mailing list of musl libc
 help / color / mirror / Atom feed
* [musl] EDNS0 support?
@ 2020-11-03 17:41 Bartłomiej Palmowski
  2020-11-03 18:07 ` Florian Weimer
  0 siblings, 1 reply; 3+ messages in thread
From: Bartłomiej Palmowski @ 2020-11-03 17:41 UTC (permalink / raw)
  To: musl

Hi,
we run alpine based docker images in AWS (inside our VPCs). Which
means that we're using dns servers provided by the AWS[1]. The problem
arises when we want to resolve a dns record that yields a large
response, for example:

$ nslookup eu.data.logs.insight.rapid7.com
Server:        10.11.12.13
Address:    10.11.12.13:53

Non-authoritative answer:
*** Can't find eu.data.logs.insight.rapid7.com: No answer

Non-authoritative answer:
*** Can't find eu.data.logs.insight.rapid7.com: No answer

According to what I managed to find out the reasons are as follows:
* edns0 is not advertise by the resolver
* there is no retry with TCP

Please advise on how we could reconfigure our images so that we're
able to resolve records with lots of RRs with a musl resolver.

1 - https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DNSBehavior.html

-- 
*The information contained in this message is intended for the addressee 
only and may contain classified information. If you are not the addressee, 
please delete this message and notify the sender; you should not copy or 
distribute this message or disclose its contents to anyone. Any views or 
opinions expressed in this message are those of the individual(s) and not 
necessarily of the organization. No reliance may be placed on this message 
without written confirmation from an authorised representative of its 
contents. No guarantee is implied that this message or any attachment is 
virus free or has not been intercepted and amended.*

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [musl] EDNS0 support?
  2020-11-03 17:41 [musl] EDNS0 support? Bartłomiej Palmowski
@ 2020-11-03 18:07 ` Florian Weimer
  2020-11-04  9:38   ` Bartłomiej Palmowski
  0 siblings, 1 reply; 3+ messages in thread
From: Florian Weimer @ 2020-11-03 18:07 UTC (permalink / raw)
  To: Bartłomiej Palmowski; +Cc: musl

* Bartłomiej Palmowski:

> we run alpine based docker images in AWS (inside our VPCs). Which
> means that we're using dns servers provided by the AWS[1]. The problem
> arises when we want to resolve a dns record that yields a large
> response, for example:

There has been a previous thread on this topic, around this message:

  <https://www.openwall.com/lists/musl/2020/04/18/7>

Not sure if anything has changed in the code since then.

Thanks,
Florian
-- 
Red Hat GmbH, https://de.redhat.com/ , Registered seat: Grasbrunn,
Commercial register: Amtsgericht Muenchen, HRB 153243,
Managing Directors: Charles Cachera, Brian Klemm, Laurie Krebs, Michael O'Neill


^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [musl] EDNS0 support?
  2020-11-03 18:07 ` Florian Weimer
@ 2020-11-04  9:38   ` Bartłomiej Palmowski
  0 siblings, 0 replies; 3+ messages in thread
From: Bartłomiej Palmowski @ 2020-11-04  9:38 UTC (permalink / raw)
  To: Florian Weimer; +Cc: musl

I'm not an expert on this so it's possible that I'm mixing things up,
but from my tests it seems like enabling edns0 extension would help a
great deal with this type of issue. With glibc it is an option in
resolv.conf, I don't see if musl supports this.

On Tue, 3 Nov 2020 at 18:07, Florian Weimer <fweimer@redhat.com> wrote:
>
> * Bartłomiej Palmowski:
>
> > we run alpine based docker images in AWS (inside our VPCs). Which
> > means that we're using dns servers provided by the AWS[1]. The problem
> > arises when we want to resolve a dns record that yields a large
> > response, for example:
>
> There has been a previous thread on this topic, around this message:
>
>   <https://www.openwall.com/lists/musl/2020/04/18/7>
>
> Not sure if anything has changed in the code since then.
>
> Thanks,
> Florian
> --
> Red Hat GmbH, https://de.redhat.com/ , Registered seat: Grasbrunn,
> Commercial register: Amtsgericht Muenchen, HRB 153243,
> Managing Directors: Charles Cachera, Brian Klemm, Laurie Krebs, Michael O'Neill
>

-- 
*The information contained in this message is intended for the addressee 
only and may contain classified information. If you are not the addressee, 
please delete this message and notify the sender; you should not copy or 
distribute this message or disclose its contents to anyone. Any views or 
opinions expressed in this message are those of the individual(s) and not 
necessarily of the organization. No reliance may be placed on this message 
without written confirmation from an authorised representative of its 
contents. No guarantee is implied that this message or any attachment is 
virus free or has not been intercepted and amended.*

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2020-11-04  9:39 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-11-03 17:41 [musl] EDNS0 support? Bartłomiej Palmowski
2020-11-03 18:07 ` Florian Weimer
2020-11-04  9:38   ` Bartłomiej Palmowski

mailing list of musl libc

This inbox may be cloned and mirrored by anyone:

	git clone --mirror http://inbox.vuxu.org/musl

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V1 musl musl/ http://inbox.vuxu.org/musl \
		musl@inbox.vuxu.org
	public-inbox-index musl

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://inbox.vuxu.org/vuxu.archive.musl


code repositories for the project(s) associated with this inbox:

	https://git.vuxu.org/mirror/musl/

AGPL code for this site: git clone https://public-inbox.org/public-inbox.git