Project

General

Profile

Actions

Misc #18157

closed

Weird resolving behaviour

Added by evserykh (Evgeniy Serykh) over 3 years ago. Updated over 3 years ago.

Status:
Closed
Assignee:
-
[ruby-core:105184]

Description

I need to get TXT records for domain qmc.kz . As far as I understand the nameservers for the domain are ns1.hoster.kz. , ns2.hoster.kz. and ns3.hoster.kz.:

$ dig ns qmc.kz 

; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> ns qmc.kz
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51732
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;qmc.kz.                                IN      NS

;; ANSWER SECTION:
qmc.kz.                 3600    IN      NS      ns2.hoster.kz.
qmc.kz.                 3600    IN      NS      ns3.hoster.kz.
qmc.kz.                 3600    IN      NS      ns1.hoster.kz.

;; Query time: 240 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Thu Sep 09 12:59:58 +07 2021
;; MSG SIZE  rcvd: 96

I can get required records using dig:

$ dig txt qmc.kz @ns1.hoster.kz.

; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> txt qmc.kz @ns1.hoster.kz.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49918
;; flags: qr aa rd; QUERY: 1, ANSWER: 5, AUTHORITY: 3, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 5381a01e42eb0faf010000006139a37b909696e4de36b1b8 (good)
;; QUESTION SECTION:
;qmc.kz.                                IN      TXT

;; ANSWER SECTION:
qmc.kz.                 3600    IN      TXT     "mailru-verification: 811c66f7dca24bbe"
qmc.kz.                 3600    IN      TXT     "google-site-verification=ag5aCNvglCNQ7VZyskRRxicBgdhcYsTECJLtEll41Rk"
qmc.kz.                 3600    IN      TXT     "v=DKIM1;k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDv9m815JDZENyfbWhxGazaezQ8jn4nCc1Z6eMJ/WXXbHz1wiYDpu6E6KG1huVZZxJ1pT3hzZa1Phe0tWGPDUyHN4prxGwxCTVBLn0R6aSum9ZIvgyeBAod8ZVr4i9euoouBdqUQ3iuinVYRCj1OOj4PQ6ttJ9Hr0ZxyYqHotv9hQIDAQAB"
qmc.kz.                 3600    IN      TXT     "update_dns_zone"
qmc.kz.                 3600    IN      TXT     "v=spf1 redirect=_spf.yandex.net"

;; AUTHORITY SECTION:
qmc.kz.                 3600    IN      NS      ns2.hoster.kz.
qmc.kz.                 3600    IN      NS      ns3.hoster.kz.
qmc.kz.                 3600    IN      NS      ns1.hoster.kz.

;; Query time: 123 msec
;; SERVER: 185.116.195.38#53(185.116.195.38)
;; WHEN: Thu Sep 09 13:02:35 +07 2021
;; MSG SIZE  rcvd: 574

Here is how I try to get the same records in ruby:

require 'resolv'
Resolv::DNS.new(nameserver: 'ns1.hoster.kz.').getresources('qmc.kz', Resolv::DNS::Resource::IN::TXT)

and it produces the following error:

/usr/local/lib/ruby/3.0.0/resolv.rb:892:in `initialize': Connection refused - connect(2) for "ns1.hoster.kz." port 53 (Errno::ECONNREFUSED)
        from /usr/local/lib/ruby/3.0.0/resolv.rb:892:in `new'
        from /usr/local/lib/ruby/3.0.0/resolv.rb:892:in `initialize'
        from /usr/local/lib/ruby/3.0.0/resolv.rb:569:in `new'
        from /usr/local/lib/ruby/3.0.0/resolv.rb:569:in `make_tcp_requester'
        from /usr/local/lib/ruby/3.0.0/resolv.rb:537:in `block in fetch_resource'
        from /usr/local/lib/ruby/3.0.0/resolv.rb:1125:in `block (3 levels) in resolv'
        from /usr/local/lib/ruby/3.0.0/resolv.rb:1123:in `each'
        from /usr/local/lib/ruby/3.0.0/resolv.rb:1123:in `block (2 levels) in resolv'
        from /usr/local/lib/ruby/3.0.0/resolv.rb:1122:in `each'
        from /usr/local/lib/ruby/3.0.0/resolv.rb:1122:in `block in resolv'
        from /usr/local/lib/ruby/3.0.0/resolv.rb:1120:in `each'
        from /usr/local/lib/ruby/3.0.0/resolv.rb:1120:in `resolv'
        from /usr/local/lib/ruby/3.0.0/resolv.rb:521:in `fetch_resource'
        from /usr/local/lib/ruby/3.0.0/resolv.rb:507:in `each_resource'
        from /usr/local/lib/ruby/3.0.0/resolv.rb:498:in `getresources'
        from (irb):6:in `<main>'
        ... 3 levels...

The same error if I try using the IP address of the nameserver (just in case ns1.hoster.kz. points to 185.116.195.38).

After some research of resolv.rb I figured out that the requests to nameservers could be UDP (by default) or TCP.

I also tried TCP request with dig:

$ dig +tcp txt qmc.kz @ns1.hoster.kz.
;; Connection to 185.116.195.38#53(185.116.195.38) for qmc.kz failed: connection refused.

But I can get the same records using TCP for example from Google's or Cloudflare's DNS servers:

dig +tcp txt qmc.kz @1.1.1.1

; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> +tcp txt qmc.kz @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11124
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;qmc.kz.                                IN      TXT

;; ANSWER SECTION:
qmc.kz.                 3600    IN      TXT     "update_dns_zone"
qmc.kz.                 3600    IN      TXT     "v=spf1 redirect=_spf.yandex.net"
qmc.kz.                 3600    IN      TXT     "mailru-verification: 811c66f7dca24bbe"
qmc.kz.                 3600    IN      TXT     "google-site-verification=ag5aCNvglCNQ7VZyskRRxicBgdhcYsTECJLtEll41Rk"
qmc.kz.                 3600    IN      TXT     "v=DKIM1;k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDv9m815JDZENyfbWhxGazaezQ8jn4nCc1Z6eMJ/WXXbHz1wiYDpu6E6KG1huVZZxJ1pT3hzZa1Phe0tWGPDUyHN4prxGwxCTVBLn0R6aSum9ZIvgyeBAod8ZVr4i9euoouBdqUQ3iuinVYRCj1OOj4PQ6ttJ9Hr0ZxyYqHotv9hQIDAQAB"

;; Query time: 192 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Thu Sep 09 13:14:30 +07 2021
;; MSG SIZE  rcvd: 483

And the last point I can get these record in Ruby also using Cloudflare's DNS:

Resolv::DNS.new(nameserver: '1.1.1.1').getresources('qmc.kz', Resolv::DNS::Resource::IN::TXT)

gives

[#<Resolv::DNS::Resource::IN::TXT:0x000055cf55865db0 @strings=["google-site-verification=ag5aCNvglCNQ7VZyskRRxicBgdhcYsTECJLtEll41Rk"], @ttl=3600>,
 #<Resolv::DNS::Resource::IN::TXT:0x000055cf55865720
  @strings=
   ["v=DKIM1;k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDv9m815JDZENyfbWhxGazaezQ8jn4nCc1Z6eMJ/WXXbHz1wiYDpu6E6KG1huVZZxJ1pT3hzZa1Phe0tWGPDUyHN4prxGwxCTVBLn0R6aSum9ZIvgyeBAod8ZVr4i9euoouBdqUQ3iuinVYRCj1OOj4PQ6ttJ9Hr0ZxyYqHotv9hQIDAQAB"],
  @ttl=3600>,
 #<Resolv::DNS::Resource::IN::TXT:0x000055cf55865180 @strings=["update_dns_zone"], @ttl=3600>,
 #<Resolv::DNS::Resource::IN::TXT:0x000055cf558642d0 @strings=["v=spf1 redirect=_spf.yandex.net"], @ttl=3600>,
 #<Resolv::DNS::Resource::IN::TXT:0x000055cf5585b130 @strings=["mailru-verification: 811c66f7dca24bbe"], @ttl=3600>]

Do I miss something? Is there issues at nameserver or should Ruby handle this case somehow?

Updated by evserykh (Evgeniy Serykh) over 3 years ago

  • Tracker changed from Bug to Misc
  • ruby -v deleted (ruby 3.0.2p107 (2021-07-07 revision 0db68f0233) [x86_64-linux])
  • Backport deleted (2.6: UNKNOWN, 2.7: UNKNOWN, 3.0: UNKNOWN)

UPD Nevermind. I've read DNS docs and it seems that a DNS server sends a flag that indicates an answer was truncated and a client should use TCP connection for getting full info. It seems unfortunately I use the server that doesn't support TCP connection somehow. The task can be closed I guess

Actions #2

Updated by jeremyevans0 (Jeremy Evans) over 3 years ago

  • Status changed from Open to Closed
Actions

Also available in: Atom PDF

Like0
Like0Like0