[dns-operations] Using IP_RECVERR/IPV6_RECVERR on resolver client sockets

[Mark Andrews]

The Linux kernel developers are idiots here.  The error *needs* to
make it through to the application so it can resend the dropped UDP
packet if it decides the error is transient or not. The kernel doesn’t
do resends for UDP the application does.  The decision about whether to
treat this as transient or permanent is for the application to decide. 

> On 9 Jan 2019, at 12:58 am, Florian Weimer <fweimer at redhat.com> wrote:
> 
> Someone noticed that the Linux kernel only puts some networking-related
> errors on the socket error queue for connected UDP sockets:
> 
>  <https://sourceware.org/bugzilla/show_bug.cgi?id=24047>
> 
> The impact is that the UDP client doesn't notice that the network is
> unreachable even if there's an ICMP message (host-related ICMP messages
> are typically enqueued and cause a read error).  Instead, name servers
> are only switched after a timeout.
> 
> I looked at what other DNS clients are doing.  systemd-resolved appears
> the only one that uses IP_RECVERR or IPV6_RECVERR (curiously, setsockopt
> with IP_RECVERR succeeds on an AF_INET6 socket, but does not have any
> effect).
> 
> Is this just an oversight, or is there a deeper reason to ignore network
> errors (particularly in stub resolvers)?  An attacker could just spoof
> an ICMP message with a host error (e.g., port unreachable), so honoring
> more ICMP errors wouldn't introduce further DoS potential.
> 
> Thanks,
> Florian
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-operations mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka at isc.org