Bug ID 650292: DNS transparent cache can return non-recursive results for recursive queries

Last Modified: May 14, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP DNS(all modules)

Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3

Fixed In:
13.1.0, 13.0.1, 12.1.3, 11.6.3

Opened: Mar 10, 2017
Severity: 3-Major

Symptoms

If a non recursive query is cached by the DNS transparent cache, subsequent recursive queries provide the non-recursive answer.

Impact

Non recursive responses for recursive requests.

Conditions

DNS transparent cache that receives a non-recursive query whose result is stored in the cache.

Workaround

An iRule can be attached to the listener to disable the cache if the "rd bit" is not set in the DNS request.

Fix Information

The RD bit is now handled as expected. If a recursive request is received, a non-recursive cached entry is ignored, and replaced, when the recursive request is answered.

Behavior Change