You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When the zone origin name contains captical letters, the zone becomes effectively unreachable to the file plugin (all queries are refused).
How to reproduce it (as minimally and precisely as possible):
Using the following zone file (A.txt):
A. 500 IN SOA mname.com. rname.com. 3 604800 86400 2419200 604800
A. 500 IN NS b.
and this Corefile:
A.:1053 {
header {
response set ra
}
file A.txt
}
Response for querying <A., SOA> (I've included the startup message to show that the zone is in fact loaded):
root@e10adfbeed3f:/v# ./coredns &
[1] 308
root@e10adfbeed3f:/v# A.:1053
CoreDNS-1.11.1
linux/arm64, go1.21.5, 45923b6e
root@e10adfbeed3f:/v# dig @127.0.0.1 -p 1053 A. SOA
;<<>> DiG 9.18.24-1-Debian <<>> @127.0.0.1 -p 1053 A. SOA; (1 server found);; global options: +cmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 54145;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1;; WARNING: recursion requested but not available;; OPT PSEUDOSECTION:; EDNS: version: 0, flags:; udp: 1232; COOKIE: 50b9232afd8f25d3 (echoed);; QUESTION SECTION:;A. IN SOA;; Query time: 0 msec;; SERVER: 127.0.0.1#1053(127.0.0.1) (UDP);; WHEN: Sun Apr 21 06:50:14 UTC 2024;; MSG SIZE rcvd: 42
What you expected to happen:
The query should not be refused, and the response should contain the A. SOA record as the answer.
Anything else we need to know?:
Environment:
the version of CoreDNS: CoreDNS-1.11.1, linux/arm64, go1.21.5, 45923b6e
Corefile: given above.
OS: this uses the docker environment from "Compilation with Docker".
Others:
As far as I am concerned, domain names that contain upper-case letters are perfectly legal (albeit maybe rare in practice?), so it feels wrong to see REFUSED here.
I dug around a bit for the cause of this. Apparently CoreDNS lowers all domain names internally. However, while the zone file parser does normalize domain names to be lower-case, the original zone "site" (as referred to by Config in dnsserver/config.go) in the configs is still unchanged. At the zone selection, the query name is first lowercased, and then compared against the unchanged zone sites, which makes the zone unreachable.
P.S. The same zone file is accepted by bind9, and it does answer the <A., SOA> query.
The text was updated successfully, but these errors were encountered:
What happened:
When the zone origin name contains captical letters, the zone becomes effectively unreachable to the
fileplugin (all queries are refused).How to reproduce it (as minimally and precisely as possible):
Using the following zone file (
A.txt):and this Corefile:
A.:1053 { header { response set ra } file A.txt }Response for querying
<A., SOA>(I've included the startup message to show that the zone is in fact loaded):What you expected to happen:
The query should not be refused, and the response should contain the
A. SOArecord as the answer.Anything else we need to know?:
Environment:
CoreDNS-1.11.1, linux/arm64, go1.21.5, 45923b6eAs far as I am concerned, domain names that contain upper-case letters are perfectly legal (albeit maybe rare in practice?), so it feels wrong to see
REFUSEDhere.I dug around a bit for the cause of this. Apparently CoreDNS lowers all domain names internally. However, while the zone file parser does normalize domain names to be lower-case, the original zone "site" (as referred to by
Configindnsserver/config.go) in the configs is still unchanged. At the zone selection, the query name is first lowercased, and then compared against the unchanged zone sites, which makes the zone unreachable.P.S. The same zone file is accepted by bind9, and it does answer the
<A., SOA>query.The text was updated successfully, but these errors were encountered: