192.168.1.24
recovery.sys.oxide.test has address 192.168.1.22
recovery.sys.oxide.test has address 192.168.1.23
recovery.sys.oxide.test has address 192.168.1.24

host sends queries for A, AAAA, and MX records by default.

$ dig @192.168.1.20 recovery.sys.oxide.test -t A

; <<>> DiG 9.18.14 <<>> @192.168.1.20 recovery.sys.oxide.test -t A
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50534
;; flags: qr rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;recovery.sys.oxide.test.       IN      A

;; ANSWER SECTION:
recovery.sys.oxide.test. 0      IN      A       192.168.1.22
recovery.sys.oxide.test. 0      IN      A       192.168.1.23
recovery.sys.oxide.test. 0      IN      A       192.168.1.24

;; Query time: 0 msec
;; SERVER: 192.168.1.20#53(192.168.1.20) (UDP)
;; WHEN: Wed Oct 11 18:14:14 UTC 2023
;; MSG SIZE  rcvd: 89


$ dig @192.168.1.20 recovery.sys.oxide.test -t AAAA

; <<>> DiG 9.18.14 <<>> @192.168.1.20 recovery.sys.oxide.test -t AAAA
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44245
;; flags: qr rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;recovery.sys.oxide.test.       IN      AAAA

;; ANSWER SECTION:
recovery.sys.oxide.test. 0      IN      A       192.168.1.22
recovery.sys.oxide.test. 0      IN      A       192.168.1.23
recovery.sys.oxide.test. 0      IN      A       192.168.1.24

;; Query time: 0 msec
;; SERVER: 192.168.1.20#53(192.168.1.20) (UDP)
;; WHEN: Wed Oct 11 18:14:16 UTC 2023
;; MSG SIZE  rcvd: 89


$ dig @192.168.1.20 recovery.sys.oxide.test -t CNAME

; <<>> DiG 9.18.14 <<>> @192.168.1.20 recovery.sys.oxide.test -t CNAME
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52989
;; flags: qr rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;recovery.sys.oxide.test.       IN      CNAME

;; ANSWER SECTION:
recovery.sys.oxide.test. 0      IN      A       192.168.1.22
recovery.sys.oxide.test. 0      IN      A       192.168.1.23
recovery.sys.oxide.test. 0      IN      A       192.168.1.24

;; Query time: 3 msec
;; SERVER: 192.168.1.20#53(192.168.1.20) (UDP)
;; WHEN: Wed Oct 11 18:14:17 UTC 2023
;; MSG SIZE  rcvd: 89


$ dig @192.168.1.20 recovery.sys.oxide.test -t MX

; <<>> DiG 9.18.14 <<>> @192.168.1.20 recovery.sys.oxide.test -t MX
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1632
;; flags: qr rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;recovery.sys.oxide.test.       IN      MX

;; ANSWER SECTION:
recovery.sys.oxide.test. 0      IN      A       192.168.1.22
recovery.sys.oxide.test. 0      IN      A       192.168.1.23
recovery.sys.oxide.test. 0      IN      A       192.168.1.24

;; Query time: 0 msec
;; SERVER: 192.168.1.20#53(192.168.1.20) (UDP)
;; WHEN: Wed Oct 11 18:14:18 UTC 2023
;; MSG SIZE  rcvd: 89

Correct behavior would be to send a response with 0 answer records (but not set the status to NXDOMAIN).

@iliana iliana changed the title internal-dns is responding to questions for AAAA/MX with A records external-dns is responding to questions for AAAA/MX with A records Oct 11, 2023
@davepacheco
Copy link
Collaborator

I think this is the same issue as #4051.

@iliana
Copy link
Contributor Author

iliana commented Oct 12, 2023

It is indeed!

@iliana
Copy link
Contributor Author

iliana commented Oct 12, 2023

Well. There is a subtle difference, actually. I will elaborate a bit over there.

@davepacheco
Copy link
Collaborator

I think given #4051 (comment), this is a dup of #4051 (but please reopen if I've misunderstood!)

@davepacheco davepacheco closed this as not planned Won't fix, can't repro, duplicate, stale Aug 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants