From owner-freebsd-net  Mon Jan  7 23:43:46 2002
Delivered-To: freebsd-net@freebsd.org
Received: from pimout2-int.prodigy.net (pimout2-ext.prodigy.net [207.115.63.101])
	by hub.freebsd.org (Postfix) with ESMTP id 24AEC37B416
	for <freebsd-net@FreeBSD.ORG>; Mon,  7 Jan 2002 23:43:40 -0800 (PST)
Received: from [10.0.1.26] (adsl-64-161-212-229.dsl.snfc21.pacbell.net [64.161.212.229])
	by pimout2-int.prodigy.net (8.11.0/8.11.0) with ESMTP id g087hVR159310;
	Tue, 8 Jan 2002 02:43:32 -0500
Mime-Version: 1.0
X-Sender: rleising@pop.sbcglobal.net
Message-Id: <a05100300b860474d160e@[10.0.1.26]>
In-Reply-To: <20020106223931.E2029@gohan.cjclark.org>
References: <a05100300b85ea4d919a2@[10.0.1.26]>
 <20020106223931.E2029@gohan.cjclark.org>
Date: Mon, 7 Jan 2002 23:43:05 -0800
To: cjclark@alum.mit.edu
From: Rachel Leising <rleising@sbcglobal.net>
Subject: Re: name resolution problems and "full socket buffers"
Cc: freebsd-net@FreeBSD.ORG, rleising@sbcglobal.net
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org

Crist,

Please see output in-line below...

>On Sun, Jan 06, 2002 at 05:22:00PM -0800, Rachel Leising wrote:
>>
>>  --
>>  I can't seem to get name resolution working correctly.
>>
>>  According to sniffer output, the dns query goes out fine and the
>>  response comes back just fine. However, my machine then replies to
>>  the dns server with an ICMP "port unreachable message"... regardless
>>  of the ephemeral port used by my machine as the source port for the
>>  dns query.
>
>Could you post the actual tcpdump(1) output,
>
>   # tcpdump -vvvn 'udp && port 53'
>
>Just in case you are missing something.

# tcpdump -vvn 'udp && port 53'
tcpdump: listening on wi0
23:03:06.652249  10.0.1.14.1068 > 10.1.1.53: [ udp sum ok ] 26929+ A? 
www.yahoo.com. [ |domain ] (ttl 64, id 120, len 59)
23:03:06.674992  63.203.35.55.53 > 10.0.1.14.1068:   26929  q:  A? 
www.yahoo.com.  7/8/8  www.yahoo.com.  CNAME[ |domain ] (DF)
(ttl 249, id 16300, len 453)
23:03:11.660476  10.0.1.14.1068 > 10.1.1.53: [ udp sum ok ] 26929+ A? 
www.yahoo.com. [ |domain ] (ttl 64, id 122, len 59)
23:03:11.686633  63.203.35.55.53 > 10.0.1.14.1068:   26929  q:  A? 
www.yahoo.com.  7/8/8  www.yahoo.com.  CNAME[ |domain ] (DF)
(ttl 249, id 16301, len 453)
23:03:16.670665  10.0.1.14.1069 > 10.1.1.53: [ udp sum ok ] 26930+ 
MX? www.yahoo.com. [ |domain ] (ttl 64, id 124, len 59)
23:03:16.800894  63.203.35.55.53 > 10.0.1.14.1069:   26930  q:  MX? 
www.yahoo.com.  1/1/0  www.yahoo.com.  CNAME[ |domain ] (DF)
(ttl 249, id 16302, len 153)
23:03:21.680620  10.0.1.14.1069 > 10.1.1.53: [ udp sum ok ] 26930+ 
MX? www.yahoo.com. [ |domain ] (ttl 64, id 126, len 59)
23:03:21.703735  63.203.35.55.53 > 10.0.1.14.1069:   26930  q:  MX? 
www.yahoo.com.  1/1/0  www.yahoo.com.  CNAME[ |domain ] (DF)
(ttl 249, id 16303, len 153)


>
>>  nestat -s also shows the following udp counters incrementing:
>>
>>  "x dropped due to no socket"
>
>This is what I would expect for what you describe...
>
>>  "y dropped due to full socket buffers"
>
>Hmmmm...
>
>Could we double-check the firewall issue,
>
>   $ sysctl net.inet.ip.fw.enable net.inet.ipf.fr_running

# sysctl net.inet.ip.fw.enable
sysctl: unknown oid 'net.inet.ip.fw.enable'
# sysctl net.inet.ipf.fr_running
sysctl: unknown oid 'net.inet.ipf.fr_running'

>
>And see the full output of,
>
>   $ netstat -s -p udp

# netstat -s -p udp
udp:
	82 datagrams received
	0 with incomplete header
	0 with bad data length field
	0 with bad checksum
	0 with no checksum
	15 dropped due to no socket
	0 broadcast/multicast datagrams dropped due to no socket
	67 dropped due to full socket buffers
	0 not for hashed pcb
	0 delivered
	19 datagrams output

>   $ netstat -an -p udp

# netstat -an -p udp
Active Internet connections (including servers)
Proto  Recv-Q  Send-Q   Local Address	   Foreign Address	   (state)
udp4	    0	 0      *.68	  	    *.*
udp4	    0	 0      *.*		    *.*
udp4	    0	 0      *.514	    *.*
udp6	    0             0      *.514	    *.*

>   $ host testhost            # your DNS test here

# host www.yahoo.com      #the tcpdump command above was initiated 
immediately before this

>   $ netstat -s -p udp

# netstat -s -p udp
udp:
	289 datagrams received
	0 with incomplete header
	0 with bad data length field
	0 with bad checksum
	0 with no checksum
	48 dropped due to no socket
	0 broadcast/multicast datagrams dropped due to no socket
	241 dropped due to full socket buffers
	0 not for hashed pcb
	0 delivered
	52 datagrams output

>   $ netstat -an -p udp

# netstat -an -p udp
Active Internet connections (including servers)
Proto  Recv-Q  Send-Q   Local Address	   Foreign Address	   (state)
udp4             0	 0     10.0.1.14.1068     10.0.1.1.53
udp4             0	 0     10.0.1.14.1069     10.0.1.1.53
udp4	    0	 0      *.68	  	    *.*
udp4	    0	 0      *.*		    *.*
udp4	    0	 0      *.514	    *.*
udp6	    0             0      *.514	    *.*

thanks again,
Rach


>--
>"It's always funny until someone gets hurt. Then it's hilarious."
>
>Crist J. Clark                     |     cjclark@alum.mit.edu
>                                    |     cjclark@jhu.edu
>http://people.freebsd.org/~cjc/    |     cjc@freebsd.org


-- 

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message