Bug #233
BIND 9 behaves REALLY REALLY badly when in a walled garden
In Progress
High
Jim Gettys
Description
When I am in this hotel, where DNS (and most packets) are blocked off-net until I click through a captive portal, BIND 9 will not resolve any names, and my laptop cannot either.I propose that some checking script be in place which does a DNS lookup to the ge00-provided name server addresses, and if it returns data, then BIND be configured normally. If this look-up fails, BIND should be configured as a forwarder to the dhcp-provided name servers.
History
Updated by Dave Täht on Aug 23, 2011.
I’d like more detail on this patch, and to get it into rc6, if it makes
sense. I would hope that the vast majority of users are not testing in
hotels, however…
Updated by Michael Graff on Aug 23, 2011.
I didn’t intend to test it in a hotel, but it was where I was living
while in California last week. :)
I’d ask Evan if he can send it along.
Updated by Dave Täht on Sep 17, 2011.
I have this (1 line) patch, somewhere in my mail, but can’t find it
anywhere, nor remember who it came from.
what is stopping this patch from ending up in bind itself? Carrying out of tree patches is no fun.
Updated by Evan Hunt on Sep 17, 2011.
The patch will end up in BIND as a switch you can turn on, eventually.
It’s not really proper pinky-raised DNS, so I don’t think it should be
on by default with no ability to turn it off.
Updated by Jim Gettys on Nov 18, 2011.
Even weirder, sometimes I see bind work; but most recently mostly not.
I set up the forwarder’s file manually, and it worked some of the time. Needs to be setable in a bind UI
This is a static export of the original bufferbloat.net issue
database. As such, no further commenting is possible; the
information is solely here for archival purposes.
Cerowrt Project
Recent Updates
Find us elsewhere
Bufferbloat Mailing Lists
#bufferbloat on Twitter
Google+ group
Archived Bufferbloat pages from the Wayback Machine
Nlnet Foundation
Shuttleworth Foundation
GoFundMe
Congestion Control Blog
Flent Network Test Suite
Sqm-Scripts
The Cake shaper
AQMs in BSD
IETF AQM WG
CeroWrt (where it all started)
Jim Gettys' Blog - The chairman of the Fjord
Toke's Blog - Karlstad University's work on bloat
Voip Users Conference - Weekly Videoconference mostly about voip
Candelatech - A wifi testing company that "gets it".
#bufferbloat on Twitter
Google+ group
Archived Bufferbloat pages from the Wayback Machine
Sponsors
Comcast Research Innovation FundNlnet Foundation
Shuttleworth Foundation
GoFundMe
Bufferbloat Related Projects
OpenWrt ProjectCongestion Control Blog
Flent Network Test Suite
Sqm-Scripts
The Cake shaper
AQMs in BSD
IETF AQM WG
CeroWrt (where it all started)
Network Performance Related Resources
Jim Gettys' Blog - The chairman of the Fjord
Toke's Blog - Karlstad University's work on bloat
Voip Users Conference - Weekly Videoconference mostly about voip
Candelatech - A wifi testing company that "gets it".
The problem is that BIND 9 issues upstream queries with recursion desired = 0, and then we get back strange answers from captive, walled garden DNS servers which habitually lie.
The “fix” is to just take what we get. It’s either right (in which case validation may work) or bad (in which case it will not).
Possibly one should add UI options to enable/disable validation and enable/disable “just forward to my ISP” options for BIND.