Good Evening,

After running for some amount of time (seems to be days), our dnsdist instances 
suddenly start trying to talk to the backends using the loopback address as the 
source:

    # tcpdump -i ens192 -nn port 53
    dropped privs to tcpdump
    tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
    listening on ens192, link-type EN10MB (Ethernet), capture size 262144 bytes
    22:39:07.014963 IP6 <snip>:ac10:0:ac10:2e.64975 > <snip>::197.53: 35980+ 
[1au] SOA? lbdn.domain. (45)
    22:39:07.015390 IP6 ::1.38717 > <snip>::195.53: 43034 [1au] SOA? 
lbdn.domain. (69)

Note this is not the loopback interface - packets are being placed on the wire 
and fired off into the network with ::1 as the source address. This is 
affecting all our instances, but they don't fail simultaneously.

Bizarrely, this only affects queries made by clients - the backend health check 
still uses the correct source address while this is going on. Restarting 
dnsdist brings them back into service.

I think I can work around this by setting an explicit source IP for each 
backend - I'm suspecting that trying to talk to backends with the return 
address set to ::1 is probably a bug though!

We're running the current master branch builds on RHEL8.

Adam Bishop

  gpg: E75B 1F92 6407 DFDF 9F1C  BF10 C993 2504 6609 D460

jisc.ac.uk


Jisc is a registered charity (number 1149740) and a company limited by 
guarantee which is registered in England under company number. 05747339, VAT 
number GB 197 0632 86. Jisc’s registered office is: 4 Portwall Lane, Bristol, 
BS1 6NB. T 0203 697 5800.


Jisc Services Limited is a wholly owned Jisc subsidiary and a company limited 
by guarantee which is registered in England under company number 02881024, VAT 
number GB 197 0632 86. The registered office is: 4 Portwall Lane, Bristol, BS1 
6NB. T 0203 697 5800.


Jisc Commercial Limited is a wholly owned Jisc subsidiary and a company limited 
by shares which is registered in England under company number 09316933, VAT 
number GB 197 0632 86. The registered office is: 4 Portwall Lane, Bristol, BS1 
6NB. T 0203 697 5800.


For more details on how Jisc handles your data see our privacy notice here: 
https://www.jisc.ac.uk/website/privacy-notice
_______________________________________________
dnsdist mailing list
dnsdist@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/dnsdist

Reply via email to