Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ecs+doh解析超时 error: dns: bad rdata #6

Open
unicser opened this issue Nov 22, 2023 · 5 comments
Open

ecs+doh解析超时 error: dns: bad rdata #6

unicser opened this issue Nov 22, 2023 · 5 comments

Comments

@unicser
Copy link

unicser commented Nov 22, 2023

版本:

cdns v0.0.2-beta.2-0-g4db8df2
plugin matcher: script, domain, geosite, ip, maxminddb
plugin executor: rdns, rediscache, script, ecs, ipset, memcache

配置文件:

log:
  level: debug

upstreams:
  - tag: DNSPOD
    type: https
    address: 120.53.53.53
    path: /dns-query

plugin-executors:
  - tag: ecs
    type: ecs
    args:
      ipv4: 115.192.128.0
      ipv6: 240e:390:602:5a90::0
      mask4: 24
      mask6: 60

workflows:
  - tag: main
    rules:
      - exec:
          - plugin:
              tag: ecs
          - upstream: DNSPOD
          - return

listeners:
  - tag: listener-udp
    type: udp
    listen: '[::]:5353'
    workflow: main

解析错误:

# dig a g.cn @localhost -p5353
;; communications error to ::1#5353: timed out
;; communications error to ::1#5353: timed out
;; communications error to ::1#5353: timed out
;; communications error to 127.0.0.1#5353: timed out

; <<>> DiG 9.18.11 <<>> a g.cn @localhost -p5353
;; global options: +cmd
;; no servers could be reached

日志:

[2023-11-22 03:12:47] [Info] [listener/listener-udp] [499009532 0ms] new request: IN A g.cn.
[2023-11-22 03:12:47] [Debug] [workflow/main] [499009532 0ms] rule[0] exec
[2023-11-22 03:12:47] [Debug] [workflow/main] [499009532 0ms] run exec[0]
[2023-11-22 03:12:47] [Debug] [plugin-executor/ecs] [499009532 0ms] add ecs: 115.192.128.0/24
[2023-11-22 03:12:47] [Debug] [workflow/main] [499009532 0ms] plugin: plugin executor [ecs]: continue
[2023-11-22 03:12:47] [Debug] [workflow/main] [499009532 0ms] run exec[1]
[2023-11-22 03:12:47] [Info] [upstream/DNSPOD] [499009532 0ms] exchange: IN A g.cn.
[2023-11-22 03:12:47] [Error] [upstream/DNSPOD] [499009532 13ms] exchange failed: IN A g.cn., error: dns: bad rdata
[2023-11-22 03:12:47] [Info] [upstream/DNSPOD] [499009532 13ms] exchange: IN A g.cn.
[2023-11-22 03:12:47] [Error] [upstream/DNSPOD] [499009532 26ms] exchange failed: IN A g.cn., error: dns: bad rdata
[2023-11-22 03:12:47] [Info] [upstream/DNSPOD] [499009532 26ms] exchange: IN A g.cn.
[2023-11-22 03:12:47] [Error] [upstream/DNSPOD] [499009532 39ms] exchange failed: IN A g.cn., error: dns: bad rdata
[2023-11-22 03:12:47] [Debug] [workflow/main] [499009532 39ms] upstream: upstream [DNSPOD] exchange failed: dns: bad rdata
[2023-11-22 03:12:47] [Error] [workflow/main] [499009532 39ms] run exec[1]: run failed: dns: bad rdata
[2023-11-22 03:12:47] [Error] [workflow/main] [499009532 39ms] rule[0] exec failed: dns: bad rdata
[2023-11-22 03:12:47] [Error] [listener/listener-udp] [499009532 39ms] handle request failed: IN A g.cn., error: dns: bad rdata
@0xffffharry
Copy link
Collaborator

0xffffharry commented Nov 23, 2023
edited
Loading

这似乎是 DNSPOD 端的问题,更换为 GoogleDNS 8.8.8.8 和 AliDNS 223.5.5.5 并没有问题

配置:

log:
  level: debug

upstreams:
  - tag: DNSPOD
    type: https
    address: 223.5.5.5

plugin-executors:
  - tag: ecs
    type: ecs
    args:
      ipv4: 115.192.128.0
      ipv6: 240e:390:602:5a90::0
      mask4: 24
      mask6: 60

workflows:
  - tag: main
    rules:
      - exec:
          - plugin:
              tag: ecs
          - upstream: DNSPOD
          - return

listeners:
  - tag: listener-udp
    type: udp
    listen: '[::]:5353'
    workflow: main

dig 结果:

***@***:***$ dig a g.cn @localhost -p5353

; <<>> DiG 9.16.1-Ubuntu <<>> a g.cn @localhost -p5353
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29427
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; CLIENT-SUBNET: 115.192.128.0/24/24
;; QUESTION SECTION:
;g.cn.                          IN      A

;; ANSWER SECTION:
g.cn.                   207     IN      A       220.181.174.162

;; Query time: 39 msec
;; SERVER: 127.0.0.1#5353(127.0.0.1)
;; WHEN: Thu Nov 23 11:29:14 CST 2023
;; MSG SIZE  rcvd: 64

日志:

[2023-11-23 11:28:49] [Info] [core] cdns unknown
[2023-11-23 11:28:49] [Info] [core] plugin matcher: maxminddb, script, domain, geosite, ip
[2023-11-23 11:28:49] [Info] [core] plugin executor: ecs, ipset, memcache, rdns, rediscache, script
[2023-11-23 11:28:49] [Info] [core] core is starting...
[2023-11-23 11:28:49] [Info] [listener/listener-udp] udp listener: listen [::]:5353
[2023-11-23 11:28:49] [Info] [core] core is started, cost: 0ms
[2023-11-23 11:28:51] [Info] [listener/listener-udp] [649012813 0ms] new request: IN A g.cn.
[2023-11-23 11:28:51] [Debug] [workflow/main] [649012813 0ms] rule[0] exec
[2023-11-23 11:28:51] [Debug] [workflow/main] [649012813 0ms] run exec[0]
[2023-11-23 11:28:51] [Debug] [plugin-executor/ecs] [649012813 0ms] add ecs: 115.192.128.0/24
[2023-11-23 11:28:51] [Debug] [workflow/main] [649012813 0ms] plugin: plugin executor [ecs]: continue
[2023-11-23 11:28:51] [Debug] [workflow/main] [649012813 0ms] run exec[1]
[2023-11-23 11:28:51] [Info] [upstream/DNSPOD] [649012813 0ms] exchange: IN A g.cn.
[2023-11-23 11:28:51] [Debug] [upstream/DNSPOD] new tcp connection
[2023-11-23 11:29:09] [Info] [upstream/DNSPOD] [649012813 17635ms] exchange success: IN A g.cn.
[2023-11-23 11:29:09] [Debug] [workflow/main] [649012813 17635ms] run exec[2]
[2023-11-23 11:29:09] [Debug] [workflow/main] [649012813 17635ms] return: return all
[2023-11-23 11:29:09] [Debug] [workflow/main] [649012813 17635ms] run exec[2]: return all
[2023-11-23 11:29:09] [Debug] [workflow/main] [649012813 17635ms] rule[0]: return all
[2023-11-23 11:29:09] [Info] [listener/listener-udp] [649012813 17635ms] handle request success: IN A g.cn.

@unicser
Copy link
Author

unicser commented Nov 23, 2023

但是去掉ecs解析正常

配置:

log:
  level: debug

upstreams:
  - tag: DNSPOD
    type: https
    address: 120.53.53.53
    path: /dns-query

workflows:
  - tag: main
    rules:
      - exec:
          - upstream: DNSPOD
          - return

listeners:
  - tag: listener-udp
    type: udp
    listen: '[::]:5353'
    workflow: main

dig解析:

# dig a g.cn @localhost -p5353                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                    
; <<>> DiG 9.18.11 <<>> a g.cn @localhost -p5353                                                                                                                                                                                                                    
;; global options: +cmd                                                                                                                                                                                                                                             
;; Got answer:                                                                                                                                                                                                                                                      
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5958                                                                                                                                                                                                            
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1                                                                                                                                                                                                
                                                                                                                                                                                                                                                                    
;; OPT PSEUDOSECTION:                                                                                                                                                                                                                                               
; EDNS: version: 0, flags:; udp: 1232                                                                                                                                                                                                                               
; COOKIE: 8305a2b984a1a553 (echoed)                                                                                                                                                                                                                                 
; PAD: (403 bytes)                                                                                                                                                                                                                                                  
;; QUESTION SECTION:                                                                                                                                                                                                                                                
;g.cn.                          IN      A

;; ANSWER SECTION:
g.cn.                   35      IN      A       180.163.151.34

;; Query time: 129 msec
;; SERVER: ::1#5353(localhost) (UDP)
;; WHEN: Thu Nov 23 21:22:10 CST 2023
;; MSG SIZE  rcvd: 472

日志:

[2023-11-23 13:22:10] [Info] [listener/listener-udp] [712816881 0ms] new request: IN A g.cn.
[2023-11-23 13:22:10] [Debug] [workflow/main] [712816881 0ms] rule[0] exec
[2023-11-23 13:22:10] [Debug] [workflow/main] [712816881 0ms] run exec[0]
[2023-11-23 13:22:10] [Info] [upstream/DNSPOD] [712816881 0ms] exchange: IN A g.cn.
[2023-11-23 13:22:10] [Debug] [upstream/DNSPOD] new tcp connection
[2023-11-23 13:22:10] [Info] [upstream/DNSPOD] [712816881 123ms] exchange success: IN A g.cn.
[2023-11-23 13:22:10] [Debug] [workflow/main] [712816881 124ms] run exec[1]
[2023-11-23 13:22:10] [Debug] [workflow/main] [712816881 124ms] return: return all
[2023-11-23 13:22:10] [Debug] [workflow/main] [712816881 124ms] run exec[1]: return all
[2023-11-23 13:22:10] [Debug] [workflow/main] [712816881 124ms] rule[0]: return all
[2023-11-23 13:22:10] [Info] [listener/listener-udp] [712816881 124ms] handle request success: IN A g.cn.

@0xffffharry
Copy link
Collaborator

0xffffharry commented Nov 23, 2023
edited
Loading

已修复错误,请尝试最新commit b75d685

目前已知问题:dig 会附加 EDNS Cookie 选项,似乎会导致与 EDNS ClientSubnet 冲突(DNSPOD),可使用 +nocookie 禁用

dig a g.cn @localhost -p5353 +nocookie

测试结果:

$ dig a g.cn @127.0.0.1 -p 5353 +nocookie

; <<>> DiG 9.16.1-Ubuntu <<>> a g.cn @127.0.0.1 -p 5353 +nocookie
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45044
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; CLIENT-SUBNET: 115.192.128.0/24/16
; PAD: (404 bytes)
;; QUESTION SECTION:
;g.cn.                          IN      A

;; ANSWER SECTION:
g.cn.                   300     IN      A       180.163.151.34

;; Query time: 199 msec
;; SERVER: 127.0.0.1#5353(127.0.0.1)
;; WHEN: Thu Nov 23 23:02:04 CST 2023
;; MSG SIZE  rcvd: 472

@unicser
Copy link
Author

unicser commented Nov 24, 2023

试了一下新的commit,如果首次dig请求不加+nocookie仍然出现超时,但如果首次请求加+nocookie则返回正常,再次请求即使不加+nocookie也正常。

首次请求不加+nocookie日志:

[2023-11-24 01:48:55] [Info] [listener/listener-udp] [356859713 0ms] new request: IN A g.cn.
[2023-11-24 01:48:55] [Debug] [workflow/main] [356859713 0ms] rule[0] exec
[2023-11-24 01:48:55] [Debug] [workflow/main] [356859713 0ms] run exec[0]
[2023-11-24 01:48:55] [Debug] [plugin-executor/ecs] [356859713 0ms] add ecs: 115.192.128.0/24
[2023-11-24 01:48:55] [Debug] [workflow/main] [356859713 0ms] plugin: plugin executor [ecs]: continue
[2023-11-24 01:48:55] [Debug] [workflow/main] [356859713 0ms] run exec[1]
[2023-11-24 01:48:55] [Info] [upstream/DNSPOD] [356859713 0ms] exchange: IN A g.cn.
[2023-11-24 01:48:55] [Error] [upstream/DNSPOD] [785091408 5013ms] exchange failed: IN A g.cn., error: invalid http response status code: 502
[2023-11-24 01:48:55] [Info] [upstream/DNSPOD] [785091408 5013ms] exchange: IN A g.cn.
[2023-11-24 01:48:55] [Error] [upstream/DNSPOD] [297057434 10028ms] exchange failed: IN A g.cn., error: invalid http response status code: 502
[2023-11-24 01:48:55] [Info] [upstream/DNSPOD] [297057434 10028ms] exchange: IN A g.cn.
[2023-11-24 01:49:00] [Error] [upstream/DNSPOD] [297057434 15006ms] exchange failed: IN A g.cn., error: send http request failed: Post "https://120.53.53.53/dns-query": context deadline exceeded
[2023-11-24 01:49:00] [Debug] [workflow/main] [297057434 15006ms] upstream: upstream [DNSPOD] exchange failed: context deadline exceeded
[2023-11-24 01:49:00] [Error] [workflow/main] [297057434 15007ms] run exec[1]: run failed: context deadline exceeded
[2023-11-24 01:49:00] [Error] [workflow/main] [297057434 15007ms] rule[0] exec failed: context deadline exceeded
[2023-11-24 01:49:00] [Error] [listener/listener-udp] [297057434 15007ms] handle request failed: IN A g.cn., error: context deadline exceeded
[2023-11-24 01:49:00] [Error] [upstream/DNSPOD] [356859713 5014ms] exchange failed: IN A g.cn., error: invalid http response status code: 502
[2023-11-24 01:49:00] [Info] [upstream/DNSPOD] [356859713 5014ms] exchange: IN A g.cn.
[2023-11-24 01:49:00] [Error] [upstream/DNSPOD] [785091408 10030ms] exchange failed: IN A g.cn., error: invalid http response status code: 502
[2023-11-24 01:49:00] [Info] [upstream/DNSPOD] [785091408 10030ms] exchange: IN A g.cn.
[2023-11-24 01:49:05] [Error] [upstream/DNSPOD] [785091408 15005ms] exchange failed: IN A g.cn., error: send http request failed: Post "https://120.53.53.53/dns-query": context deadline exceeded
[2023-11-24 01:49:05] [Debug] [workflow/main] [785091408 15006ms] upstream: upstream [DNSPOD] exchange failed: context deadline exceeded
[2023-11-24 01:49:05] [Error] [workflow/main] [785091408 15006ms] run exec[1]: run failed: context deadline exceeded
[2023-11-24 01:49:05] [Error] [workflow/main] [785091408 15006ms] rule[0] exec failed: context deadline exceeded
[2023-11-24 01:49:05] [Error] [listener/listener-udp] [785091408 15006ms] handle request failed: IN A g.cn., error: context deadline exceeded
[2023-11-24 01:49:05] [Error] [upstream/DNSPOD] [356859713 10038ms] exchange failed: IN A g.cn., error: invalid http response status code: 502
[2023-11-24 01:49:05] [Info] [upstream/DNSPOD] [356859713 10039ms] exchange: IN A g.cn.
[2023-11-24 01:49:10] [Error] [upstream/DNSPOD] [356859713 15005ms] exchange failed: IN A g.cn., error: send http request failed: Post "https://120.53.53.53/dns-query": context deadline exceeded
[2023-11-24 01:49:10] [Debug] [workflow/main] [356859713 15006ms] upstream: upstream [DNSPOD] exchange failed: context deadline exceeded
[2023-11-24 01:49:10] [Error] [workflow/main] [356859713 15006ms] run exec[1]: run failed: context deadline exceeded
[2023-11-24 01:49:10] [Error] [workflow/main] [356859713 15006ms] rule[0] exec failed: context deadline exceeded
[2023-11-24 01:49:10] [Error] [listener/listener-udp] [356859713 15006ms] handle request failed: IN A g.cn., error: context deadline exceeded

@0xffffharry
Copy link
Collaborator

试了一下新的commit,如果首次dig请求不加+nocookie仍然出现超时,但如果首次请求加+nocookie则返回正常,再次请求即使不加+nocookie也正常。

首次请求不加+nocookie日志:

[2023-11-24 01:48:55] [Info] [listener/listener-udp] [356859713 0ms] new request: IN A g.cn.
[2023-11-24 01:48:55] [Debug] [workflow/main] [356859713 0ms] rule[0] exec
[2023-11-24 01:48:55] [Debug] [workflow/main] [356859713 0ms] run exec[0]
[2023-11-24 01:48:55] [Debug] [plugin-executor/ecs] [356859713 0ms] add ecs: 115.192.128.0/24
[2023-11-24 01:48:55] [Debug] [workflow/main] [356859713 0ms] plugin: plugin executor [ecs]: continue
[2023-11-24 01:48:55] [Debug] [workflow/main] [356859713 0ms] run exec[1]
[2023-11-24 01:48:55] [Info] [upstream/DNSPOD] [356859713 0ms] exchange: IN A g.cn.
[2023-11-24 01:48:55] [Error] [upstream/DNSPOD] [785091408 5013ms] exchange failed: IN A g.cn., error: invalid http response status code: 502
[2023-11-24 01:48:55] [Info] [upstream/DNSPOD] [785091408 5013ms] exchange: IN A g.cn.
[2023-11-24 01:48:55] [Error] [upstream/DNSPOD] [297057434 10028ms] exchange failed: IN A g.cn., error: invalid http response status code: 502
[2023-11-24 01:48:55] [Info] [upstream/DNSPOD] [297057434 10028ms] exchange: IN A g.cn.
[2023-11-24 01:49:00] [Error] [upstream/DNSPOD] [297057434 15006ms] exchange failed: IN A g.cn., error: send http request failed: Post "https://120.53.53.53/dns-query": context deadline exceeded
[2023-11-24 01:49:00] [Debug] [workflow/main] [297057434 15006ms] upstream: upstream [DNSPOD] exchange failed: context deadline exceeded
[2023-11-24 01:49:00] [Error] [workflow/main] [297057434 15007ms] run exec[1]: run failed: context deadline exceeded
[2023-11-24 01:49:00] [Error] [workflow/main] [297057434 15007ms] rule[0] exec failed: context deadline exceeded
[2023-11-24 01:49:00] [Error] [listener/listener-udp] [297057434 15007ms] handle request failed: IN A g.cn., error: context deadline exceeded
[2023-11-24 01:49:00] [Error] [upstream/DNSPOD] [356859713 5014ms] exchange failed: IN A g.cn., error: invalid http response status code: 502
[2023-11-24 01:49:00] [Info] [upstream/DNSPOD] [356859713 5014ms] exchange: IN A g.cn.
[2023-11-24 01:49:00] [Error] [upstream/DNSPOD] [785091408 10030ms] exchange failed: IN A g.cn., error: invalid http response status code: 502
[2023-11-24 01:49:00] [Info] [upstream/DNSPOD] [785091408 10030ms] exchange: IN A g.cn.
[2023-11-24 01:49:05] [Error] [upstream/DNSPOD] [785091408 15005ms] exchange failed: IN A g.cn., error: send http request failed: Post "https://120.53.53.53/dns-query": context deadline exceeded
[2023-11-24 01:49:05] [Debug] [workflow/main] [785091408 15006ms] upstream: upstream [DNSPOD] exchange failed: context deadline exceeded
[2023-11-24 01:49:05] [Error] [workflow/main] [785091408 15006ms] run exec[1]: run failed: context deadline exceeded
[2023-11-24 01:49:05] [Error] [workflow/main] [785091408 15006ms] rule[0] exec failed: context deadline exceeded
[2023-11-24 01:49:05] [Error] [listener/listener-udp] [785091408 15006ms] handle request failed: IN A g.cn., error: context deadline exceeded
[2023-11-24 01:49:05] [Error] [upstream/DNSPOD] [356859713 10038ms] exchange failed: IN A g.cn., error: invalid http response status code: 502
[2023-11-24 01:49:05] [Info] [upstream/DNSPOD] [356859713 10039ms] exchange: IN A g.cn.
[2023-11-24 01:49:10] [Error] [upstream/DNSPOD] [356859713 15005ms] exchange failed: IN A g.cn., error: send http request failed: Post "https://120.53.53.53/dns-query": context deadline exceeded
[2023-11-24 01:49:10] [Debug] [workflow/main] [356859713 15006ms] upstream: upstream [DNSPOD] exchange failed: context deadline exceeded
[2023-11-24 01:49:10] [Error] [workflow/main] [356859713 15006ms] run exec[1]: run failed: context deadline exceeded
[2023-11-24 01:49:10] [Error] [workflow/main] [356859713 15006ms] rule[0] exec failed: context deadline exceeded
[2023-11-24 01:49:10] [Error] [listener/listener-udp] [356859713 15006ms] handle request failed: IN A g.cn., error: context deadline exceeded

无法复现,我这里正常

你可以尝试更换 DNS 服务器

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@unicser @0xffffharry