Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Chaining with consensus could lead to unpredictable results #51

Open
sriccio opened this issue May 22, 2022 · 2 comments
Open

Chaining with consensus could lead to unpredictable results #51

sriccio opened this issue May 22, 2022 · 2 comments

Comments

@sriccio
Copy link

sriccio commented May 22, 2022
edited
Loading

Describe the bug
Chain resolver with consensus might produce inpredictable results when there are some kind of round robin of the results or maybe when the result depends on geolocalisation.

For example looking up A records for google.com with consensus always return an empty result.
However, without chaining and consensus, it returns an unique result that changes (some round robin here) every request.
Also, the result completly differs if using cloudflare or google resolver.

When you do the same tests with for example microsoft.com, multiple A records are returned and the consensus is working.

So I was wondering is there could be a workaround for this or if it's better to drop using the chaining/consensus to avoid possible issues for some domains that would behave like google.com does.

To Reproduce
Steps to reproduce the behavior:

Lookup A record for hostname google.com

use RemotelyLiving\PHPDNS\Resolvers\GoogleDNS;
use RemotelyLiving\PHPDNS\Resolvers\CloudFlare;
use RemotelyLiving\PHPDNS\Resolvers\Chain;

$googleResolver = new GoogleDNS();
$cloudflareResolver = new CloudFlare();
$ipv4Result = $chainResolver->withConsensusResults()->getARecords('google.com');
print_r($ipv4Result);

Result:

RemotelyLiving\PHPDNS\Entities\DNSRecordCollection Object
(
    [records:RemotelyLiving\PHPDNS\Entities\DNSRecordCollection:private] => ArrayIterator Object
        (
            [storage:ArrayIterator:private] => Array
                (
                )

        )

)

Expected behavior
Get a list of A records for the hostname
@remotelyliving
Copy link
Owner

This is interesting. I'll have some time to look into it tomorrow evening and will give you an update. My gut feeling is the equality check is too strict but it's been a while and I need to refresh how the this thing works hehe.

@sriccio
Copy link
Author

sriccio commented May 23, 2022
edited
Loading

Hi, well I have the feeling that there is something special going on with google.com as when querying it, it only returns one record, but the record changes every lookup and the returned IP addresses range seems to be dependent from where you are querying it, so there will never be a possible consensus between CloudFlare and Google DNS servers.

I did the same test with a domain name which is using CloudFlare DNS servers as authoritative servers and the result is the same as for google.com.
It doesn't return the same IP addresses if I'm querying it using CloudFlare or Google DNS. My guess is that they have many servers at different locations and their DNS returns the geographically closest one (and CloudFlare/Google DNS are not located in the same area).

Something like: https://docs.ultradns.neustar/HTML5/Content/User%20Guides/Traffic_Management_User_Guide/Directional.htm

This then defeat the great consensus thing :/

Kind regards.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@remotelyliving @sriccio