Date: Wed, 27 Dec 1995 19:09:29 +0100 (MET) From: volf@oasis.IAEhv.nl (Frank Volf) To: freebsd-hackers@freebsd.org, bind-users@vix.com Subject: Re: Freebsd IP alias and BIND Message-ID: <199512271809.TAA01736@oasis.IAEhv.nl> In-Reply-To: <199512261919.UAA05384@oasis.IAEhv.nl> from "Frank Volf" at Dec 26, 95 08:19:10 pm
next in thread | previous in thread | raw e-mail | index | archive | help
Frank Volf wrote:
>
> Hi and merry Xmas to you all,
>
> This message is sent to both freebsd-hackers and bind-users because I
> haven't figured out yet whether to blame FreeBSD, bind ore myself. I know this
> (or similar) problem have been the topic of bind-users before, but as far
> as I know there has not been a fix for it.
>
> THE SETUP:
> FreeBSD 2.05 box (pentium 90) and bind-4.9.3beta32. The FreeBSD box has
> a IP address (192.87.208.2) and an IP alias (194.151.64.2).
> The alias is used because we are in process of moving to a new IP netblock
> and we want both the old and the new nameserver addresses to be valid in
> the transition period.
>
> THE PROBLEM:
> When a query is sent to the IP alias two responses are generated: one
> response with the real IP address as the source address, the other one with
> the alias address as the source address:
>
> 17:02:20.146789 192.87.209.4.53 > 194.151.64.2.53: 52731+ NS? tue.nl. (24)
> 17:02:20.148820 192.87.208.2.53 > 192.87.209.4.53: 52731* 3/0/3 NS kweetal.tue.nl. (144)
> 17:02:20.150752 194.151.64.2.53 > 192.87.209.4.53: 52731* 3/0/3 NS ns1.surfnet.nl. (144)
>
> On a UNIX system runing BIND, the bogus response triggers the "response from
> unexpected source" message, but has no other effects. Some dialin software
> however (older versions of trumpet winsocket if I recall correctly) do not
> handle this correctly and cause the nameserver request to timeout if the
> wrong response is received first.
>
> THE CAUSE:
> I'm not sure. Since you can see in the tcpdump that the responses are
> different (round robin is turned on), it seems that bind gets or processes
> the incoming UDP package twice. I however don't know, if this is caused
> by bind or by the FreeBSD kernel.
>
> THE SOLUTION:
> Please tell me :-)
I did some more testing to find this problem. With bind debuggind enabled, I
found:
datagram from [192.87.209.4].1267, fd 8, len 24; now Wed Dec 27 18:36:59
1995
req: nlookup(dse.nl) id 10 type=2 class=1
req: found 'dse.nl' as 'dse.nl' (cname=0)
ns_req: answer -> [192.87.209.4].1267 fd=8 id=10 size=182 Remote
datagram from [192.87.209.4].1267, fd 6, len 24; now Wed Dec 27 18:36:59
1995
req: nlookup(dse.nl) id 10 type=2 class=1
req: found 'dse.nl' as 'dse.nl' (cname=0)
ns_req: answer -> [192.87.209.4].1267 fd=6 id=10 size=182 Remote
This means that bind really gets two copies of the datagram (one send to
fd 6, the other one to fd 8) and hence, bind is operating correctly and
FreeBSD is wrong:
named 16708 root 4u inet 0x0 TCP can't read inpcb at 0xf17e5e00
named 16708 root 5u inet 0x0 UDP can't read inpcb at 0xf1887b80
named 16708 root 6u inet 0x0 UDP can't read inpcb at 0xf1722000
named 16708 root 7u inet 0x0 UDP can't read inpcb at 0xf1703400
named 16708 root 8u inet 0x0 UDP can't read inpcb at 0xf1499c00
f167c000 tcp 0 0 *.53 *.* LISTEN
f1499c00 udp 0 0 *.53 *.*
f1703400 udp 0 0 127.0.0.1.53 *.*
f1722000 udp 0 0 194.151.64.2.53 *.*
f1887b80 udp 0 0 192.87.208.2.53 *.*
fd 6 is the alias IP address of the machine and fd8 is the wildcard UDP
address. Hopefully, this information is useful in finding the problem.
Regards,
Frank
----------------------------------------------------------------------------
Frank Volf - Internet Access Eindhoven - Digitale Stad Eindhoven
----------------------------------------------------------------------------
|| volf@oasis.IAEhv.nl - use for personal mail ||
|| volf@IAEhv.nl - use for Internet Access Eindhoven related mail ||
|| volf@dse.dse.nl - use for Digital City of Eindhoven related mail ||
----------------------------------------------------------------------------
IAE Public Access Unix System - Dial +31.40.2439436 and login as new.
----------------------------------------------------------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199512271809.TAA01736>