sts-sponsors team mailing list archive
-
sts-sponsors team
-
Mailing list archive
-
Message #01309
[Bug 1818527] [NEW] Stub resolver cache is corrupted
You have been subscribed to a public bug by Heitor Alves de Siqueira (halves):
[Impact]
systemd-resolved fails to resolve A records
[Description]
When systemd-resolve caches a non-existent CNAME record for a specific domain, further attempts at resolving A records for that same domain fail. This has been fixed upstream in v240.
Upstream commit: https://github.com/systemd/systemd/commit/3740146a4cbd
$ git describe --contains 3740146a4cbd
v240~839
$ rmadison systemd --arch amd64
systemd | 229-4ubuntu4 | xenial | source, ...
systemd | 229-4ubuntu21.21 | xenial-security | source, ...
systemd | 229-4ubuntu21.21 | xenial-updates | source, ...
systemd | 237-3ubuntu10 | bionic | source, ...
systemd | 237-3ubuntu10.19 | bionic-security | source, ...
systemd | 237-3ubuntu10.21 | bionic-updates | source, ...
systemd | 237-3ubuntu10.22 | bionic-proposed | source, ...
systemd | 239-7ubuntu10 | cosmic | source, ...
systemd | 239-7ubuntu10.12 | cosmic-security | source, ...
systemd | 239-7ubuntu10.13 | cosmic-updates | source, ...
systemd | 239-7ubuntu10.14 | cosmic-proposed | source, ...
systemd | 240-6ubuntu5 | disco | source, ...
systemd | 240-6ubuntu5.1 | disco-proposed | source, ...
systemd | 240-6ubuntu9 | eoan | source, ...
Despite the package versions above, only Bionic is affected. Cosmic
already includes a backported fix, and Xenial doesn't seem affected due
to resolvconf handling DNS resolution.
[Test Case]
Flush resolved's caches and try resolving a non-existent CNAME record. Further resolution attempts for the corresponding A record will fail:
$ systemd-resolve --flush-caches
$ dig github.com CNAME
$ dig github.com A
[Regression Potential]
The regression potential for this fix should be very low, as it's a direct cherry-pick from upstream systemd. It has seen extensive testing in both upstream and other Ubuntu releases, and was verified for Bionic through autopkgtests.
================================
[Original Description]
It seems that when systemd-resolve cache an non-existent CNAME record
for a domain, any attempt to resolve A record for the same domain fail.
systemd version the issue has been seen with
Installed: 237-3ubuntu10.13
Used distribution
Distributor ID: Ubuntu
Description: Ubuntu 18.04.2 LTS
Release: 18.04
Codename: bionic
Expected behaviour you didn't see
Return A record for a domain when it exists.
Unexpected behaviour you saw
Resolution failed.
Steps to reproduce the problem
Whait for 1 minutes (github.com TTL for A record)
Try to resolv github.com CNAME record dig CNAME github.com
This will return an empty result.
Then try to resolve github.com A record dig A github.com.
This will now return empty result unless you restart systemd-resolved or
wait for cache expiration.
At the same time using another DNS will resolve correctly dig A
github.com @8.8.8.8.
Exemple :
Wait for 1 minutes to let cache expire, then run
dig CNAME github.com
dig A github.com
# no result
dig A github.com @8.8.8.8
# ;; ANSWER SECTION:
# github.com. 59 IN A 192.30.253.113
# github.com. 59 IN A 192.30.253.112
PS: Don't forget to restart systemd-resolve, before trying to post an
answer.
This bug was first reported in github
https://github.com/systemd/systemd/issues/11789 but systemd version in
ubuntu is too old.
** Affects: systemd (Ubuntu)
Importance: Undecided
Status: Fix Released
** Affects: systemd (Ubuntu Xenial)
Importance: Undecided
Status: Invalid
** Affects: systemd (Ubuntu Bionic)
Importance: Medium
Assignee: Heitor Alves de Siqueira (halves)
Status: In Progress
** Tags: sts sts-sponsor
--
Stub resolver cache is corrupted
https://bugs.launchpad.net/bugs/1818527
You received this bug notification because you are a member of STS Sponsors, which is subscribed to the bug report.
