[nos-bbs] malformed DNS packets, NOS crashing, and a first fix ...

Wed Mar 24 17:52:42 EDT 2021

Greetings maiko,

On Sat, 20 Mar 2021, M Langelaar wrote:

> What I originally thought was DNS attacks, seem to be more a case of 
> JNOS querying some DNS server, and getting a malformed response, looks 
> like it anyways.

    I set up all of our JNOS nodes with 'domain dns on' and then set them 
to use their nearest "Hamgate" via RF as their upstream DNS server, with 
'domain add 44.102.1.1' for example.   This way they use their own 
DOMAIN.TXT file if the RF path is down, and can build a rich cache if the 
RF path is working.  Our objective is if the Hamgate loses its internet 
connection, the rest of the network *can* continue to resolve FQDN to IP 
addresses.

    This worked exceptionally well when we ran the Hamgates on DOS311. 
But as soon as we migrated to Linux we have been seeing crashes every few 
days to sometimes every few HOURS!!!  Luckily 'systemd' restarts the JNOS 
instance, but *that* is not a fix but just a failsafe.

    RF-only nodes run for HUNDREDS of days without a crash, but Internet 
attached JNOS nodes suffer from the crash on an almost daily basis.

> I have a patch....

    I sure HOPE it fixes the crashes I've been suffering  :) :) :)

> If you get a malformed packet, logfile will now say so, and you should 
> see the IP address of the server in question.

    Does it succeed in getting the log entry written *before* it crashs????

    Now I need to recompile and see if you have worked magic :)

    Thanks!
       --- Jay WB8TKL
           o ARRL Michigan Section ASM for Digital Technologies
           o Chair, Michigan Section "Digital Radio Group" (DRG)
             [ www.MI-DRG.org ]