| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1501229105.12695.23.camel@edumazet-glaptop3.roam.corp.google.com> Date: Fri, 28 Jul 2017 01:05:05 -0700 From: Eric Dumazet <eric.dumazet@...il.com> To: Marc Haber <mh+netdev@...schlus.de> Cc: Paolo Abeni <pabeni@...hat.com>, netdev@...r.kernel.org Subject: Re: After a while of system running no incoming UDP any more? On Fri, 2017-07-28 at 08:26 +0200, Marc Haber wrote: > On Mon, Jul 24, 2017 at 04:19:10PM +0200, Paolo Abeni wrote: > > Once that a system enter the buggy status, do the packets reach the > > relevant socket's queue? > > > > ss -u > > nstat |grep -e Udp -e Ip > > > > will help checking that. > > I now have the issue on one machine, a Xen guest acting as authoritative > nameserver for my domains. Here are the outputs during normal use, with > artificial queries coming in on eth0: > > [9/1075]mh@...etus:~ $ ss -u > Recv-Q Send-Q Local Address:Port Peer Address:Port > 0 0 127.0.0.1:56547 127.0.0.1:domain > 0 0 216.231.132.60:27667 198.41.0.4:domain > 0 0 216.231.132.60:44121 8.8.8.8:domain > 0 0 216.231.132.60:29814 198.41.0.4:domain > [10/1076]mh@...etus:~ $ ss -u > Recv-Q Send-Q Local Address:Port Peer Address:Port > [11/1076]mh@...etus:~ $ ss -u > Recv-Q Send-Q Local Address:Port Peer Address:Port > [12/1076]mh@...etus:~ $ ss -u > Recv-Q Send-Q Local Address:Port Peer Address:Port > [13/1076]mh@...etus:~ $ ss -u > Recv-Q Send-Q Local Address:Port Peer Address:Port > [14/1076]mh@...etus:~ $ nstat | grep -e Udp -e Ip > IpInReceives 400688 0.0 > IpInAddrErrors 18567 0.0 > IpInUnknownProtos 3 0.0 > IpInDelivers 330634 0.0 > IpOutRequests 283637 0.0 > UdpInDatagrams 145860 0.0 > UdpNoPorts 1313 0.0 > UdpInErrors 9356 0.0 > UdpOutDatagrams 153093 0.0 > UdpIgnoredMulti 34148 0.0 > Ip6InReceives 161178 0.0 > Ip6InNoRoutes 8 0.0 > Ip6InDelivers 73841 0.0 > Ip6OutRequests 77575 0.0 > Ip6InMcastPkts 87332 0.0 > Ip6OutMcastPkts 109 0.0 > Ip6InOctets 21880674 0.0 > Ip6OutOctets 9633059 0.0 > Ip6InMcastOctets 9371483 0.0 > Ip6OutMcastOctets 6636 0.0 > Ip6InNoECTPkts 161202 0.0 > Ip6InECT1Pkts 15 0.0 > Ip6InECT0Pkts 11 0.0 > Ip6InCEPkts 4 0.0 > Udp6InDatagrams 11725 0.0 > Udp6NoPorts 2 0.0 > Udp6InErrors 1989 0.0 > Udp6OutDatagrams 14483 0.0 > IpExtInBcastPkts 34148 0.0 > IpExtInOctets 47462716 0.0 > IpExtOutOctets 31262696 0.0 > IpExtInBcastOctets 7476059 0.0 > IpExtInNoECTPkts 400178 0.0 > IpExtInECT1Pkts 22 0.0 > IpExtInECT0Pkts 481 0.0 > IpExtInCEPkts 14 0.0 > [15/1077]mh@...etus:~ $ nstat | grep -e Udp -e Ip > IpInReceives 25 0.0 > IpInDelivers 25 0.0 > IpOutRequests 16 0.0 > UdpInDatagrams 1 0.0 > UdpInErrors 24 0.0 > UdpOutDatagrams 16 0.0 > Ip6InReceives 15 0.0 > Ip6InDelivers 14 0.0 > Ip6OutRequests 12 0.0 > Ip6InMcastPkts 1 0.0 > Ip6InOctets 1219 0.0 > Ip6OutOctets 4384 0.0 > Ip6InMcastOctets 131 0.0 > Ip6InNoECTPkts 15 0.0 > IpExtInOctets 11779 0.0 > IpExtOutOctets 1023 0.0 > IpExtInNoECTPkts 25 0.0 > [16/1077]mh@...etus:~ $ nstat | grep -e Udp -e Ip > IpInReceives 24 0.0 > IpInDelivers 24 0.0 > IpOutRequests 18 0.0 > UdpInErrors 22 0.0 > UdpOutDatagrams 16 0.0 > Ip6InReceives 15 0.0 > Ip6InDelivers 12 0.0 > Ip6OutRequests 10 0.0 > Ip6InMcastPkts 3 0.0 > Ip6InOctets 1160 0.0 > Ip6OutOctets 2456 0.0 > Ip6InMcastOctets 216 0.0 > Ip6InNoECTPkts 15 0.0 > IpExtInOctets 8612 0.0 > IpExtOutOctets 1127 0.0 > IpExtInNoECTPkts 24 0.0 > [17/1077]mh@...etus:~ $ nstat | grep -e Udp -e Ip > IpInReceives 5 0.0 > IpInDelivers 4 0.0 > IpOutRequests 3 0.0 > UdpNoPorts 1 0.0 > UdpInErrors 2 0.0 > UdpOutDatagrams 1 0.0 > Ip6InReceives 12 0.0 > Ip6InDelivers 12 0.0 > Ip6OutRequests 10 0.0 > Ip6InOctets 944 0.0 > Ip6OutOctets 2364 0.0 > Ip6InNoECTPkts 12 0.0 > IpExtInOctets 429 0.0 > IpExtOutOctets 226 0.0 > IpExtInNoECTPkts 5 0.0 > [18/1077]mh@...etus:~ $ > > And here, hopefully a bit more helpful: > > [19/1078]mh@...etus:~ $ ss -u ; nstat | grep -e Udp -e Ip ; dig +time=2 @8.8.8.8 zugschlus.de mx ; ss -u ; nstat | grep -e Udp -e Ip > Recv-Q Send-Q Local Address:Port Peer Address:Port > 0 0 216.231.132.60:27333 198.41.0.4:domain > 0 0 216.231.132.60:38101 198.41.0.4:domain > 0 0 216.231.132.60:15836 198.41.0.4:domain > 0 0 216.231.132.60:50655 8.8.8.8:domain > 0 0 216.231.132.60:41953 198.41.0.4:domain > 0 0 216.231.132.60:6888 198.41.0.4:domain > 0 0 216.231.132.60:51441 198.41.0.4:domain > 0 0 216.231.132.60:42503 198.41.0.4:domain > 0 0 216.231.132.60:12575 198.41.0.4:domain > 0 0 216.231.132.60:13857 198.41.0.4:domain > 0 0 216.231.132.60:16419 192.36.148.17:domain > 0 0 216.231.132.60:39227 198.41.0.4:domain > 0 0 127.0.0.1:54608 127.0.0.1:domain > 0 0 216.231.132.60:20818 198.41.0.4:domain > 0 0 216.231.132.60:56662 198.41.0.4:domain > 0 0 216.231.132.60:48259 192.36.148.17:domain > 0 0 216.231.132.60:37803 198.41.0.4:domain > IpInReceives 59 0.0 > IpInAddrErrors 1 0.0 > IpInDelivers 56 0.0 > IpOutRequests 50 0.0 > UdpInDatagrams 1 0.0 > UdpInErrors 50 0.0 > UdpOutDatagrams 47 0.0 > UdpIgnoredMulti 1 0.0 > Ip6InReceives 75 0.0 > Ip6InDelivers 73 0.0 > Ip6OutRequests 64 0.0 > Ip6InMcastPkts 2 0.0 > Ip6InOctets 7837 0.0 > Ip6OutOctets 11876 0.0 > Ip6InMcastOctets 279 0.0 > Ip6InNoECTPkts 75 0.0 > Udp6InErrors 3 0.0 > IpExtInBcastPkts 1 0.0 > IpExtInOctets 18447 0.0 > IpExtOutOctets 3478 0.0 > IpExtInBcastOctets 183 0.0 > IpExtInNoECTPkts 59 0.0 > > ; <<>> DiG 9.10.3-P4-Debian <<>> +time=2 @8.8.8.8 zugschlus.de mx > ; (1 server found) > ;; global options: +cmd > ;; connection timed out; no servers could be reached > Recv-Q Send-Q Local Address:Port Peer Address:Port > 0 0 216.231.132.60:7879 202.12.27.33:domain > 0 0 216.231.132.60:32711 202.12.27.33:domain > 0 0 216.231.132.60:54238 202.12.27.33:domain > 0 0 216.231.132.60:30948 192.228.79.201:domain > 0 0 216.231.132.60:4106 202.12.27.33:domain > 0 0 216.231.132.60:6667 202.12.27.33:domain > 0 0 216.231.132.60:2090 192.228.79.201:domain > 0 0 216.231.132.60:60459 192.228.79.201:domain > 0 0 216.231.132.60:16427 202.12.27.33:domain > 0 0 216.231.132.60:9019 202.12.27.33:domain > 0 0 216.231.132.60:2113 202.12.27.33:domain > 0 0 216.231.132.60:34907 202.12.27.33:domain > 0 0 216.231.132.60:34654 202.12.27.33:domain > 0 0 216.231.132.60:47725 202.12.27.33:domain > 0 0 216.231.132.60:35774 202.12.27.33:domain > IpInReceives 38 0.0 > IpInDelivers 38 0.0 > IpOutRequests 38 0.0 > UdpInDatagrams 2 0.0 > UdpInErrors 34 0.0 > UdpOutDatagrams 36 0.0 > Ip6InReceives 14 0.0 > Ip6InDelivers 13 0.0 > Ip6OutRequests 13 0.0 > Ip6InMcastPkts 1 0.0 > Ip6InOctets 1046 0.0 > Ip6OutOctets 6277 0.0 > Ip6InMcastOctets 133 0.0 > Ip6InNoECTPkts 13 0.0 > Ip6InECT0Pkts 1 0.0 > Udp6InDatagrams 1 0.0 > Udp6OutDatagrams 1 0.0 > IpExtInOctets 15963 0.0 > IpExtOutOctets 2397 0.0 > IpExtInNoECTPkts 37 0.0 > IpExtInECT0Pkts 1 0.0 > [20/1079]mh@...etus:~ $ > > I am afraid I cannot keep this state for much longer than a few > additional hours as this is an authoritative name server... > > Greetings > Marc > To confirm the refcount issue, you might send us : cat /proc/net/udp6 Normally, the refcount column should have a value of 2
Powered by blists - more mailing lists