zdns cannot connect to loopback resolvers without also specifying a loopback local-addr
paul-pearce opened this issue · 2 comments
zdns will attempt to connect to loopback using a non-loopback IP if you don't either manually specify local-addr or interface=lo. This is due to selecting a random address from gc.LocalAddrs, which by default is only populated with non-loopback IPs. This results in attempting to dial a connection from non-loopback->loopback, which fails.
This is especially problematic in environments where a loopback resolver exists and no arguments are specified, as it auto detects a loopback resolver but not a loopback source IP.
See the following output.
$:~/zdns$ echo example.com | ./zdns A --verbosity=5 --timeout=1 --retries=0
INFO[0000] No name servers specified. will use: 127.0.0.53:53
DEBU[0000] THREADID 000005,DEPTH 01: [****WIRE LOOKUP*** A example.com 127.0.0.53:53]
INFO[0001] Err is: read udp 67.x.x.x:36916: i/o timeout
{"data":{"protocol":"udp","resolver":"127.0.0.53:53"},"name":"example.com","status":"TIMEOUT","timestamp":"2023-06-29T11:31:38-07:00"}
$:~/zdns$ echo example.com | ./zdns A --verbosity=5 --timeout=1 --retries=0 --local-interface=lo
INFO[0000] No name servers specified. will use: 127.0.0.53:53
INFO[0000] using local interface: 0xc24d10
DEBU[0000] THREADID 000003,DEPTH 01: [****WIRE LOOKUP*** A example.com 127.0.0.53:53]
INFO[0000] Err is: <nil>
{"data":{"additionals":[{"flags":"","type":"EDNS0","udpsize":65494,"version":0}],"answers":[{"answer":"93.184.216.34","class":"IN","name":"example.com","ttl":6634,"type":"A"}],"protocol":"udp","resolver":"127.0.0.53:53"},"name":"example.com","status":"NOERROR","timestamp":"2023-06-29T11:31:45-07:00"}
$:~/zdns$ echo example.com | ./zdns A --verbosity=5 --timeout=1 --retries=0 --local-addr=127.0.0.1
INFO[0000] No name servers specified. will use: 127.0.0.53:53
INFO[0000] using local address: 0xc24d00
DEBU[0000] THREADID 000005,DEPTH 01: [****WIRE LOOKUP*** A example.com 127.0.0.53:53]
INFO[0000] Err is: <nil>
{"data":{"additionals":[{"flags":"","type":"EDNS0","udpsize":65494,"version":0}],"answers":[{"answer":"93.184.216.34","class":"IN","name":"example.com","ttl":6624,"type":"A"}],"protocol":"udp","resolver":"127.0.0.53:53"},"name":"example.com","status":"NOERROR","timestamp":"2023-06-29T11:31:54-07:00"}
Note I added the INFO logging above to identify the actual true error under the timeout... That's probably another bug.
It might be worth just stupidly patching if resolver is localhost then use localhost
Agreed. This could get complicated if there's a mix of resolvers, but I'm fine warning in that circumstance.