ndb/dns: request recursion only for local dns servers
we used to set RD flag in requests unconditionally, which is fine by the standard but some dns server administrators seem to use it as a denial of service indicator (for ther non recursive authoritative nameservers) and ignore the request. so only set the RD flag when talking to local dns servers.
This commit is contained in:
cinap_lenrek
parent
eb6a4fc1a4
commit
a494cc74ad
1 changed files with 9 additions and 3 deletions
|
|
@ -1326,16 +1326,22 @@ tcpquery(Query *qp, DNSmsg *mp, int depth, uchar *ibuf, uchar *obuf, int len,
|
|||
static int
|
||||
queryns(Query *qp, int depth, uchar *ibuf, uchar *obuf, ulong waitms, int inns)
|
||||
{
|
||||
int ndest, len, replywaits, rv;
|
||||
int ndest, len, replywaits, rv, flag;
|
||||
ushort req;
|
||||
uvlong endms;
|
||||
char buf[32];
|
||||
uchar srcip[IPaddrlen];
|
||||
Dest *p, *np, dest[Maxdest];
|
||||
|
||||
/* pack request into a udp message */
|
||||
req = rand();
|
||||
len = mkreq(qp->dp, qp->type, obuf, Frecurse|Oquery, req);
|
||||
|
||||
/* request recursion only for local dns servers */
|
||||
flag = Oquery;
|
||||
if(strncmp(qp->nsrp->owner->name, "local#", 6) == 0)
|
||||
flag |= Frecurse;
|
||||
|
||||
/* pack request into a udp message */
|
||||
len = mkreq(qp->dp, qp->type, obuf, flag, req);
|
||||
|
||||
/* no server addresses yet */
|
||||
memset(dest, 0, sizeof dest);
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue