Commit 0b748e0e authored by Vladimír Čunát's avatar Vladimír Čunát

dns64: improve with policy.FORWARD or .STUB

Clearing the query flags lead to kresd iterating over authoritative
servers.  Related: https://gitlab.labs.nic.cz/knot/resolver/issues/217

Note that validation of synthesised AAAA behind a CNAME doesn't work
when policy.FORWARD + dns64.  Example: www.regiojet.cz.
policy.STUB + dns64 seems not to work at all.
parent 41b2544a
......@@ -53,8 +53,11 @@ mod.layer = {
else -- Observe AAAA NODATA responses
local is_nodata = (pkt:rcode() == kres.rcode.NOERROR) and (#answer == 0)
if pkt:qtype() == kres.type.AAAA and is_nodata and pkt:qname() == qry:name() and qry:final() then
local next = req:push(pkt:qname(), kres.type.A, kres.class.IN, 0, qry)
next.flags = bit.band(qry.flags, kres.query.DNSSEC_WANT) + kres.query.AWAIT_CUT + MARK_DNS64
local extraFlags = bit.bor(
bit.band(qry.flags, kres.query.DNSSEC_WANT),
bit.bor(MARK_DNS64, kres.query.AWAIT_CUT)
)
local next = req:push(pkt:qname(), kres.type.A, kres.class.IN, extraFlags, qry)
end
end
return state
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment