Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DNS响应超过512B导致某些操作系统nslookup查询失败 #1417

Closed
4 tasks done
yvvw opened this issue Jan 29, 2024 · 2 comments
Closed
4 tasks done

DNS响应超过512B导致某些操作系统nslookup查询失败 #1417

yvvw opened this issue Jan 29, 2024 · 2 comments
Labels
bug Something isn't working

Comments

@yvvw
Copy link

yvvw commented Jan 29, 2024

Operating system

Linux

System version

openwrt linux 5.15

Installation type

Original sing-box Command Line

If you are using a graphical client, please provide the version of the client.

No response

Version

sing-box version 1.8.4

Description

在使用sing-box udp dns查询过程中,当响应体超过512B时,某些操作系统(例如openwrt)使用nslookup程序查询dns会返回解析错误。在 #991 中已经提到相关问题,但当时只看到了现象不明确原因,后来issue被搁置了,在这边重开一个,之前的已经关掉了

使用下面复现步骤对512.size.dns.netmeister.org进行查询(这个域名无意义,仅作为测试使用,实际情况可以用cn-beijing-data.aliyundrive.net进行测试)

我尝试修改源码,截取部分dns响应结果,可以正确解析
image

在不使用sing-box情况下,直接进行dns查询,即便响应体超过512B也不会出错

~$ nslookup 512.size.dns.netmeister.org
Server:         127.0.0.1
Address:        127.0.0.1:53

Non-authoritative answer:

Non-authoritative answer:
Name:   512.size.dns.netmeister.org
Address: 127.0.0.17
Name:   512.size.dns.netmeister.org
Address: 127.0.0.10
Name:   512.size.dns.netmeister.org
Address: 127.0.0.18
Name:   512.size.dns.netmeister.org
Address: 127.0.0.22
Name:   512.size.dns.netmeister.org
Address: 127.0.0.24
Name:   512.size.dns.netmeister.org
Address: 127.0.0.2
Name:   512.size.dns.netmeister.org
Address: 127.0.0.4
Name:   512.size.dns.netmeister.org
Address: 127.0.0.12
Name:   512.size.dns.netmeister.org
Address: 127.0.0.19
Name:   512.size.dns.netmeister.org
Address: 127.0.0.26
Name:   512.size.dns.netmeister.org
Address: 127.0.0.0
Name:   512.size.dns.netmeister.org
Address: 127.0.0.16
Name:   512.size.dns.netmeister.org
Address: 127.0.0.9
Name:   512.size.dns.netmeister.org
Address: 127.0.0.6
Name:   512.size.dns.netmeister.org
Address: 127.0.0.8
Name:   512.size.dns.netmeister.org
Address: 127.0.0.1
Name:   512.size.dns.netmeister.org
Address: 127.0.0.15
Name:   512.size.dns.netmeister.org
Address: 127.0.0.3
Name:   512.size.dns.netmeister.org
Address: 127.0.0.21
Name:   512.size.dns.netmeister.org
Address: 127.0.0.5
Name:   512.size.dns.netmeister.org
Address: 127.0.0.20
Name:   512.size.dns.netmeister.org
Address: 127.0.0.25
Name:   512.size.dns.netmeister.org
Address: 127.0.0.14
Name:   512.size.dns.netmeister.org
Address: 127.0.0.7
Name:   512.size.dns.netmeister.org
Address: 127.0.0.11
Name:   512.size.dns.netmeister.org
Address: 127.0.0.23
Name:   512.size.dns.netmeister.org
Address: 127.0.0.13
Name:   512.size.dns.netmeister.org
Address: 127.0.0.27

总结一下,不使用sing-box对512.size.dns.netmeister.org进行查询能够解析,使用sing-box对512.size.dns.netmeister.org进行查询不能解析,修改代码截取部分响应也可以解析。不过查资料对不能解析的定位又是“响应体超过512B”的原因,猜测直接响应和sing-box解析重构的响应有某些参数差别导致一个被接受一个不被接受。以我目前的知识储备不足以弄清楚这个问题,想请教下这个问题算不算sing-box的bug

相关参考资料

Reproduction

使用此配置运行sing-box,在linux中用nslookup 512.size.dns.netmeister.org 127.0.0.1:1053进行dns查询,返回解析错误

{
  "log": {
    "level": "trace"
  },
  "inbounds": [
    {
      "tag": "in-dns",
      "type": "direct",
      "listen": "::",
      "listen_port": 1053
    }
  ],
  "outbounds": [
    {
      "tag": "out-direct",
      "type": "direct"
    },
    {
      "tag": "out-dns",
      "type": "dns"
    }
  ],
  "dns": {
    "servers": [
      {
        "tag": "dns-direct",
        "detour": "out-direct",
        "address": "223.5.5.5"
      }
    ],
    "final": "dns-direct",
    "strategy": "ipv4_only"
  },
  "route": {
    "rules": [
      {
        "inbound": "in-dns",
        "outbound": "out-dns"
      }
    ],
    "final": "out-direct"
  }
}

Logs

sing_box_cmd_sing_box.exe -- run -c config.json
API server listening at: 127.0.0.1:60515
INFO[0000] router: updated default interface 以太网, index 14
INFO[0000] inbound/direct[in-dns]: tcp server started at [::]:1053
INFO[0000] inbound/direct[in-dns]: udp server started at [::]:1053
INFO[0000] sing-box started (0.00s)
INFO[0049] [3977101170 0ms] inbound/direct[in-dns]: inbound packet connection from 192.168.2.1:41974
DEBUG[0049] [3977101170 0ms] router: match[0] inbound=in-dns => out-dns
DEBUG[0049] dns: exchange 512.size.dns.netmeister.org. IN A
DEBUG[0049] dns: exchange 512.size.dns.netmeister.org. IN AAAA
INFO[0049] outbound/direct[out-direct]: outbound packet connection to 223.5.5.5:53
DEBUG[0049] dns: strategy rejected
DEBUG[0051] dns: exchanged 512.size.dns.netmeister.org NOERROR 300
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.9 
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.25
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.26
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.10
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.13
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.21
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.23
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.0
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.15
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.8
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.3
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.22
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.17
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.1
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.11
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.2
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.16
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.7
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.20
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.14
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.5
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.27
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.12
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.24
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.6
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.4
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.18
INFO[0051] dns: exchanged 512.size.dns.netmeister.org A 512.size.dns.netmeister.org. 300 IN A 127.0.0.19
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.9
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.25
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.26
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.10
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.13
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.21
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.23
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.0
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.15
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.8
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.3
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.22
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.17
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.1
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.11
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.2
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.16
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.7
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.20
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.14
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.5
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.27
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.12
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.24
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.6
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.4
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.18
INFO[0051] dns: exchanged 512.size.dns.netmeister.org. A 512.size.dns.netmeister.org. 300 IN A 127.0.0.19
DEBUG[0061] [3530836790 11.91s] inbound/direct[in-dns]: connection closed: io: read/write on closed pipe | upstream: context canceled

Integrity requirements

  • I confirm that I have read the documentation, understand the meaning of all the configuration items I wrote, and did not pile up seemingly useful options or default values.
  • I confirm that I have provided the server and client configuration files and process that can be reproduced locally, instead of a complicated client configuration file that has been stripped of sensitive data.
  • I confirm that I have provided the simplest configuration that can be used to reproduce the error I reported, instead of depending on remote servers, TUN, graphical interface clients, or other closed-source software.
  • I confirm that I have provided the complete configuration files and logs, rather than just providing parts I think are useful out of confidence in my own intelligence.
@yvvw yvvw mentioned this issue Jan 29, 2024
Closed
@nekohasekai nekohasekai added the bug Something isn't working label Feb 1, 2024
@nekohasekai
Copy link
Member

Try 17aebc5

@yvvw
Copy link
Author

yvvw commented Feb 1, 2024

Try 17aebc5

@nekohasekai 可以了

@mm11253 mm11253 mentioned this issue Feb 23, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@yvvw @nekohasekai