-
Notifications
You must be signed in to change notification settings - Fork 4.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
dns.config.udp_answer_limit not taken into account if edns is used #3355
Comments
kamaradclimber
added a commit
to criteo-forks/consul
that referenced
this issue
Aug 3, 2017
Fix hashicorp#3355 Change-Id: I3f6893224776d064b920ada9e1bf7e0fc58805ab Signed-off-by: Grégoire Seux <g.seux@criteo.com>
Can this please be either corrected or documented? |
pierresouchay
added a commit
to pierresouchay/consul
that referenced
this issue
Mar 6, 2018
This allows to have randomized resource records (i.e. each answer contains only one IP, but the IP changes every request) for A, AAAA records. It will fix hashicorp#3355 and hashicorp#3937 See hashicorp#3937 (comment) for details. It basically add a new option called `a_record_limit` and will not return more than a_record_limit when performing A, AAAA or ANY DNS requests. The existing `udp_answer_limit` option is still working but should be considered as deprecated since it works only with DNS clients not supporting EDNS.
pierresouchay
added a commit
to criteo-forks/consul
that referenced
this issue
Mar 8, 2018
This allows to have randomized resource records (i.e. each answer contains only one IP, but the IP changes every request) for A, AAAA records. It will fix hashicorp#3355 and hashicorp#3937 See hashicorp#3937 (comment) for details. It basically add a new option called `a_record_limit` and will not return more than a_record_limit when performing A, AAAA or ANY DNS requests. The existing `udp_answer_limit` option is still working but should be considered as deprecated since it works only with DNS clients not supporting EDNS.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When filing a bug, please include the following:
consul version
for both Client and ServerClient:
0.8.5
Server:
0.8.4
consul info
for both Client and ServerClient:
Server:
Operating system and Environment details
centos 7.2 or centos 6.8
Description of the Issue (and unexpected/desired result)
Consul agent is configured with
dns.config.udp_answer_limit
to 1.We configure bind to query consul dns api:
When asking bind about consul zone, we get more than 1 results.
Reproduction steps
dig consul.service.consul @localhost -p 8600
gives 1 resultdig consul.service.consul @localhost
gives 3 results.Early investiguations
After analyzing a tcpdump, it seems that bind is using edns fields to allow udp payload size to be larger than the default 512.
In this case consul seems to ignore udp_answer_limit parameter and return as many results as possible.
This is confirmed by
consul/agent/dns.go
Line 570 in 496b0bc
The text was updated successfully, but these errors were encountered: