Community discussions

MikroTik App
 
dksoft
Member Candidate
Member Candidate
Topic Author
Posts: 148
Joined: Thu Dec 06, 2012 8:56 am
Location: Germany

Alpine fails because of NXDOMAIN with missing IPv6 entry in ROS DNS

Mon Jan 23, 2023 12:35 pm

My problem is with Alpine Linux v3.16 because the RouterOS 7.7 DNS server returns NXDOMAIN if an IPv6 entry does not exist, even that an IPv4 does exist.
I tried other DNS, like DNSMASQ/Pi-hole in a Docker container and they return NOERROR instead.
Unfortunately Alpine always asks for A and AAAA record and if one return NXDOMAIN, it fails. Even if a IPv4 record does exist.

Any idea how to change the RouterOS response to not return NXDOMAIN?

Here is my configuration:
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=10.0.0.17 name=ess

Alpine fails to ping:
mosquitto:~# ping ess
ping: bad address 'ess'

Here is the reason:
mosquitto:~# nslookup ess
Server:		10.0.0.1
Address:	10.0.0.1:53
Non-authoritative answer:
Name:	ess
Address: 10.0.0.17
** server can't find ess: NXDOMAIN

Debug IPv4:
mosquitto:~# nslookup -type=a -debug ess 10.0.0.1
Server:		10.0.0.1
Address:	10.0.0.1:53
Query #0 completed in 1ms:
Non-authoritative answer:
Name:	ess
Address: 10.0.0.17

Debug IPv6:
mosquitto:~# nslookup -type=aaaa -debug ess 10.0.0.1
Server:		10.0.0.1
Address:	10.0.0.1:53
Query #0 completed in 3ms:
** server can't find ess: NXDOMAIN

This is how DNSMASQ/Pi-hole @10.0.0.6 responses in the same configuration:
mosquitto:~# nslookup -type=aaaa -debug ess 10.0.0.6
Server:		10.0.0.6
Address:	10.0.0.6:53
Query #0 completed in 0ms:
Non-authoritative answer:
 
chyparo
just joined
Posts: 1
Joined: Thu Feb 02, 2023 10:52 pm

Re: Alpine fails because of NXDOMAIN with missing IPv6 entry in ROS DNS

Thu Feb 02, 2023 10:54 pm

I have exactly the same problem. ROS 7.7
 
dksoft
Member Candidate
Member Candidate
Topic Author
Posts: 148
Joined: Thu Dec 06, 2012 8:56 am
Location: Germany

Re: Alpine fails because of NXDOMAIN with missing IPv6 entry in ROS DNS

Fri Feb 03, 2023 4:43 pm

Fixed in 7.8b3
 
nickvacula
just joined
Posts: 3
Joined: Thu Mar 30, 2023 3:29 pm

Re: Alpine fails because of NXDOMAIN with missing IPv6 entry in ROS DNS

Thu Mar 30, 2023 4:12 pm

Hi,

unfortunately for me on RouterOS v7.8 stable it still returns NXDOMAIN instead of NOERROR from Alpine:

===========================================
# nslookup <my.home.host>
Server: 192.168.88.1
Address: 192.168.88.1:53

Non-authoritative answer:
Name: <my.home.host>
Address: 192.168.88.1

** server can't find <my.home.host>: NXDOMAIN

# nslookup -type=a <my.home.host>
Server: 192.168.88.1
Address: 192.168.88.1:53

Non-authoritative answer:
Name: <my.home.host>
Address: 192.168.88.1

# nslookup -type=aaaa <my.home.host>
Server: 192.168.88.1
Address: 192.168.88.1:53

** server can't find <my.home.host>: NXDOMAIN

# cat /etc/resolv.conf
# Generated by NetworkManager
search <home.host>
nameserver 192.168.88.1
===========================================

wat this fix missed in 7.8 stable?

EDIT: just found it works fine if I don't have "Use DoH Server" field set. If I have DoH server configured - query from Alpine still returns NXDOMAIN.
Last edited by nickvacula on Thu Mar 30, 2023 4:55 pm, edited 1 time in total.
 
nickvacula
just joined
Posts: 3
Joined: Thu Mar 30, 2023 3:29 pm

Re: Alpine fails because of NXDOMAIN with missing IPv6 entry in ROS DNS

Thu Apr 06, 2023 2:09 pm

@dksoft can you please check if problem still exists for you if you have "Use DoH Server" checked?
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 3169
Joined: Sun May 01, 2016 7:12 pm
Location: California

Re: Alpine fails because of NXDOMAIN with missing IPv6 entry in ROS DNS

Fri Apr 07, 2023 12:59 am

Correct, container does not work with DoH set, see:
viewtopic.php?t=194302&hilit=alpine#p989096

There was a separate bug in the ~7.6 where IPv6 resolution was broken – that may also been the original issue in this thread. Which is different from Alpine with DoH.

Alpine's native DNS resolver only uses UDP and even ignores fragmented responses if I recall right... but there is not "native" DoH support in Alpine.

Who is online

Users browsing this forum: freemannnn and 72 guests