Misc #18157
closedWeird resolving behaviour
Description
I need to get TXT records for domain qmc.kz
. As far as I understand the nameservers for the domain are ns1.hoster.kz.
, ns2.hoster.kz.
and ns3.hoster.kz.
:
$ dig ns qmc.kz
; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> ns qmc.kz
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51732
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;qmc.kz. IN NS
;; ANSWER SECTION:
qmc.kz. 3600 IN NS ns2.hoster.kz.
qmc.kz. 3600 IN NS ns3.hoster.kz.
qmc.kz. 3600 IN NS ns1.hoster.kz.
;; Query time: 240 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Thu Sep 09 12:59:58 +07 2021
;; MSG SIZE rcvd: 96
I can get required records using dig
:
$ dig txt qmc.kz @ns1.hoster.kz.
; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> txt qmc.kz @ns1.hoster.kz.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49918
;; flags: qr aa rd; QUERY: 1, ANSWER: 5, AUTHORITY: 3, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 5381a01e42eb0faf010000006139a37b909696e4de36b1b8 (good)
;; QUESTION SECTION:
;qmc.kz. IN TXT
;; ANSWER SECTION:
qmc.kz. 3600 IN TXT "mailru-verification: 811c66f7dca24bbe"
qmc.kz. 3600 IN TXT "google-site-verification=ag5aCNvglCNQ7VZyskRRxicBgdhcYsTECJLtEll41Rk"
qmc.kz. 3600 IN TXT "v=DKIM1;k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDv9m815JDZENyfbWhxGazaezQ8jn4nCc1Z6eMJ/WXXbHz1wiYDpu6E6KG1huVZZxJ1pT3hzZa1Phe0tWGPDUyHN4prxGwxCTVBLn0R6aSum9ZIvgyeBAod8ZVr4i9euoouBdqUQ3iuinVYRCj1OOj4PQ6ttJ9Hr0ZxyYqHotv9hQIDAQAB"
qmc.kz. 3600 IN TXT "update_dns_zone"
qmc.kz. 3600 IN TXT "v=spf1 redirect=_spf.yandex.net"
;; AUTHORITY SECTION:
qmc.kz. 3600 IN NS ns2.hoster.kz.
qmc.kz. 3600 IN NS ns3.hoster.kz.
qmc.kz. 3600 IN NS ns1.hoster.kz.
;; Query time: 123 msec
;; SERVER: 185.116.195.38#53(185.116.195.38)
;; WHEN: Thu Sep 09 13:02:35 +07 2021
;; MSG SIZE rcvd: 574
Here is how I try to get the same records in ruby:
require 'resolv'
Resolv::DNS.new(nameserver: 'ns1.hoster.kz.').getresources('qmc.kz', Resolv::DNS::Resource::IN::TXT)
and it produces the following error:
/usr/local/lib/ruby/3.0.0/resolv.rb:892:in `initialize': Connection refused - connect(2) for "ns1.hoster.kz." port 53 (Errno::ECONNREFUSED)
from /usr/local/lib/ruby/3.0.0/resolv.rb:892:in `new'
from /usr/local/lib/ruby/3.0.0/resolv.rb:892:in `initialize'
from /usr/local/lib/ruby/3.0.0/resolv.rb:569:in `new'
from /usr/local/lib/ruby/3.0.0/resolv.rb:569:in `make_tcp_requester'
from /usr/local/lib/ruby/3.0.0/resolv.rb:537:in `block in fetch_resource'
from /usr/local/lib/ruby/3.0.0/resolv.rb:1125:in `block (3 levels) in resolv'
from /usr/local/lib/ruby/3.0.0/resolv.rb:1123:in `each'
from /usr/local/lib/ruby/3.0.0/resolv.rb:1123:in `block (2 levels) in resolv'
from /usr/local/lib/ruby/3.0.0/resolv.rb:1122:in `each'
from /usr/local/lib/ruby/3.0.0/resolv.rb:1122:in `block in resolv'
from /usr/local/lib/ruby/3.0.0/resolv.rb:1120:in `each'
from /usr/local/lib/ruby/3.0.0/resolv.rb:1120:in `resolv'
from /usr/local/lib/ruby/3.0.0/resolv.rb:521:in `fetch_resource'
from /usr/local/lib/ruby/3.0.0/resolv.rb:507:in `each_resource'
from /usr/local/lib/ruby/3.0.0/resolv.rb:498:in `getresources'
from (irb):6:in `<main>'
... 3 levels...
The same error if I try using the IP address of the nameserver (just in case ns1.hoster.kz.
points to 185.116.195.38
).
After some research of resolv.rb
I figured out that the requests to nameservers could be UDP (by default) or TCP.
I also tried TCP request with dig
:
$ dig +tcp txt qmc.kz @ns1.hoster.kz.
;; Connection to 185.116.195.38#53(185.116.195.38) for qmc.kz failed: connection refused.
But I can get the same records using TCP for example from Google's or Cloudflare's DNS servers:
dig +tcp txt qmc.kz @1.1.1.1
; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> +tcp txt qmc.kz @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11124
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;qmc.kz. IN TXT
;; ANSWER SECTION:
qmc.kz. 3600 IN TXT "update_dns_zone"
qmc.kz. 3600 IN TXT "v=spf1 redirect=_spf.yandex.net"
qmc.kz. 3600 IN TXT "mailru-verification: 811c66f7dca24bbe"
qmc.kz. 3600 IN TXT "google-site-verification=ag5aCNvglCNQ7VZyskRRxicBgdhcYsTECJLtEll41Rk"
qmc.kz. 3600 IN TXT "v=DKIM1;k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDv9m815JDZENyfbWhxGazaezQ8jn4nCc1Z6eMJ/WXXbHz1wiYDpu6E6KG1huVZZxJ1pT3hzZa1Phe0tWGPDUyHN4prxGwxCTVBLn0R6aSum9ZIvgyeBAod8ZVr4i9euoouBdqUQ3iuinVYRCj1OOj4PQ6ttJ9Hr0ZxyYqHotv9hQIDAQAB"
;; Query time: 192 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Thu Sep 09 13:14:30 +07 2021
;; MSG SIZE rcvd: 483
And the last point I can get these record in Ruby also using Cloudflare's DNS:
Resolv::DNS.new(nameserver: '1.1.1.1').getresources('qmc.kz', Resolv::DNS::Resource::IN::TXT)
gives
[#<Resolv::DNS::Resource::IN::TXT:0x000055cf55865db0 @strings=["google-site-verification=ag5aCNvglCNQ7VZyskRRxicBgdhcYsTECJLtEll41Rk"], @ttl=3600>,
#<Resolv::DNS::Resource::IN::TXT:0x000055cf55865720
@strings=
["v=DKIM1;k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDv9m815JDZENyfbWhxGazaezQ8jn4nCc1Z6eMJ/WXXbHz1wiYDpu6E6KG1huVZZxJ1pT3hzZa1Phe0tWGPDUyHN4prxGwxCTVBLn0R6aSum9ZIvgyeBAod8ZVr4i9euoouBdqUQ3iuinVYRCj1OOj4PQ6ttJ9Hr0ZxyYqHotv9hQIDAQAB"],
@ttl=3600>,
#<Resolv::DNS::Resource::IN::TXT:0x000055cf55865180 @strings=["update_dns_zone"], @ttl=3600>,
#<Resolv::DNS::Resource::IN::TXT:0x000055cf558642d0 @strings=["v=spf1 redirect=_spf.yandex.net"], @ttl=3600>,
#<Resolv::DNS::Resource::IN::TXT:0x000055cf5585b130 @strings=["mailru-verification: 811c66f7dca24bbe"], @ttl=3600>]
Do I miss something? Is there issues at nameserver or should Ruby handle this case somehow?
Updated by evserykh (Evgeniy Serykh) over 3 years ago
- Tracker changed from Bug to Misc
- ruby -v deleted (
ruby 3.0.2p107 (2021-07-07 revision 0db68f0233) [x86_64-linux]) - Backport deleted (
2.6: UNKNOWN, 2.7: UNKNOWN, 3.0: UNKNOWN)
UPD Nevermind. I've read DNS docs and it seems that a DNS server sends a flag that indicates an answer was truncated and a client should use TCP connection for getting full info. It seems unfortunately I use the server that doesn't support TCP connection somehow. The task can be closed I guess
Updated by jeremyevans0 (Jeremy Evans) over 3 years ago
- Status changed from Open to Closed