Page MenuHomeVyOS Platform
Create Task
Maniphest T4520

Incorrect addresses returned with interaction of static /etc/hosts with DNS64
Open, HighPublicBUG
Actions

Description

I've created a bug report for PowerDNS:

https://github.com/PowerDNS/pdns/issues/11770

Summary:

When using both the options:
``
export-etc-hosts=yes

dns64-prefix=2001:db8:abcd:64::/96
``
I believe there is a missing test to see if the IPv6 address already exists for that host name and don't do the DNS64 processing to synthesize an IPv6 address if that host has an IPv6 address already configured in /etc/hosts.
Short description

It is returning the DNS64 synthesized address instead of the actual configured IPv6 address in the /etc/host file, even though the IPv6 address is configured in the /etc/hosts file.

DNS64 synthesized address should ONLY be generated if there is NOT a pre-configured IPv6 address for that host name in the /etc/hosts file.

Since the /etc/hosts was just recently fixed to add capability for IPv6 lookups in PDNS 4.8 (alpha) then this interaction may have been inadvertently overlooked.
Environment

Operating system: VyOS (Debian "Buster")
Software version: 1.3
Software source: PDNS 4.5 (compiled into VyOS 1.3)

Steps to reproduce

PDNS configuration file /run/powerdns/recursor.conf:

export-etc-hosts=yes
dns64-prefix=2001:db8:abcd:64::/96

Then when the /etc/hosts file has
10.1.10.51 myhost
2001:db8:abcd:10::51 myhost

Look up 'myhost' with:
$ host myhost
Expected behaviour

myhost has address 10.1.10.51
mhost has IPv6 address 2001:db8abcd:10::51

Actual behaviour

myhost has address 10.1.10.51
mhost has IPv6 address 2001:db8:abcd:64::a01:a33

Other information

I just discovered that PDNS recursor just recently had code added to "export-etc-hosts" option to handle IPv6.

My theory is that the interaction between that and 'dns64-prefix' was overlooked.

Details

Version
1.3
Is it a breaking change?
Perfectly compatible
Issue type
Bug (incorrect behavior)

Event Timeline

dsummers created this task.Jul 8 2022, 7:44 PM
dsummers created this object in space S1 VyOS Public.
dsummers updated the task description. (Show Details)
Viacheslav added projects: VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.3).Oct 13 2022, 3:15 PM
pasik subscribed.Oct 13 2022, 8:45 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.4); removed VyOS 1.3 Equuleus (1.3.3).Jul 12 2023, 9:38 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.5); removed VyOS 1.3 Equuleus (1.3.4).Aug 25 2023, 9:29 PM
Viacheslav subscribed.Aug 30 2023, 12:40 PM

@dsummers Could you re-check? Should be fixed in https://github.com/PowerDNS/pdns/pull/12203

Viacheslav changed the task status from Open to Needs testing.Aug 30 2023, 12:40 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.6); removed VyOS 1.3 Equuleus (1.3.5).Dec 17 2023, 11:36 PM
dmbaturin triaged this task as High priority.Jan 10 2024, 10:21 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.7); removed VyOS 1.3 Equuleus (1.3.6).Feb 10 2024, 9:17 AM
syncer edited projects, added VyOS 1.4 Sagitta (1.4.0-GA); removed VyOS 1.4 Sagitta.May 7 2024, 8:03 AM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.8); removed VyOS 1.3 Equuleus (1.3.7).May 13 2024, 7:31 PM
dmbaturin edited projects, added VyOS 1.3 Equuleus (1.3.9); removed VyOS 1.3 Equuleus (1.3.8).Jun 20 2024, 10:17 AM
dmbaturin edited projects, added VyOS 1.4 Sagitta (1.4.1); removed VyOS 1.3 Equuleus (1.3.9), VyOS 1.4 Sagitta (1.4.0-GA).Jul 2 2024, 7:28 PM
HollyGurza subscribed.Jul 4 2024, 9:06 AM

I re-check this, and the problem still reproduces on the following versions:

Version:          VyOS 1.5-rolling-202406120020
PowerDNS Recursor 4.8.8

Version:          VyOS 1.4-stable-202407030309
PowerDNS Recursor 4.8.8

Version:          VyOS 1.3-stable-202407040623
PowerDNS Recursor 4.8.9

step to reproduce:
configure DNS forwarding

set service dns forwarding allow-from '10.0.0.0/24'
set service dns forwarding dns64-prefix '2001:db8:abcd:64::/96'
set service dns forwarding listen-address '10.0.0.13'
set system static-host-mapping host-name myhost inet '10.1.10.52'
set system static-host-mapping host-name myhost inet '2001:db8:abcd:10::52'

and look up host:

vyos@vyos# host myhost
myhost has address 10.1.10.52
myhost has IPv6 address 2001:db8:abcd:64::a01:a34

Also, this error is related to the order of the lines in /etc/hosts. The original problem occurs with:

vyos@vyos# cat /etc/hosts
...
# From 'system static-host-mapping' and DHCP server
# system
10.1.10.52      myhost 
2001:db8:abcd:10::52 myhost

but when ipv6 address is first then host command shows the expected value but without ipv4 address:

del system static-host-mapping host-name myhost inet '10.1.10.52'
commit
set system static-host-mapping host-name myhost inet '10.1.10.52'
vyos@vyos# cat /etc/hosts
...
# From 'system static-host-mapping' and DHCP server
# system
2001:db8:abcd:10::52 myhost 
10.1.10.52      myhost
vyos@vyos# host myhost
myhost has IPv6 address 2001:db8:abcd:10::52
HollyGurza changed the task status from Needs testing to Open.Jul 18 2024, 9:20 AM
dmbaturin added a project: Restricted Project.Sep 16 2024, 4:15 PM
dmbaturin removed a project: Restricted Project.Oct 14 2024, 8:44 AM
dmbaturin changed Is it a breaking change? from Unspecified (possibly destroys the router) to Perfectly compatible.
dmbaturin changed Issue type from Unspecified (please specify) to Bug (incorrect behavior).
vyosbot added a project: Bugs.Oct 14 2024, 11:32 AM
syncer edited projects, added VyOS Rolling; removed VyOS 1.4 Sagitta (1.4.1).Oct 30 2024, 1:25 PM
syncer changed the subtype of this task from "Task" to "Bug".
syncer moved this task from Need Triage to Backlog - Bug on the VyOS Rolling board.
syncer subscribed.

This should be fixed in PowerDNS 4.9.0