Date: Sun, 05 Jan 2003 12:55:48 +0000 From: lemon <lemon@aldigital.co.uk> To: freebsd-hackers@freebsd.org Subject: getnameinfo contacting 'wrong' resolver for lookup Message-ID: <3E182B54.4090007@aldigital.co.uk>
next in thread | raw e-mail | index | archive | help
hi,
i have a 4.7-STABLE box running two nameservers: a djbdns dnscache on
127.0.0.1 to serve local requests, and have recently added a djbdns
tinydns on my external address to serve domains i host, viz:
$ sockstat -4 | grep :53
dnscache dnscache 37679 3 udp4 127.0.0.1:53 *:*
dnscache dnscache 37679 4 tcp4 127.0.0.1:53 *:*
tinydns tinydns 37672 3 udp4 192.168.1.2:53 *:*
the box's resolv.conf has a single nameserver entry for localhost.
my problem: since adding the external tinydns listener, my openssh
sessions take ages to log in. thinking a reverse lookup oddity i did
some digging, and saw that the getnameinfo call in sshd appears to query
the external listener (albeit thru loopback) first. this external
listener can't reverse the connection's address since it only resolves
domains hosted on the box itself. after a long timeout, the correct
nameserver is contacted and the login succeeds. some tcpdumping reveals:
# tcpdump -ni lo0
tcpdump: listening on lo0
[ 'wrong' listener being contacted ]
18:02:38.448117 192.168.1.2.1226 > 192.168.1.2.53:
24805+ PTR? 7.57.192.80.in-addr.arpa. (42)
18:02:43.452867 192.168.1.2.1227 > 192.168.1.2.53:
24805+ PTR? 7.57.192.80.in-addr.arpa. (42)
18:02:53.462937 192.168.1.2.1228 > 192.168.1.2.53:
24805+ PTR? 7.57.192.80.in-addr.arpa. (42)
18:03:13.473076 192.168.1.2.1229 > 192.168.1.2.53:
24805+ PTR? 7.57.192.80.in-addr.arpa. (42)
[ long timeout, then the correct listener ]
18:03:53.485796 127.0.0.1.1230 > 127.0.0.1.53:
57265+ PTR? 7.57.192.80.in-addr.arpa. (42)
18:03:53.486280 127.0.0.1.53 > 127.0.0.1.1230:
57265 1/0/0 PTR[|domain]
18:03:53.743123 127.0.0.1.1231 > 127.0.0.1.53:
57266+ PTR? 7.57.192.80.in-addr.arpa. (42)
18:03:53.744654 127.0.0.1.53 > 127.0.0.1.1231:
57266 1/0/0 PTR[|domain]
18:03:53.745014 127.0.0.1.1232 > 127.0.0.1.53:
57267+ A? pc-80-192-57-7-az.blueyonder.co.uk. (52)
18:03:53.746016 127.0.0.1.53 > 127.0.0.1.1232:
57267 1/0/0 A[|domain]
the code fragment in openssh responsible is this:
/usr/src/crypto/openssh/canohost.c
debug3("Trying to reverse map address %.100s.", ntop);
/* Map the IP address to a host name. */
if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
NULL, 0, NI_NAMEREQD) != 0) {
/* Host name not found. Use ip address. */
log("Could not reverse map address %.100s.", ntop);
return xstrdup(ntop);
}
i note that an old 3.4-RELEASE box i have, which has no native
getnameinfo call and so uses the one in the portable openssh
distribution doesn't behave the same - it correctly contacts
127.0.0.1:53 straight off.
am i missing something or is this genuinely odd behaviour from a newish
function?
regards, l.
FreeBSD rind.lemonia.org 4.7-STABLE FreeBSD 4.7-STABLE #0: Thu Dec 12
17:24:37 GMT 2002 root@rind.lemonia.org:/usr/obj/usr/src/sys/RIND i386
--
lemon@aldigital.co.uk +44 020 8742 0755 www.aldigital.co.uk
system administrivia c6 h8 o7 www.thebunker.net
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3E182B54.4090007>