fix(connlib): correlate recursive DNS queries via opaque token#13665
Draft
thomaseizinger wants to merge 1 commit into
Draft
fix(connlib): correlate recursive DNS queries via opaque token#13665thomaseizinger wants to merge 1 commit into
thomaseizinger wants to merge 1 commit into
Conversation
The socket-pair on which a recursive DNS query was received used to be tracked by (transport, local socket, upstream, query ID). That composite key can collide and silently lose entries, surfacing as 'Failed to find UDP/TCP socket handle for query result' warnings. Instead, issue a unique token per recursive query that the DNS clients echo back in their query results, making the lookup exact. https://claude.ai/code/session_013PMm47vVdTcwYPy9mHmDCV
0a00a26 to
c6b9eb6
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The socket-pair on which we received a DNS query is tracked so that the recursive query's response can be routed back to the right device socket. The map key was (transport, local socket, upstream, query ID) — a composite that can collide and silently lose entries in release builds, surfacing as "Failed to find UDP/TCP socket handle for query result" warnings.
Issue a unique, opaque token per recursive DNS query instead. The UDP and TCP DNS clients echo the token back in their query results, making the handle lookup exact and collision-free. The warning no longer dumps the entire bookkeeping map into the log.
Related: #10911
Fixes APPLE-CLIENT-F7
Generated by Claude Code