Bug 1119083 - glib-pacrunner excessive dns connections
Summary: glib-pacrunner excessive dns connections
Keywords:
Status: CLOSED EOL
Alias: None
Product: Fedora
Classification: Fedora
Component: glib-networking
Version: 22
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Dan Winship
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-07-13 22:15 UTC by Bill C. Riemers
Modified: 2016-07-19 11:55 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-07-19 11:55:25 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)

Description Bill C. Riemers 2014-07-13 22:15:19 UTC
Description of problem:

Yesterday I noticed on one of my routers I was constantly stuck an the nc_conntrack_max, causing a huge number of packet drops and very slow network access.   I've debugged about everything on the router, including flashing multiple firmware versions.  In every case as soon as I braught the network up and dnsmasq started, the limit would be exceeded quickly.  Everything I read on the web said this met it was a DDoS attack, so I turned my home network and waited a day.   Same problem today.  When shutdown the permenantly the router with the problem, the other router started having the same issue.

To make a long story short, I finally discovered the problem is glib-pacrunner is contantly making thousands of DNS lookups.   It makes so many the dnsmasq starts ignoring it, but that doesn't stop glib-pacrunner...


Version-Release number of selected component (if applicable):

glib-networking-2.38.2-1.fc20.x86_64

How reproducible:

100%, on my laptop

Steps to Reproduce:
1. I do not know what triggered glib-networking to start producing this problem.   Most of the DNS lookups I see in the log are ldap related.  I expect those to fail,  because the ldap server is in the Red Hat network.

2.  However, once it is happening you can observe it on the router by looking
at /proc/sys/net/netfilter/nf_conntrack_count and watching it grow quickly.  You can also see the individual connections in /proc/net/ip_conntrack .

Actual results:

Router stops responding to DNS traffic and routing packets, causing what appears to be a DDoS attack.

Expected results:

I realize glib-networking is an library used by many programs.  It is doing these DNS requests as a result of an API call.   There should somewhere by a log were one can track these problems, and there should be some sort of governor limit to block badly behaving applications.  Basically I can track this to glib-pacrunner with a "netstat -n -a -p" but beyond that I'm stuck.

Bill


Additional info:

Comment 1 Bill C. Riemers 2014-07-13 22:32:22 UTC
I put in a dummy dns entry on each of my routers this is what I now see in the log files:

Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: query[A] ldap.corp.redhat.com from 172.31.253.119
Jul 13 18:28:11 asus2 daemon.info dnsmasq[32528]: /jffs/etc/dnsmasq/hosts/hosts ldap.corp.redhat.com is 127.0.0.1

Some process really wants to lookup this address, and isn't satisfied with the response.

Comment 2 Bill C. Riemers 2014-07-13 22:36:49 UTC
The following lookups are also repeated many times each second, but not as often as the ldap.corp.redhat.com lookup:

Jul 13 18:33:28 asus2 daemon.info dnsmasq[32528]: query[AAAA] apidata.googleusercontent.com from 172.31.253.119
Jul 13 18:33:28 asus2 daemon.info dnsmasq[32528]: cached apidata.googleusercontent.com is <CNAME>
Jul 13 18:33:28 asus2 daemon.info dnsmasq[32528]: cached googlehosted.l.googleusercontent.com is 2607:f8b0:400b:807::100c

Comment 3 Bill C. Riemers 2014-07-13 23:05:14 UTC
The ldap messages all came from sssd.  After stopping that, after stopping that though, there was still too much traffic for my routers for the google dns lookups.  I could not figure out what process was doing that.  But I did not evolution using an excessive amount of CPU time.   Which is strange since I don't use evolution.   I installed that and rebooted.

For now the traffic level is more reasonable.  But still excessive.

It seems one issue is the glib-pacrunning is connecting to all DNS servers for each request, instead of doing lookups sequentially.   I have my routers set to intercept all port 53 requests, otherwise I would not notice this problem so easily.  It even seems to attempt to connect to many DNS servers I don't have configured in /etc/resolv.conf.

Comment 4 Dan Winship 2014-07-14 12:35:03 UTC
So first off, I assume you do actually have a proxy configuration that uses a PAC file? Anything exciting in the PAC file?

It would be interesting to see where in glib-pacrunner the DNS requests are coming from

Comment 5 Bill C. Riemers 2014-07-14 12:55:40 UTC
Oh.  So that is what the process does...   When I removed evolution I also removed GNOME's reference to the PAC file and my google account.  So that explains how come after a reboot I don't see glib-pacrunner doing any requests.

This of course the potential it could still pickup the file since I have my DNS serving it as a wpad.dat file.

The contents follow:


function FindProxyForURL(url,host) {
  if(isInNet(host,"172.31.0.0", "255.255.0.0")) return "DIRECT";
  if(isInNet(host,"127.0.0.0", "255.0.0.0")) return "DIRECT";
  var hosts = ["hua.hrsmart.com", "lwn.net"];
  for(var i=0;i<hosts.length;i++) {
    if (host == hosts[i] || dnsDomainIs(host,hosts[i])) {
      return "PROXY squid.corp.redhat.com:3128; DIRECT";
    }
  }
  var dhosts = ["docbill.info","redhat.com"];
  for(var i=0;i<dhosts.length;i++) {
    if (host == dhosts[i] || dnsDomainIs(host,dhosts[i])) {
      return "DIRECT; PROXY squid.corp.redhat.com:3128";
    }
  }
  var lhosts = ["facebook.com","youtube.com","googlevideo.com","ytimg.com","fbcdn.net"];
  for(var i=0;i<lhosts.length;i++) {
    if (host == lhosts[i] || dnsDomainIs(host,lhosts[i])) {
//      return "PROXY wpad.docbill.info:3128; DIRECT";
    }
  }
  var lprotos = ["http","ftp","https","gopher"];
  var urlex = [/get_video[?]/,/videoplayback[?]/,/videodownload[?]/,/.*\.mp4/,/google\.com\/videoplayback\./];
  for(var i=0;i<lprotos.length;i++) {
    if (shExpMatch(url,lprotos[i]+":/*")) {
      for(var j=0;j<urlex.length;j++) {
        if (urlex[j].test(url)) {
//          return "PROXY wpad.docbill.info:3128; DIRECT";
        }
      }
    }
  }
  return "DIRECT; PROXY wpad.docbill.info:3128";
}

Comment 6 Bill C. Riemers 2014-07-14 13:07:23 UTC
Likely then the problem is before this function can be called a DNS lookup is required.  So glib-pacrunner, is doing a DNS lookup across all servers every single time, regardless of how recently it was called with the exact same arguments.  In this case both sssd and evolution where in a and endless loop calling whatever method that invokes this call, or glib-pacrunner itself has a loop.   The result is hundreds of DNS requests per second, when the tipical router is configured to handle a maximum substained rate of about 30 per second across all clients.

e.g. I had a connection max of 8192, which is default for my router, and a connection timeout of 300, which is recommended for VOIP users.  8192 / 300 = 27.  Even quadroupling the max value, was not sufficient to handle a the traffic from my laptop.

Bill

Comment 7 Bill C. Riemers 2014-07-14 13:12:44 UTC
If course there is likely a kernel bug here as well.  In that the linux kernel should not need to track udp packets that are locally terminating.  The tracking is just to persist NAT mappings when forwarding.  But my routers aren't running Fedora, so I'll need to find a different place to report that bug...

Comment 8 Jaroslav Reznik 2015-03-03 16:07:30 UTC
This bug appears to have been reported against 'rawhide' during the Fedora 22 development cycle.
Changing version to '22'.

More information and reason for this action is here:
https://fedoraproject.org/wiki/Fedora_Program_Management/HouseKeeping/Fedora22

Comment 9 Fedora End Of Life 2016-07-19 11:55:25 UTC
Fedora 22 changed to end-of-life (EOL) status on 2016-07-19. Fedora 22 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this
bug.

Thank you for reporting this bug and we are sorry it could not be fixed.


Note You need to log in before you can comment on or make changes to this bug.