FS#51327 - [bind-tools] 9.11.0-1 can't use dig on Windows 2008r2 servers where 9.10.4.P3 can

Attached to Project: Arch Linux
Opened by Cade Robinson (cade.robinson) - Tuesday, 11 October 2016, 18:31 GMT
Last edited by Sébastien Luttringer (seblu) - Thursday, 03 November 2016, 17:54 GMT
Task Type Bug Report
Category Packages: Extra
Status Closed
Assigned To Sébastien Luttringer (seblu)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 1
Private No

Details

Description: bind-tools 9.11.0-1 can't use dig on Windows 2008r2 servers.


Additional info:
* package version(s)
bind-tools 9.11.0-1

* config and/or log files etc.


Steps to reproduce:
With bind-tools 9.10.4.P3 dig agains Windows 2008r2 servers return fine:
$ dig intel.com

; <<>> DiG 9.10.4-P3 <<>> intel.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26208
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;intel.com. IN A

;; ANSWER SECTION:
intel.com. 155 IN A 198.175.116.54

;; Query time: 35 msec
;; SERVER: 192.168.0.10#53(192.168.0.10)
;; WHEN: Tue Oct 11 13:23:24 CDT 2016
;; MSG SIZE rcvd: 54



With 9.11.0 I get a FORMERR and no response
$ dig intel.com

; <<>> DiG 9.11.0 <<>> intel.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: FORMERR, id: 24576
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 973647f16af7b566 (echoed)
;; QUESTION SECTION:
;intel.com. IN A

;; Query time: 0 msec
;; SERVER: 192.168.0.10#53(192.168.0.10)
;; WHEN: Tue Oct 11 13:24:29 CDT 2016
;; MSG SIZE rcvd: 50


Turning edns off in the query works fine.
$ dig +noedns intel.com

; <<>> DiG 9.11.0 <<>> +noedns intel.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21326
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;intel.com. IN A

;; ANSWER SECTION:
intel.com. 53 IN A 198.175.116.54

;; Query time: 0 msec
;; SERVER: 192.168.0.10#53(192.168.0.10)
;; WHEN: Tue Oct 11 13:25:07 CDT 2016
;; MSG SIZE rcvd: 43

Using 9.11.0 against a 2012r2 server is fine as well without having to disable edns in the query.
$ dig intel.com @192.168.0.11

; <<>> DiG 9.11.0 <<>> intel.com @192.168.0.11
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43001
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
; COOKIE: 3d7205bebaf7285a (echoed)
;; QUESTION SECTION:
;intel.com. IN A

;; ANSWER SECTION:
intel.com. 241 IN A 198.175.116.54

;; Query time: 57 msec
;; SERVER: 192.168.0.11#53(192.168.0.11)
;; WHEN: Tue Oct 11 13:27:11 CDT 2016
;; MSG SIZE rcvd: 66


One thing I noticed is in 9.11.0 the EDNS line is has udp size 4096 where 9.10.4 used 4000.
Also the 2012r2 server is using size 4000 with 9.11.0.
This task depends upon

Closed by  Sébastien Luttringer (seblu)
Thursday, 03 November 2016, 17:54 GMT
Reason for closing:  Deferred
Comment by Sébastien Luttringer (seblu) - Monday, 17 October 2016, 22:45 GMT
And so?
Comment by Cade Robinson (cade.robinson) - Tuesday, 18 October 2016, 00:00 GMT
"on" is probably bad terminology. Meant "against" I guess.
I can't use dig to get any DNS info from a 2008r2 server. Should this be reported upstream rather than here?
Comment by Sébastien Luttringer (seblu) - Thursday, 03 November 2016, 17:52 GMT
yes please.

Loading...