Skip to content

Comments

Fix DNS PTR records; add SOA to various negative DNS responses#28

Open
jagerman wants to merge 2 commits intosession-foundation:devfrom
jagerman:dns-ptr-fix
Open

Fix DNS PTR records; add SOA to various negative DNS responses#28
jagerman wants to merge 2 commits intosession-foundation:devfrom
jagerman:dns-ptr-fix

Conversation

@jagerman
Copy link
Member

  • PTR responses were sending back results with the type set to A instead PTR.
  • Negative responses (such as a PTR of an unmapped IP, or a ONS that doesn't exist) were not cacheable because of the lack of an SOA record, and in some cases could fall back to an upstream. This fixes it (see commit message for more detail).

Without SOA records, caching DNS servers in front of Session Router
(such as you might use on a local network for network-side Session
Router connectivity) cannot cache the result, but most of the NXDOMAIN
and NODATAs we produce are and should be cachable.

Unlike positive records, which have their own TTL, negative results
requiring hacking the nack TTL through an SOA record in the authority
section from which the MINIMUM value.  This commit adds it so that we
are doing the right thing.

This should also prevent PTR records from falling back to upstream DNS
(where the entire private range gets NACKed) by being properly
authoritative for the local IPs we serve even when those IPs aren't
currently mapped.
@jagerman jagerman requested a review from tewinget January 21, 2026 01:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants