DNS timeout on NAT64 network with iPhone 6S

Hi,


We have set up a NAT64 IPV6 network using mac mini running macOS Sierra. We have

a SIP ( VoIP) app which looks up DNS by using low level BSD sockets, so using connect on the

socket and sending low level queries.


We have a strange problem: an iPhone 5 (running iOS 10.2) and an iPad 4th gen ( running iOS 9.3 )

can connect to the DNS server address obtained from the MAC NAT64 network and get DNS responses.

However an iPhone 6S ( running iOS 10.2) and the exact same application code connects to the DNS server

address but no responses are received to a DNS query, just get timeouts.

We are not sure how to debug this because the DNS request goes via the MAC, any ideas would be most

appreciated.

Thanks

Replies

… which looks up DNS by using low level BSD sockets …

What API are you using for the DNS part of this?

getaddrinfo
? Or does this mean you’re actually doing your own DNS resolver on top of UDP?

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

Hi Eskimo


Yes we are using the following DNS resolver library over UDP. https://c-ares.haxx.se/


Its widely used and worked well for us for years. We just don't have a way to find out

what's up. Is there any debugging on the MAC that can be turned on?


Thanks

Yes we are using the following DNS resolver library over UDP.

Just for the record, I strongly recommend against using your own DNS resolver. The system resolver has important advantages that you just can’t replicate in your own app.

We just don't have a way to find out what's up. Is there any debugging on the MAC that can be turned on?

I recommend you take a packet trace and see what’s happening on the ‘wire’. You can do this from three different contexts:

  • The iOS device, via RVI

  • The Mac inside the NAT

  • The Mac outside the NAT

For instructions, see QA1176 Getting a Packet Trace.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

Hi


We have got a bit further along with this, we have captured traces and determined the DNS lookup

is taking place successfully with both iphone 5 and iphone 6s devices as far as the DNS request that the

MAC makes outside the NAT.


The problem is that when the response is forwarded to the iOS device it is sent from a different IP address

than where the request was sent to with the iPhone 6s, so it is dropped. The traces are attached and show

a DNS request from the iphone 5 ( success case) and iPhone 6s ( failure case) together with the response.


success trace :

You can see the DNS request sent to the MAC NAT64 DNS IP -> 2001:2:0:aab1::1 from iphone 5 IP -> 2001:2::aab1:bb:977d:ff3f:468e

The response comes from the 2001:2:0:aab1::1 address as expected


fail trace

You can see the DNS request sent to the MAC NAT64 DNS IP -> 2001:2:0:aab1::1 from iphone 6s IP -> 2001:2::aab1:c43:86e2:db56:880

The response comes from 2001:2::aab1:cb3:7539:a537:d60f, this is dropped by the iphone 6s


https://s3.amazonaws.com/devforumslinks/iphone5_success.png


https://s3.amazonaws.com/devforumslinks/iphone6s_fail.png

I have the same problem as you. Have you solved it?

I have logged radar 40529015 / open radar https://openradar.appspot.com/radar?id=5050449208016896 for this

We still don't seem to have a response to this?