Just to verify:
That's even with ping -n ?
-- Murphy
On Aug 26, 2011, at 5:02 AM, ibrahim mun wrote:
> It takes about 45 sec to respond, and it sends dns request for every ping!
> however, nslookup responds in 0 sec. Also, no more unknown host messages.
>
> Ibrahim,
>
> Subject: Re: [nox-dev] Adding DNS functionality to nox
> From: jam...@nau.edu
> Date: Fri, 26 Aug 2011 04:24:53 -0700
> CC: nox-dev@noxrepo.org
> To: ibrahim.me...@alumnos.upm.es
>
> What's the behavior with "ping -n <host>" ?
>
> -- Murphy
>
> On Aug 26, 2011, at 4:05 AM, ibrahim mun wrote:
>
> Hi Murphy, Christian, All,
>
> The problem is partially solved. I've added the following code to
> pyswitch.packet_in_callback
>
> # drop packets to dns 10.0.0.2
> iph=packet.find("ipv4")
> udph=packet.find("udp")
> if iph!= None and udph!= None:
> if iph.dstip==ipstr_to_int("10.0.0.2") and udph.dstport==53:
> return CONTINUE
>
> Now I can always ping but:
> 1. I have dns request for every ping (not cached?).
> 2. It takes a lot of time to respond to ping, while as you suggested,
> nslookup responds immediately. it seems something should be timed out before
> ping responds.
>
> This is the traffic on "h3-eth0" for one " ping pc4"
> http://codepad.org/DBZg46yB
> And this is the expanded DNS reply packet as show in wireshark:
> http://codepad.org/NEkkGH06
>
> Thank you,
> Ibrahim
>
> Subject: Re: [nox-dev] Adding DNS functionality to nox
> From: jam...@nau.edu
> Date: Thu, 25 Aug 2011 13:34:58 -0700
> CC: chest...@dca.fee.unicamp.br; nox-dev@noxrepo.org
> To: ibrahim.me...@alumnos.upm.es
>
> What is generating these ICMP messages? You should be able to stop them by
> dropping the packets you're intercepting. It strikes me as totally possible
> that they are causing the problem.
>
> Also, I might try testing using nslookup or dig instead of ping.
>
> -- Murphy
>
> On Aug 25, 2011, at 9:55 AM, ibrahim mun wrote:
>
> Hi Christian,
>
> Wireshark shows standard dns replays, and that's why ping works sometimes.
> The only irregularity I see are icmp "port unreachable" packets, generated
> because nothing is listening on 10.0.0.2:53. but I think it's not the
> problem!
>
> Thanks for you help.
>
> Ibrahim
>
> From: chest...@dca.fee.unicamp.br
> Date: Thu, 25 Aug 2011 10:13:38 -0300
> Subject: Re: [nox-dev] Adding DNS functionality to nox
> To: ibrahim.me...@alumnos.upm.es
>
> Hi Ibrahim,
>
> I would try to trace back where the problem might be.
>
> As you pointed, this could be due to:
> - nox and my reply packet,
> - mininet,
> - linux caches dns.
> - ?
>
> For the first possibility, have you tried to capture the DNS traffic with
> wireshark to see if they are correctly decoded?
>
> -Christian
>
> On Thu, Aug 25, 2011 at 07:22, ibrahim mun <ibrahim.me...@alumnos.upm.es>
> wrote:
> Hi again,
>
> One last question in this thread :) , about weird dns functionality:
>
> In mininet I have a single switch (s1), 4 hosts (h2,h3,h4,h5) (10.0.0.2 ->
> 10.0.0.5)
> resolve.conf points to 10.0.0.2 as dns server, but actually nox catchs dns
> requests matching with dst port 53, builds the response packet and sends it
> to the asker with src ip 10.0.0.2.
>
> first, I restart /etc/init.d/nscd, then
> xterm h3
> h3>> ping -c2 pc4
> it works correctly for one time
> ====================================
> = PING pc4 (10.0.0.4) 56(84) bytes of data.
> = 64 bytes from 10.0.0.4: icmp_seq=1 ttl=64 time=19.9 ms
> = 64 bytes from 10.0.0.4: icmp_seq=2 ttl=64 time=3.39 ms
> =
> = --- pc4 ping statistics ---
> = 2 packets transmitted, 2 received, 0% packet loss, time 1007ms
> = rtt min/avg/max/mdev = 3.391/11.660/19.929/8.269 ms
> ====================================
>
> then, for 3 to 5 times, it gives
> ====================================
> = ping: unknow host pc4
> ====================================
>
> Then it works again for one time.
>
> Observations:
> 1.. host sends dns request at every ping, even those with unknow host
> 2. I changed TTL in the dns reply (the time to be cached) and it has no
> effect.
>
> I don't know where is the problem (nox and my reply packet, mininet, how
> linux caches dns)..
>
> Thanks,
>
> Ibrahim
>
> From: ibrahim.me...@alumnos.upm.es
> To: jam...@nau.edu
> CC: nox-dev@noxrepo.org
> Subject: RE: [nox-dev] Adding DNS functionality to nox
> Date: Fri, 19 Aug 2011 15:17:58 +0200
>
>
> Hi murphy,
>
> Thank you very much, I stupidly thought that 0 is a special value which means
> *full packet* instead of *zero bytes*, I've Added flows for both src and dst
> ports with higher priorty than pyswitch rules and finally it responses :D
> thank you again!
>
> Ibrahim
>
> _______________________________________________
> nox-dev mailing list
> nox-dev@noxrepo.org
> http://noxrepo.org/mailman/listinfo/nox-dev
>
>
>
>
> --
> Christian
> _______________________________________________
> nox-dev mailing list
> nox-dev@noxrepo.org
> http://noxrepo.org/mailman/listinfo/nox-dev
>
>
>
>
_______________________________________________
nox-dev mailing list
nox-dev@noxrepo.org
http://noxrepo.org/mailman/listinfo/nox-dev
