Comment 5 for bug 2030295

@Jeremy: Neutron in this case hasn't a real resolver. OVN sets up packet mangling rules that under certain conditions (the target of the query matches an instance hostname (A/AAAA) or address (PTR)) then transforms the query packet into an answer packet that is then returned to the sender, faking a response from the targeted resolver. Afaict this isn't explicitly documented, at least not in Neutron docs, so yes, I agree that we can make this public.

@Brian: It is not a configuration of the VM globally, each DNS client can choose its own options. The dig tool needs to be told to use TCP explicitly, it defaults to using UDP. Other clients may choose to do so on their own. Using the EDNS option is orthogonal to this, it can be enabled or disabled via options for dig, the default is enabled. Either way, all of these variants are valid DNS queries so if Neutron using the ML2/OVN backend is not able to handle them correctly, it should at least be listed in the OVN gaps document.

I will try to update my test scenario with 23.06 to verify the effect of your patch there.