Bug 23712 - udp sockets remain after dns reverse lookup fails
udp sockets remain after dns reverse lookup fails
Status: CLOSED DUPLICATE of bug 18332
Product: Red Hat Linux
Classification: Retired
Component: glibc (Show other bugs)
7.0
i686 Linux
medium Severity high
: ---
: ---
Assigned To: Jakub Jelinek
Aaron Brown
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-01-10 10:36 EST by dro
Modified: 2007-04-18 12:30 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-01-11 07:34:29 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description dro 2001-01-10 10:36:22 EST
I have two RedHat 7.0 boxes running with the 2.2.16 SMP kernel.

 Some services on both machines appear to have sockets remaining open to 
the primary and secondary dns servers after a reverse lookup fails.

 The first indication of the problem was when my max file descriptor limit 
was reached, because of this I had increased the limit. After a bit more 
investigation I noticed that when a reverse dns request is made by certain 
services (ie: apache, sendmail, xinetd) and the remote authoritative host 
for the reverse ip block fails, a socket is left resident in the system to 
the local primary or secondary dns servers.

 If the system is left unchecked, the entire machine will lockup after 
roughly two days of activity on a medium load server.

 The sockets are closed after the afflicted service is stopped and 
restarted.

 I have only been able to reproduce these events on two SMP servers which 
run the same hardware configurations in each. I don't have access to a 
third server which runs RedHat 7 with SMP and different hardware to 
completely verify the circumstances.

 I have only seen one other instance of this happening in the newsgroups 
and email lists. The other company affected had contacted me inregards to 
the problem. After they had downgraded to RedHat 6.2, the problem was 
cleared.

Environment:
Linux web 2.2.16-22smp #3 SMP Fri Nov 3 22:08:03 EST 2000 i686 unknown
glibc-2.2.9
apache compiled with egcs-2.91.66


Visual of the problem:

# netstat -an | grep '.53' | grep udp
udp        0      0 web:3129      207.61.147.10:53        ESTABLISHED
udp        0      0 web:3128      207.61.147.20:53        ESTABLISHED
udp        0      0 web:3127      207.61.147.10:53        ESTABLISHED
udp        0      0 web:3126      207.61.147.20:53        ESTABLISHED
udp        0      0 web:3125      207.61.147.10:53        ESTABLISHED
udp        0      0 web:3124      207.61.147.20:53        ESTABLISHED
<snip>

# fuser -n udp 3124
3124/udp:             2360

# ps ax | grep 2360
 2360 ?        S      0:00 /usr/local/httpd/bin/httpd

# netstat -an | grep '.53' | grep udp | wc -l
   862

Packet level visual:

14:03:40.085211 eth0 > web.efni.com.2640 > rhymes.efni.com.domain: 31440+ 
PTR? 3.138.210.207.in-addr.arpa. (44)
14:03:40.086942 eth0 < rhymes.efni.com.domain > web.efni.com.2640: 31440 
ServFail 0/0/0 (44) (DF)
udp        0      0 207.61.147.42:2640      207.61.147.10:53        
ESTABLISHED

15:11:07.482324 eth0 > web.efni.com.2168 > rhymes.efni.com.domain: 54530+ 
PTR? 251.146.3.209.in-addr.arpa. (44)
15:11:07.484169 eth0 < rhymes.efni.com.domain > web.efni.com.2168: 54530 
ServFail 0/0/0 (44) (DF)
udp        0      0 207.61.147.42:2168      207.61.147.10:53        
ESTABLISHED


 In the two instances listed above, I had waited roughly two minutes 
before checking for the socket in a netstat.


 This bug is marked as glibc as I believe it was the proper place for the 
report, but I could very easily have been mistaken on this..

 Regards,

Joshua Hirsh
efni CONNECT
UNIX Systems Administration
admin@efni.com
Tel: (705) 474-3364 ext. 2557
Fax: (705) 472-9202
PGP KEY: http://users.efni.com/admin/pgp/
Comment 1 Tomas Mraz 2001-01-11 05:29:06 EST
I have the same problem which is on my machine triggered by silent releasing of
the eth0 interface (which I still don't know why it releases). After that the
open UDP sockets (by httpd especially) stay opened even when I start the eth0
interface again.
I have RedHat Linux 7.0 with all recent updates applied but with kernel 2.2.18.
Machine is Celeron II 566 with ASUS CUV4X MB and 3COM ethernet card.
Comment 2 Jakub Jelinek 2001-01-11 07:47:17 EST

*** This bug has been marked as a duplicate of 18332 ***

Note You need to log in before you can comment on or make changes to this bug.