Fails to forward ECS option after triggering a priming query [ISC-support #14369]
This was initially reported by a customer a long time ago but bundled with other suspected ECS issues (that turned out to be misunderstanding how BIND caches negative responses with ECS) and was suspected to possibly be an artifact of their test environment/method.
I have confirmed that our ECS system tests displays the same behavior, though it does so at a point that doesn't trigger a test failure.
The attached pcap captures all of the traffic from our ECS system test.
The client query that triggers the bug is packet 416. Packet 417 contains the priming query. This, properly, does not have an ECS option. Packet 418 contains the client query sent to the root server. Improperly, this does not contain an ECS option. Since the response to this query is a referral the lack of scope on the request/response is not noticed..
This same sequence occurs in packets 672, 673, and 674.
The customer who reported the issue had their resolver configured to forward the queries to a single server that handled everything. I do not know whether the configuration used
forward first or