unable to query TXT records when using a QUIC upstream - SERVFAIL #450
Description
When using dnsproxy with a quic upstream I'm unable to lookup TXT records.
quic upstream:
; <<>> DiG 9.20.8 <<>> txt google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 57950
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;google.com. IN TXT
;; Query time: 10 msec
;; SERVER: 10.0.0.1#53(10.0.0.1) (UDP)
;; WHEN: Sat Apr 19 10:46:46 ACST 2025
;; MSG SIZE rcvd: 39
tls upstream:
; <<>> DiG 9.20.8 <<>> txt google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57195
;; flags: qr rd ra; QUERY: 1, ANSWER: 12, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;google.com. IN TXT
;; ANSWER SECTION:
google.com. 3243 IN TXT "onetrust-domain-verification=de01ed21f2fa4d8781cbc3ffb89cf4ef"
google.com. 3243 IN TXT "v=spf1 include:_spf.google.com ~all"
google.com. 3243 IN TXT "docusign=1b0a6754-49b1-4db5-8540-d2c12664b289"
google.com. 3243 IN TXT "apple-domain-verification=30afIBcvSuDV2PLX"
google.com. 3243 IN TXT "facebook-domain-verification=22rm551cu4k0ab0bxsw536tlds4h95"
google.com. 3243 IN TXT "cisco-ci-domain-verification=479146de172eb01ddee38b1a455ab9e8bb51542ddd7f1fa298557dfa7b22d963"
google.com. 3243 IN TXT "google-site-verification=TV9-DBe4R80X4v0M4U_bd_J9cpOJM0nikft0jAgjmsQ"
google.com. 3243 IN TXT "google-site-verification=wD8N7i1JTNTkezJ49swvWW48f8_9xveREV4oB-0Hf5o"
google.com. 3243 IN TXT "docusign=05958488-4752-4ef2-95eb-aa7ba8a3bd0e"
google.com. 3243 IN TXT "globalsign-smime-dv=CDYX+XFHUw2wml6/Gb8+59BsH31KzUr6c1l2BPvqKX8="
google.com. 3243 IN TXT "MS=E4A68B9AB2BB9670BCE15412F62916164C0B20BB"
google.com. 3243 IN TXT "google-site-verification=4ibFUgB-wXLQ_S7vsXVomSTVamuOXBiVAzpR5IZ87D0"
;; Query time: 130 msec
;; SERVER: 10.0.0.1#53(10.0.0.1) (UDP)
;; WHEN: Sat Apr 19 10:46:03 ACST 2025
;; MSG SIZE rcvd: 886
quic query direct (to adguard dns)
;; QUIC session (QUICv1)-(TLS1.3)-(ECDHE-X25519)-(ECDSA-SECP256R1-SHA256)-(AES-128-GCM)
;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 0
;; Flags: qr rd ra; QUERY: 1; ANSWER: 12; AUTHORITY: 0; ADDITIONAL: 1
;; EDNS PSEUDOSECTION:
;; Version: 0; flags: ; UDP size: 0 B; ext-rcode: NOERROR
;; PADDING: 20 B
;; QUESTION SECTION:
;; google.com. IN TXT
;; ANSWER SECTION:
google.com. 2385 IN TXT "apple-domain-verification=30afIBcvSuDV2PLX"
google.com. 2385 IN TXT "MS=E4A68B9AB2BB9670BCE15412F62916164C0B20BB"
google.com. 2385 IN TXT "google-site-verification=wD8N7i1JTNTkezJ49swvWW48f8_9xveREV4oB-0Hf5o"
google.com. 2385 IN TXT "facebook-domain-verification=22rm551cu4k0ab0bxsw536tlds4h95"
google.com. 2385 IN TXT "google-site-verification=TV9-DBe4R80X4v0M4U_bd_J9cpOJM0nikft0jAgjmsQ"
google.com. 2385 IN TXT "docusign=1b0a6754-49b1-4db5-8540-d2c12664b289"
google.com. 2385 IN TXT "cisco-ci-domain-verification=479146de172eb01ddee38b1a455ab9e8bb51542ddd7f1fa298557dfa7b22d963"
google.com. 2385 IN TXT "v=spf1 include:_spf.google.com ~all"
google.com. 2385 IN TXT "onetrust-domain-verification=de01ed21f2fa4d8781cbc3ffb89cf4ef"
google.com. 2385 IN TXT "docusign=05958488-4752-4ef2-95eb-aa7ba8a3bd0e"
google.com. 2385 IN TXT "globalsign-smime-dv=CDYX+XFHUw2wml6/Gb8+59BsH31KzUr6c1l2BPvqKX8="
google.com. 2385 IN TXT "google-site-verification=4ibFUgB-wXLQ_S7vsXVomSTVamuOXBiVAzpR5IZ87D0"
;; Received 910 B
;; Time 2025-04-19 10:55:29 ACST
;; From 94.140.14.49@853(QUIC) in 65.3 ms