lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20170728062644.bp7agcf6bh7g6yfw@torres.zugschlus.de>
Date:   Fri, 28 Jul 2017 08:26:44 +0200
From:   Marc Haber <mh+netdev@...schlus.de>
To:     Paolo Abeni <pabeni@...hat.com>
Cc:     netdev@...r.kernel.org
Subject: Re: After a while of system running no incoming UDP any more?

On Mon, Jul 24, 2017 at 04:19:10PM +0200, Paolo Abeni wrote:
> Once that a system enter the buggy status, do the packets reach the
> relevant socket's queue?
> 
> ss -u
> nstat |grep -e Udp -e Ip
> 
> will help checking that.

I now have the issue on one machine, a Xen guest acting as authoritative
nameserver for my domains. Here are the outputs during normal use, with
artificial queries coming in on eth0:

[9/1075]mh@...etus:~ $ ss -u
Recv-Q Send-Q                                     Local Address:Port                                                      Peer Address:Port                
0      0                                              127.0.0.1:56547                                                        127.0.0.1:domain               
0      0                                         216.231.132.60:27667                                                       198.41.0.4:domain               
0      0                                         216.231.132.60:44121                                                          8.8.8.8:domain               
0      0                                         216.231.132.60:29814                                                       198.41.0.4:domain               
[10/1076]mh@...etus:~ $ ss -u
Recv-Q Send-Q                                     Local Address:Port                                                      Peer Address:Port                
[11/1076]mh@...etus:~ $ ss -u
Recv-Q Send-Q                                     Local Address:Port                                                      Peer Address:Port                
[12/1076]mh@...etus:~ $ ss -u
Recv-Q Send-Q                                     Local Address:Port                                                      Peer Address:Port                
[13/1076]mh@...etus:~ $ ss -u
Recv-Q Send-Q                                     Local Address:Port                                                      Peer Address:Port                
[14/1076]mh@...etus:~ $ nstat  | grep -e Udp -e Ip
IpInReceives                    400688             0.0
IpInAddrErrors                  18567              0.0
IpInUnknownProtos               3                  0.0
IpInDelivers                    330634             0.0
IpOutRequests                   283637             0.0
UdpInDatagrams                  145860             0.0
UdpNoPorts                      1313               0.0
UdpInErrors                     9356               0.0
UdpOutDatagrams                 153093             0.0
UdpIgnoredMulti                 34148              0.0
Ip6InReceives                   161178             0.0
Ip6InNoRoutes                   8                  0.0
Ip6InDelivers                   73841              0.0
Ip6OutRequests                  77575              0.0
Ip6InMcastPkts                  87332              0.0
Ip6OutMcastPkts                 109                0.0
Ip6InOctets                     21880674           0.0
Ip6OutOctets                    9633059            0.0
Ip6InMcastOctets                9371483            0.0
Ip6OutMcastOctets               6636               0.0
Ip6InNoECTPkts                  161202             0.0
Ip6InECT1Pkts                   15                 0.0
Ip6InECT0Pkts                   11                 0.0
Ip6InCEPkts                     4                  0.0
Udp6InDatagrams                 11725              0.0
Udp6NoPorts                     2                  0.0
Udp6InErrors                    1989               0.0
Udp6OutDatagrams                14483              0.0
IpExtInBcastPkts                34148              0.0
IpExtInOctets                   47462716           0.0
IpExtOutOctets                  31262696           0.0
IpExtInBcastOctets              7476059            0.0
IpExtInNoECTPkts                400178             0.0
IpExtInECT1Pkts                 22                 0.0
IpExtInECT0Pkts                 481                0.0
IpExtInCEPkts                   14                 0.0
[15/1077]mh@...etus:~ $ nstat  | grep -e Udp -e Ip
IpInReceives                    25                 0.0
IpInDelivers                    25                 0.0
IpOutRequests                   16                 0.0
UdpInDatagrams                  1                  0.0
UdpInErrors                     24                 0.0
UdpOutDatagrams                 16                 0.0
Ip6InReceives                   15                 0.0
Ip6InDelivers                   14                 0.0
Ip6OutRequests                  12                 0.0
Ip6InMcastPkts                  1                  0.0
Ip6InOctets                     1219               0.0
Ip6OutOctets                    4384               0.0
Ip6InMcastOctets                131                0.0
Ip6InNoECTPkts                  15                 0.0
IpExtInOctets                   11779              0.0
IpExtOutOctets                  1023               0.0
IpExtInNoECTPkts                25                 0.0
[16/1077]mh@...etus:~ $ nstat  | grep -e Udp -e Ip
IpInReceives                    24                 0.0
IpInDelivers                    24                 0.0
IpOutRequests                   18                 0.0
UdpInErrors                     22                 0.0
UdpOutDatagrams                 16                 0.0
Ip6InReceives                   15                 0.0
Ip6InDelivers                   12                 0.0
Ip6OutRequests                  10                 0.0
Ip6InMcastPkts                  3                  0.0
Ip6InOctets                     1160               0.0
Ip6OutOctets                    2456               0.0
Ip6InMcastOctets                216                0.0
Ip6InNoECTPkts                  15                 0.0
IpExtInOctets                   8612               0.0
IpExtOutOctets                  1127               0.0
IpExtInNoECTPkts                24                 0.0
[17/1077]mh@...etus:~ $ nstat  | grep -e Udp -e Ip
IpInReceives                    5                  0.0
IpInDelivers                    4                  0.0
IpOutRequests                   3                  0.0
UdpNoPorts                      1                  0.0
UdpInErrors                     2                  0.0
UdpOutDatagrams                 1                  0.0
Ip6InReceives                   12                 0.0
Ip6InDelivers                   12                 0.0
Ip6OutRequests                  10                 0.0
Ip6InOctets                     944                0.0
Ip6OutOctets                    2364               0.0
Ip6InNoECTPkts                  12                 0.0
IpExtInOctets                   429                0.0
IpExtOutOctets                  226                0.0
IpExtInNoECTPkts                5                  0.0
[18/1077]mh@...etus:~ $

And here, hopefully a bit more helpful:

[19/1078]mh@...etus:~ $ ss -u ; nstat  | grep -e Udp -e Ip ; dig +time=2 @8.8.8.8 zugschlus.de mx ; ss -u ; nstat  | grep -e Udp -e Ip 
Recv-Q Send-Q                                     Local Address:Port                                                      Peer Address:Port                
0      0                                         216.231.132.60:27333                                                       198.41.0.4:domain               
0      0                                         216.231.132.60:38101                                                       198.41.0.4:domain               
0      0                                         216.231.132.60:15836                                                       198.41.0.4:domain               
0      0                                         216.231.132.60:50655                                                          8.8.8.8:domain               
0      0                                         216.231.132.60:41953                                                       198.41.0.4:domain               
0      0                                         216.231.132.60:6888                                                        198.41.0.4:domain               
0      0                                         216.231.132.60:51441                                                       198.41.0.4:domain               
0      0                                         216.231.132.60:42503                                                       198.41.0.4:domain               
0      0                                         216.231.132.60:12575                                                       198.41.0.4:domain               
0      0                                         216.231.132.60:13857                                                       198.41.0.4:domain
0      0                                         216.231.132.60:16419                                                    192.36.148.17:domain
0      0                                         216.231.132.60:39227                                                       198.41.0.4:domain
0      0                                              127.0.0.1:54608                                                        127.0.0.1:domain
0      0                                         216.231.132.60:20818                                                       198.41.0.4:domain
0      0                                         216.231.132.60:56662                                                       198.41.0.4:domain
0      0                                         216.231.132.60:48259                                                    192.36.148.17:domain
0      0                                         216.231.132.60:37803                                                       198.41.0.4:domain
IpInReceives                    59                 0.0
IpInAddrErrors                  1                  0.0
IpInDelivers                    56                 0.0
IpOutRequests                   50                 0.0
UdpInDatagrams                  1                  0.0
UdpInErrors                     50                 0.0
UdpOutDatagrams                 47                 0.0
UdpIgnoredMulti                 1                  0.0
Ip6InReceives                   75                 0.0
Ip6InDelivers                   73                 0.0
Ip6OutRequests                  64                 0.0
Ip6InMcastPkts                  2                  0.0
Ip6InOctets                     7837               0.0
Ip6OutOctets                    11876              0.0
Ip6InMcastOctets                279                0.0
Ip6InNoECTPkts                  75                 0.0
Udp6InErrors                    3                  0.0
IpExtInBcastPkts                1                  0.0
IpExtInOctets                   18447              0.0
IpExtOutOctets                  3478               0.0
IpExtInBcastOctets              183                0.0
IpExtInNoECTPkts                59                 0.0

; <<>> DiG 9.10.3-P4-Debian <<>> +time=2 @8.8.8.8 zugschlus.de mx
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
Recv-Q Send-Q                                     Local Address:Port                                                      Peer Address:Port
0      0                                         216.231.132.60:7879                                                      202.12.27.33:domain
0      0                                         216.231.132.60:32711                                                     202.12.27.33:domain
0      0                                         216.231.132.60:54238                                                     202.12.27.33:domain
0      0                                         216.231.132.60:30948                                                   192.228.79.201:domain
0      0                                         216.231.132.60:4106                                                      202.12.27.33:domain
0      0                                         216.231.132.60:6667                                                      202.12.27.33:domain
0      0                                         216.231.132.60:2090                                                    192.228.79.201:domain
0      0                                         216.231.132.60:60459                                                   192.228.79.201:domain
0      0                                         216.231.132.60:16427                                                     202.12.27.33:domain
0      0                                         216.231.132.60:9019                                                      202.12.27.33:domain
0      0                                         216.231.132.60:2113                                                      202.12.27.33:domain
0      0                                         216.231.132.60:34907                                                     202.12.27.33:domain
0      0                                         216.231.132.60:34654                                                     202.12.27.33:domain
0      0                                         216.231.132.60:47725                                                     202.12.27.33:domain
0      0                                         216.231.132.60:35774                                                     202.12.27.33:domain
IpInReceives                    38                 0.0
IpInDelivers                    38                 0.0
IpOutRequests                   38                 0.0
UdpInDatagrams                  2                  0.0
UdpInErrors                     34                 0.0
UdpOutDatagrams                 36                 0.0
Ip6InReceives                   14                 0.0
Ip6InDelivers                   13                 0.0
Ip6OutRequests                  13                 0.0
Ip6InMcastPkts                  1                  0.0
Ip6InOctets                     1046               0.0
Ip6OutOctets                    6277               0.0
Ip6InMcastOctets                133                0.0
Ip6InNoECTPkts                  13                 0.0
Ip6InECT0Pkts                   1                  0.0
Udp6InDatagrams                 1                  0.0
Udp6OutDatagrams                1                  0.0
IpExtInOctets                   15963              0.0
IpExtOutOctets                  2397               0.0
IpExtInNoECTPkts                37                 0.0
IpExtInECT0Pkts                 1                  0.0
[20/1079]mh@...etus:~ $

I am afraid I cannot keep this state for much longer than a few
additional hours as this is an authoritative name server...

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany    |  lose things."    Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature |  How to make an American Quilt | Fax: *49 6224 1600421

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ