Comments (10)
I just spent like an hour trying to debug this before I found this issue... time to find a new dns provider I guess...
from dns.
I received an e-mail from Cloudflare on March 23, 2018 stating that they have fixed this issue on their DNS servers.
from dns.
That seems likely. I wonder if this is something that requires an entry through dnsmasq. @bowei @MrHohn thoughts?
from dns.
Returning RCODE=0 means success. Some DNS implementations interpret this as "the binding exists, but there are no addresses for the queried type". Cloudflare should really return RCODE=3 (NXDOMAIN) in this case.
from dns.
Cloudflare has responded to this issue after investigating it for almost a month. They're not going to fix their DNS anytime soon: it appears that they rely on this kind of functionality internally (!), and they've determined it too risky to change.
I've since put in place a workaround whereby I do not use Cloudflare hosted domains in my DNS search list as circulated by DHCP. It's an inconvenience to specify FQDN where appropriate but one I can live with.
@bowei, do consider a workaround here in Kubernetes DNS, though I can appreciate why that might be unreasonable. I'd just hate others to hit this issue as it's not an easy problem to diagnose and isolate. I'll let you keep this issue open (for a workaround) or close it as appropriate.
from dns.
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale
.
Stale issues rot after an additional 30d of inactivity and eventually close.
Prevent issues from auto-closing with an /lifecycle frozen
comment.
If this issue is safe to close now please do so with /close
.
Send feedback to sig-testing, kubernetes/test-infra and/or @fejta
.
/lifecycle stale
from dns.
Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten
.
Rotten issues close after an additional 30d of inactivity.
If this issue is safe to close now please do so with /close
.
Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle rotten
/remove-lifecycle stale
from dns.
Just to make sure - is this DNS issue only applies to CloudFlare or can this be the case with other DNS providers as well?
from dns.
Returning RCODE=0 means success. Some DNS implementations interpret this as "the binding exists, but there are no addresses for the queried type". Cloudflare should really return RCODE=3 (NXDOMAIN) in this case.
Cloudflare seem to be following RFC2308 Section 2.2: https://tools.ietf.org/html/rfc2308#section-2.2
from dns.
Hello!
Yes, we just finished deployment for release which includes NODATA/NXDOMAIN improvement. For all DNSSEC disabled domains it should be correct now. For DNSSEC enabled domains we keep old behaviour because it required for our approach how we generate DNSSEC signatures.
Thank you!
from dns.
Related Issues (20)
- [Improvement] Add value compatibility for -upstreamsvc HOT 5
- [node-local dns] DNS requests intermittently receive refused response errors HOT 4
- Intermittent timed out accessing nodelocaldns HOT 2
- [NodeLocal DNS Cache] DNS requests not directed to the local cache HOT 2
- pull-kubernetes-dns-test broken at head HOT 2
- Several old CVE's still present on the latest k8s-dns-node-cache versions HOT 4
- Image for 1.22.27 missing HOT 3
- [node-local-dns] Query loss HOT 5
- CVE-2023-5363 and CVE-2023-5528 in 1.22.28 HOT 24
- k8s node-local-dns high slab memory consumption leading to OOM HOT 1
- 1.23.0 is missing from registry.k8s.io/dns/k8s-dns-node-cache HOT 2
- node-local-dns-cache DNS i/o timeout errors HOT 4
- "make build-amd64" got an error HOT 4
- LocalDNS support for CoreDNS file plugin HOT 2
- NodeLocal DNS Cache Intercepts all dns queiris HOT 9
- kube-dns doesn't expose service scoped dns names for pod IPs HOT 3
- Getting UnkownHostException from SpringBoot Microservice running on top of kubernetes HOT 2
- Latency/timeout from Kube DNS
- `node-local-dns` should support graceful shutdown with the `ready` plugin HOT 1
- IP table lock issues HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dns.