Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 23712

Summary: udp sockets remain after dns reverse lookup fails
Product: [Retired] Red Hat Linux Reporter: dro
Component: glibcAssignee: Jakub Jelinek <jakub>
Status: CLOSED DUPLICATE QA Contact: Aaron Brown <abrown>
Severity: high Docs Contact:
Priority: medium    
Version: 7.0CC: dr, fweimer, noelmorgan, t8m
Target Milestone: ---   
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2001-01-11 12:34:29 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description dro 2001-01-10 15:36:22 UTC 
I have two RedHat 7.0 boxes running with the 2.2.16 SMP kernel.

 Some services on both machines appear to have sockets remaining open to 
the primary and secondary dns servers after a reverse lookup fails.

 The first indication of the problem was when my max file descriptor limit 
was reached, because of this I had increased the limit. After a bit more 
investigation I noticed that when a reverse dns request is made by certain 
services (ie: apache, sendmail, xinetd) and the remote authoritative host 
for the reverse ip block fails, a socket is left resident in the system to 
the local primary or secondary dns servers.

 If the system is left unchecked, the entire machine will lockup after 
roughly two days of activity on a medium load server.

 The sockets are closed after the afflicted service is stopped and 
restarted.

 I have only been able to reproduce these events on two SMP servers which 
run the same hardware configurations in each. I don't have access to a 
third server which runs RedHat 7 with SMP and different hardware to 
completely verify the circumstances.

 I have only seen one other instance of this happening in the newsgroups 
and email lists. The other company affected had contacted me inregards to 
the problem. After they had downgraded to RedHat 6.2, the problem was 
cleared.

Environment:
Linux web 2.2.16-22smp #3 SMP Fri Nov 3 22:08:03 EST 2000 i686 unknown
glibc-2.2.9
apache compiled with egcs-2.91.66


Visual of the problem:

# netstat -an | grep '.53' | grep udp
udp        0      0 web:3129      207.61.147.10:53        ESTABLISHED
udp        0      0 web:3128      207.61.147.20:53        ESTABLISHED
udp        0      0 web:3127      207.61.147.10:53        ESTABLISHED
udp        0      0 web:3126      207.61.147.20:53        ESTABLISHED
udp        0      0 web:3125      207.61.147.10:53        ESTABLISHED
udp        0      0 web:3124      207.61.147.20:53        ESTABLISHED
<snip>

# fuser -n udp 3124
3124/udp:             2360

# ps ax | grep 2360
 2360 ?        S      0:00 /usr/local/httpd/bin/httpd

# netstat -an | grep '.53' | grep udp | wc -l
   862

Packet level visual:

14:03:40.085211 eth0 > web.efni.com.2640 > rhymes.efni.com.domain: 31440+ 
PTR? 3.138.210.207.in-addr.arpa. (44)
14:03:40.086942 eth0 < rhymes.efni.com.domain > web.efni.com.2640: 31440 
ServFail 0/0/0 (44) (DF)
udp        0      0 207.61.147.42:2640      207.61.147.10:53        
ESTABLISHED

15:11:07.482324 eth0 > web.efni.com.2168 > rhymes.efni.com.domain: 54530+ 
PTR? 251.146.3.209.in-addr.arpa. (44)
15:11:07.484169 eth0 < rhymes.efni.com.domain > web.efni.com.2168: 54530 
ServFail 0/0/0 (44) (DF)
udp        0      0 207.61.147.42:2168      207.61.147.10:53        
ESTABLISHED


 In the two instances listed above, I had waited roughly two minutes 
before checking for the socket in a netstat.


 This bug is marked as glibc as I believe it was the proper place for the 
report, but I could very easily have been mistaken on this..

 Regards,

Joshua Hirsh
efni CONNECT
UNIX Systems Administration
admin
Tel: (705) 474-3364 ext. 2557
Fax: (705) 472-9202
PGP KEY: http://users.efni.com/admin/pgp/
Comment 1 Tomas Mraz 2001-01-11 10:29:06 UTC 
I have the same problem which is on my machine triggered by silent releasing of
the eth0 interface (which I still don't know why it releases). After that the
open UDP sockets (by httpd especially) stay opened even when I start the eth0
interface again.
I have RedHat Linux 7.0 with all recent updates applied but with kernel 2.2.18.
Machine is Celeron II 566 with ASUS CUV4X MB and 3COM ethernet card.
Comment 2 Jakub Jelinek 2001-01-11 12:47:17 UTC 

*** This bug has been marked as a duplicate of 18332 ***