Querying a TXT record for github.com fails with FATA[0000] dns: overflowing header size #111
Description
Just sharing this error I came across (although it seems to be dependent on nameserver used for the query):
FATA[0000] dns: overflowing header size
I'm aware of the local DNS service being a bit faulty (see details below), I'm not sure if this is something doggo can actually resolve either (affects q too, so I suppose both projects are handling the query in the same way?).
dig can resolve the record without issue in the same environment, thus this failure may be specific to Go (or a common DNS package, I haven't compared q and doggo packages or src).
As can be seen below, github.com has a large TXT record that splits into multiple parts, I suspect that's the one related to the overflow error? q has a option --txtconcat to merge these into a single string for displayed output, but the error seems to suggest that this is a failure at the DNS name server used for the query not being able to handle this.
My local DNS in this case is a bit complicated
- Fedora 40 container running in WSL2 (Ubuntu 22.04), with
/etc/resolv.confmanaged by Docker Desktop (192.168.65.0/24network configured, Docker manages it's own internal DNS layer). - WSL2 itself has it's own different
/etc/resolv.conf(172.x.y.znameserver), but Docker Desktop may actually run containers in a separate VM IIRC, rather than this Ubuntu 22.04 one that is provisioned by default and where I interface with the container via Windows Terminal. So this name server probably isn't in use, I know that if the container runs in host mode networking it's not reachable from my WSL2 Ubuntu 22.04 or Windows 11 host. - Windows itself has the connection with explicit
1.1.1.1configured for the nameserver to use, DNS should be going through this to reach the internet AFAIK, so it may be an issue with Dockers internally managed DNS layer and potentially whatever upstream it routes queries through. - Other DNS tools like
dig/drillalso confirm that I cannot perform reverse DNS queries either, unless I provide an alternative name server to query like via@1.1.1.1.- I just verified that the WSL2 host can perform this fine without setting
@1.1.1.1, but Docker containers do not return anything. I've also changed the Windows host network to use DHCP again instead of1.1.1.1and there is no issue there either for Ubuntu. dighas no trouble in a container however querying theTXTrecord forgithub.com.
- I just verified that the WSL2 host can perform this fine without setting
- I've only been troubleshooting this recently as some builds of mine were failing to resolve DNS. It's possible that this is temporary until I restart the Docker daemon or entire system, since I have experienced networking issues with Docker in a VM environment when the VM was suspended and later resumed where containers that were running no longer had valid network (might have been a change in bridged interface than DNS specifically, can't recall), that required restarting the Docker daemon (all containers must be stopped for that AFAIK).
Here is the containers /etc/resolv.conf (comment is generated from the managed file contents by Docker):
$ cat /etc/resolv.conf
# DNS requests are forwarded to the host. DHCP DNS options are ignored.
nameserver 192.168.65.7While the Windows host is configured with 1.1.1.1, it wasn't when these issues started and the Docker daemon has not been restarted yet. It's also possible that the comment is misleading if the Docker host in this case is the WSL2 VM that Docker Desktop manages, where it may set a different nameserver (not sure how to access that). So I suspect either the issue is temporary, or the internal DNS layer Docker has is faulty.
Via DNS server in /etc/resolv.conf (fail)
For reference, same failure via q:
# Won't output any records at all, while doggo returns some
$ q A AAAA NS MX TXT CNAME github.com --txtconcat
FATA[0000] dns: overflowing header size$ doggo A AAAA NS MX TXT CNAME github.com
ERROR[2024-05-12T22:56:09Z] error looking up DNS records error="dns: overflowing header size"
NAME TYPE CLASS TTL ADDRESS NAMESERVER
github.com. A IN 46s 20.248.137.48 192.168.65.7:53
github.com. NS IN 764s dns1.p08.nsone.net. 192.168.65.7:53
github.com. NS IN 764s dns2.p08.nsone.net. 192.168.65.7:53
github.com. NS IN 764s dns3.p08.nsone.net. 192.168.65.7:53
github.com. NS IN 764s dns4.p08.nsone.net. 192.168.65.7:53
github.com. NS IN 764s ns-1283.awsdns-32.org. 192.168.65.7:53
github.com. NS IN 764s ns-1707.awsdns-21.co.uk. 192.168.65.7:53
github.com. NS IN 764s ns-421.awsdns-52.com. 192.168.65.7:53
github.com. NS IN 764s ns-520.awsdns-01.net. 192.168.65.7:53
github.com. MX IN 3482s 1 aspmx.l.google.com. 192.168.65.7:53
github.com. MX IN 3482s 10 alt3.aspmx.l.google.com. 192.168.65.7:53
github.com. MX IN 3482s 10 alt4.aspmx.l.google.com. 192.168.65.7:53
github.com. MX IN 3482s 5 alt1.aspmx.l.google.com. 192.168.65.7:53
github.com. MX IN 3482s 5 alt2.aspmx.l.google.com. 192.168.65.7:53Via @1.1.1.1 (success):
$ doggo @1.1.1.1 A AAAA NS MX TXT CNAME github.com
NAME TYPE CLASS TTL ADDRESS NAMESERVER
github.com. A IN 21s 20.248.137.48 1.1.1.1:53
github.com. SOA IN 247s ns-1707.awsdns-21.co.uk. 1.1.1.1:53
awsdns-hostmaster.amazon.com.
1 7200 900 1209600 86400
github.com. NS IN 864s dns1.p08.nsone.net. 1.1.1.1:53
github.com. NS IN 864s dns2.p08.nsone.net. 1.1.1.1:53
github.com. NS IN 864s dns3.p08.nsone.net. 1.1.1.1:53
github.com. NS IN 864s dns4.p08.nsone.net. 1.1.1.1:53
github.com. NS IN 864s ns-1283.awsdns-32.org. 1.1.1.1:53
github.com. NS IN 864s ns-1707.awsdns-21.co.uk. 1.1.1.1:53
github.com. NS IN 864s ns-421.awsdns-52.com. 1.1.1.1:53
github.com. NS IN 864s ns-520.awsdns-01.net. 1.1.1.1:53
github.com. MX IN 3600s 1 aspmx.l.google.com. 1.1.1.1:53
github.com. MX IN 3600s 10 alt3.aspmx.l.google.com. 1.1.1.1:53
github.com. MX IN 3600s 10 alt4.aspmx.l.google.com. 1.1.1.1:53
github.com. MX IN 3600s 5 alt1.aspmx.l.google.com. 1.1.1.1:53
github.com. MX IN 3600s 5 alt2.aspmx.l.google.com. 1.1.1.1:53
github.com. TXT IN 2870s "1dx40j0v3l3cnnhd973dfvvrm6z1bjk5" 1.1.1.1:53
github.com. TXT IN 2870s "MS=6BF03E6AF5CB689E315FB6199603BABF2C88D805" 1.1.1.1:53
github.com. TXT IN 2870s "MS=ms44452932" 1.1.1.1:53
github.com. TXT IN 2870s "MS=ms58704441" 1.1.1.1:53
github.com. TXT IN 2870s "adobe-idp-site-verification=b92c9e999aef825edc36e0a3d847d2dbad5b2fc0e05c79ddd7a16139b48ecf4b" 1.1.1.1:53
github.com. TXT IN 2870s "apple-domain-verification=RyQhdzTl6Z6x8ZP4" 1.1.1.1:53
github.com. TXT IN 2870s "atlassian-domain-verification=jjgw98AKv2aeoYFxiL/VFaoyPkn3undEssTRuMg6C/3Fp/iqhkV4HVV7WjYlVeF8" 1.1.1.1:53
github.com. TXT IN 2870s "beautifulai-site-verification=e478d764-9335-4af3-ac7a-2d5ab61b59aa" 1.1.1.1:53
github.com. TXT IN 2870s "calendly-site-verification=at0DQARi7IZvJtXQAWhMqpmIzpvoBNF7aam5VKKxP" 1.1.1.1:53
github.com. TXT IN 2870s "docusign=087098e3-3d46-47b7-9b4e-8a23028154cd" 1.1.1.1:53
github.com. TXT IN 2870s "facebook-domain-verification=39xu4jzl7roi7x0n93ldkxjiaarx50" 1.1.1.1:53
github.com. TXT IN 2870s "google-site-verification=UTM-3akMgubp6tQtgEuAkYNYLyYAvpTnnSrDMWoDR3o" 1.1.1.1:53
github.com. TXT IN 2870s "krisp-domain-verification=ZlyiK7XLhnaoUQb2hpak1PLY7dFkl1WE" 1.1.1.1:53
github.com. TXT IN 2870s "loom-site-verification=f3787154f1154b7880e720a511ea664d" 1.1.1.1:53
github.com. TXT IN 2870s "miro-verification=d2e174fdb00c71e0bcf58f8e58c3da2dd80dcfa9" 1.1.1.1:53
github.com. TXT IN 2870s "stripe-verification=f88ef17321660a01bab1660454192e014defa29ba7b8de9633c69d6b4912217f" 1.1.1.1:53
github.com. TXT IN 2870s "v=spf1 ip4:192.30.252.0/22 1.1.1.1:53
include:_netblocks.google.com
include:_netblocks2.google.com
include:_netblocks3.google.com
include:spf.protection.outlook.com
include:mail.zendesk.com
include:_spf.salesforce.com
include:servers.mcsv.net
ip4:166.78.69.169 ip4:1"
"66.78.69.170 ip4:166.78.71.131
ip4:167.89.101.2
ip4:167.89.101.192/28
ip4:192.254.112.60
ip4:192.254.112.98/31
ip4:192.254.113.10
ip4:192.254.113.101
ip4:192.254.114.176
ip4:62.253.227.114 ~all"
github.com. SOA IN 888s ns-1707.awsdns-21.co.uk. 1.1.1.1:53
awsdns-hostmaster.amazon.com.
1 7200 900 1209600 86400