Synapse fails to make DNS query for its own hostname when attempting invite via 3PID
See original GitHub issueHi!
~Synapse makes DNS ANY (ALL) requests through use of twisted, which sometimes fail.~ EDIT: My bad, this was apparently not what was happening, see thread for discussion.
For example when I’m trying to invite ‘ma1sd-federation-test@kamax.io’ as per instructions on https://github.com/ma1uta/ma1sd/blob/master/docs/getting-started.md the invitation fails. Upon investigation I see the following in the logs:
Traceback (most recent call last):
File "/usr/local/lib/python3.8/site-packages/synapse/http/server.py", line 252, in _async_render_wrapper
callback_return = await self._async_render(request)
File "/usr/local/lib/python3.8/site-packages/synapse/http/server.py", line 430, in _async_render
callback_return = await raw_callback_return
File "/usr/local/lib/python3.8/site-packages/synapse/rest/client/v1/room.py", line 734, in on_POST
await self.room_member_handler.do_3pid_invite(
File "/usr/local/lib/python3.8/site-packages/synapse/handlers/room_member.py", line 879, in do_3pid_invite
stream_id = await self._make_and_store_3pid_invite(
File "/usr/local/lib/python3.8/site-packages/synapse/handlers/room_member.py", line 941, in _make_and_store_3pid_invite
) = await self.identity_handler.ask_id_server_for_third_party_invite(
File "/usr/local/lib/python3.8/site-packages/synapse/handlers/identity.py", line 856, in ask_id_server_for_third_party_invite
data = await self.blacklisting_http_client.post_json_get_json(
File "/usr/local/lib/python3.8/site-packages/synapse/http/client.py", line 530, in post_json_get_json
response = await self.request(
File "/usr/local/lib/python3.8/site-packages/synapse/http/client.py", line 422, in request
response = await make_deferred_yieldable(request_deferred)
File "/usr/local/lib/python3.8/site-packages/twisted/internet/defer.py", line 654, in _runCallbacks
current.result = callback(current.result, *args, **kw)
File "/usr/local/lib/python3.8/site-packages/twisted/internet/endpoints.py", line 981, in startConnectionAttempts
raise error.DNSLookupError(
twisted.internet.error.DNSLookupError: DNS lookup failed: no results for hostname lookup: matrix.nilsson.link.
Note that it’s trying to make a DNS lookup to my own server, on my own network which my local dns server responds to. ~Unfortunately the dns request is of type 255 or ANY/ALL which has been deprecated for many years. My DNS server, correctly, returns an empty response.~
BTW, the following code also fails (for me) when doing a lookup on matrix.org, because google’s DNS server responds with a HINFO instead of a A or AAA record (or CNAME):
import sys
from twisted.python import log
from twisted.names import client
from twisted.internet import reactor
if __name__ == "__main__":
log.startLogging(sys.stdout)
client.theResolver = client.Resolver(servers=[("8.8.8.8", 53)])
def cb(*args):
log.msg(args)
def do_lookup(domain):
d = client.getHostByName(domain)
d.addBoth(cb)
from twisted.internet import reactor
reactor.callLater(0, do_lookup, "matrix.org")
reactor.run()
Issue Analytics
- State:
- Created 3 years ago
- Comments:42 (20 by maintainers)
Top Results From Across the Web
Configuration Manual - Synapse - GitHub Pages
YAML. The configuration file is a YAML file, which means that certain syntax rules apply if you want your config file to be...
Read more >The Host Name Could Not be Resolved in DNS
If the DNS lookup operation does not return an IP address, then the Microsoft ... If your external DNS zone is hosted by...
Read more >Server-Server API - Matrix Specification - Matrix.org
well-known request resulted in an error response, a server is found by resolving an SRV record for _matrix._tcp.<hostname> . This may result in...
Read more >How To Install Matrix Synapse on Ubuntu 16.04 | DigitalOcean
Which DNS records you need depend on how you're using your domain. ... let's make sure the webserver is able to serve Synapse...
Read more >10 DNS Errors That Will Kill Your Network - Redmondmag.com
Murphy and other elements of chaotic cosmic calamity. 1. TCP/IP Configuration Points to Public DNS Servers This is by far the most common...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
@Jieiku your Homeserver is separate from Sydent (identify server). The homeserver’s black- and whitelists are separate to the identity server’s black- and whitelists.
I strongly recommend you do not set the ip.blacklist as above, because doing so wipes out the defaults, which is probably not what you want. Instead, you want to set
ip.whitelistunder the[general]section of sydent’s config.If that doesn’t resolve the problem, please open an issue in the Sydent repo, or ask in the matrix room
#sydent:matrix.orgfor help.It’s a clean and up-to-date Ubuntu 20.04. Matrix was installed using the ansible scripts from https://github.com/spantaleev/matrix-docker-ansible-deploy. Which means docker images.
https://paste.ubuntu.com/p/m5DSsWqy33/
But this is wierd: Perhaps the title of this issue is wrong. I tried to reproduce the stacktrace on my own before I filed this bug. I ran a few scripts on my desktop (tried both windows and linux) with twisted and I got the same exception and then I used wireshark to look at the traffic. Which is why I came to the conclusion in my first post. However, when I do a tcpdump on the matrix server instead I get the correct requests for A and AAAA records. Which means the stacktrace in my first post is caused by something else.
I’m attaching the tcpdump, in case you are interested but I can see nothing wrong in it. (Note the bind9 man-in-the-middle: 127.0.0.1 <-> 127.0.0.53 <-> 10.0.0.1).