VirtualBox

Opened 5 years ago

Closed 5 years ago

#18171 closed defect (fixed)

wrong RCODE from DNS AAAA query with --natdnshostresolver1 (with suggested fix) => Fixed in SVN

Reported by: ncopa Owned by:
Component: network/NAT Version: VirtualBox 5.2.22
Keywords: Cc:
Guest type: other Host type: other

Description

The natdnshostresolver returns NOTIMP (rcode 4) on AAAA queries. This causes 5 seconds delays with musl libc, which similar to Go's stupresolver does both A and AAAA queries on hostname lookups. Problem was reported to Alpine Linux and to the musl libc mailing list, where the response was that this is is a bug in VirtualBox.

Example tcpdump:

22:34:45.724471 IP 10.0.2.15.52190 > 10.0.2.3.53: 27848+ A? www.google.com. (32)
22:34:45.724542 IP 10.0.2.15.52190 > 10.0.2.3.53: 28141+ AAAA? www.google.com. (32)
22:34:45.812045 IP 10.0.2.3.53 > 10.0.2.15.52190: 27848 1/0/0 A 216.58.194.164 (48)
22:34:45.812068 IP 10.0.2.3.53 > 10.0.2.15.52190: 28141 NotImp 0/0/0 (32)
22:34:48.228641 IP 10.0.2.15.52190 > 10.0.2.3.53: 28141+ AAAA? www.google.com. (32)
22:34:48.228965 IP 10.0.2.3.53 > 10.0.2.15.52190: 28141 NotImp 0/0/0 (32)

According RFC 1035:

OPCODE A four bit field that specifies kind of query in this message.

...

RCODE Response code - this 4 bit field is set as part of responses. The values have the following interpretation:

...

4 Not Implemented - The name server does not support the requested kind of query.

The fix is to return RCode_NXDomain instead of RCode_NotImp:

https://www.virtualbox.org/browser/vbox/trunk/src/VBox/Devices/Network/slirp/hostres.c?rev=59202#L408

402	    if (   qtype != Type_A
403	        && qtype != Type_CNAME
404	        && qtype != Type_PTR
405	        && qtype != Type_ANY)
406	    {
407	        LogErr(("NAT: hostres: unsupported qtype %d\n", qtype));
408	        return refuse(pData, m, RCode_NotImp);
409	    }

Change History (4)

comment:2 by Tarun Johar, 5 years ago

A couple of solutions for this are stated below.

The code is in src/VBox/Devices/Network/slirp/hostres.c:517

    if (   qtype != Type_A
        && qtype != Type_CNAME
        && qtype != Type_PTR
        && qtype != Type_ANY)
    {
        LogErr(("NAT: hostres: unsupported qtype %d\n", qtype));
        return refuse(res, RCode_NotImp);
    }

There are two possible fixes:

  • Add a conditional above this code for Type_AAAA where the resolver returns RCode_NXDomain instead of RCode_NotImp:
if (qtype == Type_AAAA) {
    LogErr(("NAT: hostres: cannot resolve qtype %d\n", qtype));
    return refuse(res, RCode_NXDomain);
}
  • Implement IPv6 resolution for AAAA records. The resolve() function at line 574 would need to be updated.

comment:3 by Valery Ushakov, 5 years ago

Component: networknetwork/NAT
Summary: wrong RCODE from DNS AAAA query with --natdnshostresolver1 (with suggested fix)wrong RCODE from DNS AAAA query with --natdnshostresolver1 (with suggested fix) => Fixed in SVN

Thanks for the report! I've changed all NotImps except the one for the opcode to either FormErr or NXDomain (for qclass/qtype). The fix should be in 6.0 and the next 5.2 dot-dot release.

comment:4 by Michael Thayer, 5 years ago

Resolution: fixed
Status: newclosed
Note: See TracTickets for help on using tickets.

© 2023 Oracle
ContactPrivacy policyTerms of Use