Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Loop of death when DNS queries a service that was registered wrong #4907

Closed
sielaq opened this issue Nov 6, 2018 · 2 comments · Fixed by #4918
Closed

Loop of death when DNS queries a service that was registered wrong #4907

sielaq opened this issue Nov 6, 2018 · 2 comments · Fixed by #4918
Labels
type/bug Feature does not function as expected

Comments

@sielaq
Copy link

sielaq commented Nov 6, 2018
edited
Loading

Overview of the Issue

Consul gets out of memory and dies or machine hangs
due to the loop of DNS resolve
when buggy service has been registered
and one DNS query was asked

Reproduction Steps

  1. dnsmasq (or unbound) with config like:
server=/service/127.0.0.1#8600
server=/service.domain.com/127.0.0.1#8600
  1. register service that points to itself via giving as Address
    not an IP, but hostname from domain that is gonna be resolve again via consul
{
  "Node": "foo",
  "Address": "foo.service.domain.com",
  "Service": {
    "Service": "foo",
    "Port": 8500
  }
}
  1. query it
dig @localhost -p 8600 foo.service.domain.com

(of course the simple .domain.com can be .consul
or even no domain need at all, if you register services like foo.service
but having 1st entry in dnsmasq)

affected versions

all version of consul > 0.7

Operating system and Environment details

Reproducible on Linux (amd64)

Log Fragments

-log-level=TRACE is not giving anything special

Expected behavior

consul is not dying
@pierresouchay pierresouchay mentioned this issue Nov 7, 2018
Merged
pierresouchay added a commit to pierresouchay/consul that referenced this issue Nov 7, 2018
@pierresouchay
Avoid to have infinite recursion in DNS lookups when resolving CNAMEs
c02465a 
This will avoid killing Consul when a Service.Address is using CNAME
to a Consul CNAME that creates an infinite recursion.

This will fix hashicorp#4907
@pierresouchay
Copy link
Contributor

@sielaq Should be fixed with #4918

@sielaq
Copy link
Author

sielaq commented Nov 8, 2018

@pierresouchay awesome, thx a lot!

@pearkes pearkes added the type/bug Feature does not function as expected label Nov 28, 2018
mkeeler pushed a commit that referenced this issue Jan 7, 2019
@pierresouchay @mkeeler
Avoid to have infinite recursion in DNS lookups when resolving CNAMEs (
ae7f88f 
…#4918)

* Avoid to have infinite recursion in DNS lookups when resolving CNAMEs

This will avoid killing Consul when a Service.Address is using CNAME
to a Consul CNAME that creates an infinite recursion.

This will fix #4907

* Use maxRecursionLevel = 3 to allow several recursions
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type/bug Feature does not function as expected
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Avoid to have infinite recursion in DNS lookups when resolving CNAMEs pierresouchay/consul
3 participants
@pearkes @sielaq @pierresouchay