Ask Your Question

Bence's profile - activity

2019-05-21 03:52:23 -0500 received badge  Notable Question (source)
2019-05-13 15:13:22 -0500 received badge  Popular Question (source)
2019-05-11 05:19:45 -0500 asked a question DNS query reply from unexpected source (wrong port)

Hello there,

I had some problem with the DNS queries. First of all, I don't set any DNS server address for openstack subnet (don't want complicate and if I set it doesn't work neither), and I setted security groups (now every traffic is allowed in theory).

When I start a DNS query from openstack instance ( everything is Ubuntu 16.04), a got the following lines:

ubuntu@ubi:~$ dig +short google.com @8.8.4.4
;; reply from unexpected source: 8.8.4.4#2, expected 8.8.4.4#53
;; reply from unexpected source: 8.8.4.4#2, expected 8.8.4.4#53
;; reply from unexpected source: 8.8.4.4#2, expected 8.8.4.4#53
;; connection timed out; no servers could be reached

The query above works very well on "aio1" and "test-client".

I have tried a lot of thing, my architecture:
I working on GCP, using 2 VM, it's an all-in-on cluster by ansible:

1# aio1
CPU: 4 vCPU
RAM: 26 GB
IP: 10.1.0.7 (for local)

2# test-client (just for test connection, and dumb things)
CPU: 1 vCPU
RAM: 1.7 GB
IP: 10.1.0.3 (for local)
The machines uses the 10.1.0.0/16 subnet.

X# ubi (OpenStack Instance)
CPU: 1 vCPU
RAM: 1 GB
Private ip: 192.168.1.17 (from 192.168.1.0/24 private subnet)
Floating: 172.29.249.111 (from 172.29.248.0/22 public subnet)
There is router between these networks.

Then I built a little python DNS server, which forward the request for real DNS servers (listen on "test-client") .
For example:

bence@aio1:~$ dig +short example.com @10.1.0.3 -p 35
93.184.216.34
bence@aio1:~$ dig +short example.com @8.8.4.4
93.184.216.34

As you can see the first query is sent to my python server from "aio1", the second dig is just for test result.

Lets see the next scenario:
1. I start a query from "ubi" instance to "test-client".
2. It got the query and forward to a real DNS server.
3. Send back the reply.

The result the same:

ubuntu@ubi:~$ dig +short @10.1.0.3 -p 35 google.com
;; reply from unexpected source: 10.1.0.3#2, expected 10.1.0.3#35
;; reply from unexpected source: 10.1.0.3#2, expected 10.1.0.3#35
;; reply from unexpected source: 10.1.0.3#2, expected 10.1.0.3#35
;; connection timed out; no servers could be reached

These are the results of tcpdump:

On "ubi":

09:40:31.732386 IP host-192-168-1-17.openstacklocal.60774 > 10.1.0.3.35: UDP, length 46
09:40:31.784442 IP 10.1.0.3.2 > host-192-168-1-17.openstacklocal.60774: UDP, length 62

On "aio1":

09:40:31.921488 IP aio1.europe-west3-c.c.my-openstack-123456.internal.60774 > os-client.europe-west3-c.c.my-openstack-123456.internal.35: UDP, length 46
09:40:31.972483 IP os-client.europe-west3-c.c ...
(more)