This is the mail archive of the
libc-help@sourceware.org
mailing list for the glibc project.
Domains aliased to a pool of IP addresses doesn't get resolved
- From: Yuri Kanivetsky <yuri dot kanivetsky at gmail dot com>
- To: libc-help at sourceware dot org
- Date: Mon, 12 Oct 2015 11:35:05 +0300
- Subject: Domains aliased to a pool of IP addresses doesn't get resolved
- Authentication-results: sourceware.org; auth=none
Hi,
Here's a test program:
#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netdb.h>
#include <string.h>
int main(void) {
int r;
struct addrinfo hints, *res;
memset(&hints, 0, sizeof (hints));
hints.ai_socktype = SOCK_STREAM;
r = getaddrinfo("keys.gnupg.net", "11371", &hints, &res);
// r = getaddrinfo("pool.sks-keyservers.net", "11371", &hints, &res);
if (r) {
printf("r: %hhi\n", r); // EAI_AGAIN
printf("r: %s\n", gai_strerror(r));
}
return 0;
}
When I run it in vagrant's ubuntu/vivid64 box (or other boxes, or
supposedly VMs created manually, should I check it?) I get:
$ gcc 1.c
$ ./a.out
r: -3
r: Temporary failure in name resolution
$ `ldd a.out | grep libc | awk '{ print $3 }'`
GNU C Library (Ubuntu GLIBC 2.21-0ubuntu4) stable release version
2.21, by Roland McGrath et al.
Copyright (C) 2015 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
Compiled by GNU CC version 4.9.2.
Available extensions:
crypt add-on version 2.1 by Michael Glad and others
GNU Libidn by Simon Josefsson
Native POSIX Threads Library by Ulrich Drepper et al
BIND-8.2.3-T5B
libc ABIs: UNIQUE IFUNC
For bug reporting instructions, please see:
<https://bugs.launchpad.net/ubuntu/+source/glibc/+bugs>.
It's not always like that. After I just logged in, it usually
resolves. But after making some gpg requests, it stops being resolved:
$ ./a.out; i=0; while true; do echo "--- $i"; gpg --delete-key
--batch --yes D39DC0E3; gpg --keyserver hkp://keys.gnupg.net
--recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 || { ./a.out;
echo -e $? '\a'; break; }; sleep 5; : $(( i++ )); done
--- 0
gpg: key "D39DC0E3" not found: eof
gpg: D39DC0E3: delete key failed: eof
gpg: requesting key D39DC0E3 from hkp server keys.gnupg.net
gpg: key D39DC0E3: public key "Michal Papis (RVM signing)
<mpapis@gmail.com>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
--- 1
gpg: requesting key D39DC0E3 from hkp server keys.gnupg.net
gpg: key D39DC0E3: public key "Michal Papis (RVM signing)
<mpapis@gmail.com>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
...
--- 11
gpg: requesting key D39DC0E3 from hkp server keys.gnupg.net
gpgkeys: HTTP fetch error 6: Could not resolve host: keys.gnupg.net
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
r: -3
r: Temporary failure in name resolution
0
Also, pool.sks-keyservers.net resolves even in the VM. I couldn't
reproduce it on the host machine, running Arch Linux. Or it just might
be harder to reproduce.
$ `ldd a.out | grep libc | awk '{ print $3 }'`
GNU C Library (GNU libc) stable release version 2.22, by Roland
McGrath et al.
Copyright (C) 2015 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
Compiled by GNU CC version 5.2.0.
Available extensions:
crypt add-on version 2.1 by Michael Glad and others
GNU Libidn by Simon Josefsson
Native POSIX Threads Library by Ulrich Drepper et al
BIND-8.2.3-T5B
libc ABIs: UNIQUE IFUNC
For bug reporting instructions, please see:
<https://bugs.archlinux.org/>.
Additionally, not all the target servers seem to be up:
$ dig +noall +answer keys.gnupg.net | awk '$4 == "A" { print $5 }'
| while IFS= read -r; do echo '#################'; ping -c 1 "$REPLY";
done
#################
PING 137.158.82.7 (137.158.82.7) 56(84) bytes of data.
--- 137.158.82.7 ping statistics ---
-> 1 packets transmitted, 0 received, 100% packet loss, time 0ms
#################
PING 94.142.242.225 (94.142.242.225) 56(84) bytes of data.
64 bytes from 94.142.242.225: icmp_seq=1 ttl=52 time=39.1 ms
--- 94.142.242.225 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 39.127/39.127/39.127/0.000 ms
#################
PING 78.46.223.54 (78.46.223.54) 56(84) bytes of data.
--- 78.46.223.54 ping statistics ---
-> 1 packets transmitted, 0 received, 100% packet loss, time 0ms
#################
PING 5.135.158.148 (5.135.158.148) 56(84) bytes of data.
64 bytes from 5.135.158.148: icmp_seq=1 ttl=54 time=44.9 ms
--- 5.135.158.148 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 44.999/44.999/44.999/0.000 ms
#################
PING 5.45.99.106 (5.45.99.106) 56(84) bytes of data.
64 bytes from 5.45.99.106: icmp_seq=1 ttl=56 time=37.3 ms
--- 5.45.99.106 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 37.300/37.300/37.300/0.000 ms
#################
PING 223.252.21.101 (223.252.21.101) 56(84) bytes of data.
64 bytes from 223.252.21.101: icmp_seq=1 ttl=46 time=367 ms
--- 223.252.21.101 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 367.836/367.836/367.836/0.000 ms
#################
PING 209.135.211.141 (209.135.211.141) 56(84) bytes of data.
64 bytes from 209.135.211.141: icmp_seq=1 ttl=46 time=136 ms
--- 209.135.211.141 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 136.886/136.886/136.886/0.000 ms
#################
PING 198.84.249.106 (198.84.249.106) 56(84) bytes of data.
64 bytes from 198.84.249.106: icmp_seq=1 ttl=50 time=141 ms
--- 198.84.249.106 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 141.682/141.682/141.682/0.000 ms
#################
PING 176.9.51.79 (176.9.51.79) 56(84) bytes of data.
64 bytes from 176.9.51.79: icmp_seq=1 ttl=52 time=38.8 ms
--- 176.9.51.79 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 38.858/38.858/38.858/0.000 ms
#################
PING 161.53.2.219 (161.53.2.219) 56(84) bytes of data.
64 bytes from 161.53.2.219: icmp_seq=1 ttl=48 time=50.7 ms
--- 161.53.2.219 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 50.793/50.793/50.793/0.000 ms
$ dig +noall +answer keys.gnupg.net | awk '$4 == "A" { print $5 }'
| while IFS= read -r; do echo "### $REPLY"; gpg --keyserver
"hkp://$REPLY" --recv-key 409B6B1796C275462A1703113804BB82D39DC0E3;
done
### 62.210.74.32
gpg: keyserver receive failed: No keyserver available
### 78.157.209.9
gpg: key D39DC0E3: "Michal Papis (RVM signing) <mpapis@gmail.com>"
not changed
gpg: Total number processed: 1
gpg: unchanged: 1
### 132.248.241.99
gpg: key D39DC0E3: "Michal Papis (RVM signing) <mpapis@gmail.com>"
not changed
gpg: Total number processed: 1
gpg: unchanged: 1
### 154.127.60.51
gpg: keyserver receive failed: No keyserver available
### 176.9.100.87
gpg: keyserver receive failed: No data
### 178.33.187.175
gpg: keyserver receive failed: No keyserver available
### 206.176.170.195
gpg: key D39DC0E3: "Michal Papis (RVM signing) <mpapis@gmail.com>"
not changed
gpg: Total number processed: 1
gpg: unchanged: 1
### 209.135.211.141
gpg: key D39DC0E3: "Michal Papis (RVM signing) <mpapis@gmail.com>"
not changed
gpg: Total number processed: 1
gpg: unchanged: 1
### 212.71.252.8
gpg: keyserver receive failed: No keyserver available
### 5.9.143.170
gpg: key D39DC0E3: "Michal Papis (RVM signing) <mpapis@gmail.com>"
not changed
gpg: Total number processed: 1
gpg: unchanged: 1
They shouldn't respond to ping, if anything.
Should I report a bug? Is there anything I can check?
More information can be found here:
https://lists.gnupg.org/pipermail/gnupg-users/2015-October/054532.html
Regards,
Yuri