This is the mail archive of the
libc-alpha@sources.redhat.com
mailing list for the glibc project.
Retry mechanism w/ DNS Format Error?
- From: Pekka Savola <pekkas at netcore dot fi>
- To: libc-alpha at sources dot redhat dot com
- Date: Tue, 4 Jan 2005 08:07:14 +0200 (EET)
- Subject: Retry mechanism w/ DNS Format Error?
Hi,
I noticed an "interesting" problem after Bind had been updated from
9.2.4 to 9.3.0: as the bitstring label support was removed, the server
started returning "Format Error" error code for bitstring v6 reverse
queries which, for example, RHL9 makes.
Now, apparently the RHL9 resolver code cannot cope with FormErr code
quickly, but has to resort to timeouts. (I've been unable to verify
this on a newer glibc because it no longer creates the bitstring
queries, but I have looked at the code in CVS and unless I'm
mislooking, it might be affected.)
Please take a look at the following tcpdump log, where 193.166.4.206
is the only name server in resolv.conf.
08:01:37.601520 IP 193.166.4.134.33013 > 193.166.4.206.domain: 6437+ PTR? \[x20010708001000400207e9fffe7b0259/128].ip6.arpa. (44)
08:01:37.601938 IP 193.166.4.206.domain > 193.166.4.134.33013: 6437 FormErr- [0q] 0/0/0 (12)
08:01:42.605829 IP 193.166.4.134.33013 > 193.166.4.206.domain: 6437+ PTR? \[x20010708001000400207e9fffe7b0259/128].ip6.arpa. (44)
08:01:42.606267 IP 193.166.4.206.domain > 193.166.4.134.33013: 6437 FormErr- [0q] 0/0/0 (12)
08:01:47.616753 IP 193.166.4.134.33013 > 193.166.4.206.domain: 6438+ PTR? 9.5.2.0.b.7.e.f.f.f.9.e.7.0.2.0.0.4.0.0.0.1.0.0.8.0.7.0.1.0.0.2.ip6.int. (89)
08:01:47.617910 IP 193.166.4.206.domain > 193.166.4.134.33013: 6438 1/2/2 PTR haukka.ipv6.csc.fi. (203)
[...]
The problem here is the timeouts between queries. Apparently, 10
seconds gets wasted when each server is asked twice about a name that
has been deprecated and the server no longer wants to know how to
parse.
Would it make sense to have a different failure strategy? Could one
just skip to the next name or server _immediately_ (without the 2*5
sec timeout) upon receiving FormErr?
--
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings