From nobody Tue Jan 10 07:40:13 2023 X-Original-To: freebsd-emulation@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4NrjRM59Sdz2qylT for ; Tue, 10 Jan 2023 07:41:03 +0000 (UTC) (envelope-from Alexander@leidinger.net) Received: from mailgate.Leidinger.net (mailgate.leidinger.net [IPv6:2a00:1828:2000:313::1:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature ECDSA (P-256) client-digest SHA256) (Client CN "mailgate.leidinger.net", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4NrjRM0Zkbz4FYV for ; Tue, 10 Jan 2023 07:41:03 +0000 (UTC) (envelope-from Alexander@leidinger.net) Authentication-Results: mx1.freebsd.org; none Received: from outgoing.leidinger.net (p5b165db2.dip0.t-ipconnect.de [91.22.93.178]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256 client-signature ECDSA (P-256) client-digest SHA256) (Client CN "outgoing.leidinger.net", Issuer "R3" (verified OK)) by mailgate.Leidinger.net (Postfix) with ESMTPSA id ACBC3266C4 for ; Tue, 10 Jan 2023 08:40:48 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=leidinger.net; s=outgoing-alex; t=1673336448; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to; bh=ovirpxC/+JRm7E4XEaKtirPj47DaVYmwPSiwYBIr+hc=; b=v7Dh/oiQxc6Y+Mcn1VmWMAVzC6UverZ2ixSgQR/2USGwwSiIQiKatbXQL3IGs+Eo4bDbE0 N0lZJYluj9z8ZvimwEuUL1npEMXyfePixJPsQ3l1MhivvtpqdE5MWy8Bze10fMER7XaXnw Ls8SlLgApWa6QhEbMGlBPp3tbaxSo0FPzwRN+9G0uyAQ/wTNEUrHjBYuStpEwTK0K1ItK1 4FeCq0Wfq7x3izvt/LDjTMJeD2k+i5gm/nYdBuRbRdPVuelC1kOIZo/0sOoJmMYMZNa7fr w3jks17BIJRo5S/q4PT44b5knBdfe/qmS27w98gvT1qFei/ltPK/yFnwQQetiQ== Received: from webmail.leidinger.net (localhost [127.0.0.1]) by outgoing.leidinger.net (Postfix) with ESMTP id 214ABA65B for ; Tue, 10 Jan 2023 08:40:14 +0100 (CET) Received: from www (uid 80) (envelope-from Alexander@leidinger.net) id 7cf25 by webmail.leidinger.net (DragonFly Mail Agent v0.13+ on webmail.leidinger.net); Tue, 10 Jan 2023 08:40:14 +0100 Date: Tue, 10 Jan 2023 08:40:13 +0100 Message-ID: <20230110084013.Horde.685bQie_CaYVmp_jzMaMTeq@webmail.leidinger.net> From: Alexander Leidinger To: Mathias Picker Cc: freebsd-emulation@freebsd.org Subject: Re: Linux jail 14-CURRENT: DNS does not work for *some* programs? In-Reply-To: Accept-Language: de,en Content-Type: multipart/signed; boundary="=_HITCnOCO51Zm7V8wel7pu2u"; protocol="application/pgp-signature"; micalg=pgp-sha256 List-Id: Development of Emulators of other operating systems List-Archive: https://lists.freebsd.org/archives/freebsd-emulation List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-emulation@freebsd.org MIME-Version: 1.0 X-Rspamd-Queue-Id: 4NrjRM0Zkbz4FYV X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:34240, ipnet:2a00:1828::/32, country:DE] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-ThisMailContainsUnwantedMimeParts: N This message is in MIME format and has been PGP signed. --=_HITCnOCO51Zm7V8wel7pu2u Content-Type: text/plain; charset=utf-8; format=flowed; DelSp=Yes Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Quoting Mathias Picker (from Tue, 10=20= =20 Jan=202023 06:51:06 +0100): > Hi all, > > I=E2=80=99m testing a few linux triplestore in a linux jail, and used 13.= 1=20=20 >=20which worked fine most of the time. > > Now one of the stores shows dropped connections with many clients,=20=20 >=20and as I can see logs of netlink errors in the logs, I thought I=E2=80= =99d=20=20 >=20try -CURRENT. > > Sadly, my linux jail (Ubuntu 16.04.7) now shows an irritating=20=20 >=20behaviour, some programs seem to hang indefinitely waiting for name=20= =20 >=20resolution: > > Inside the jail: > > Working version with ping [example] > Non-working with wget (same for curl and others) [example] > So, this tcpdump looks pretty much as if both got answers from unbound. > Why is wget (and host, and curl, and sudo) not =E2=80=9Cgetting=E2=80=9D = this answer? > > Any ideas where to look or questions about my setup welcome! Current has netlink support, 13.1 doesn't. Current may have changes in=20= =20 the=20linuxumaltor, which aren't in 13.1. You need to debug the kernel=20= =20 path.=20Possible tools to do so are ktrace and dtrace. The most easy cmdline would be ktrace, whereas dtrace gives more=20=20 flexibility=20in what you do and how you look at it. As a first step I=20= =20 would=20recommend ktrace. Not sure if it will work as I want it to work... ktrace -di jexec "ID or name of jail" ping google.de After you have seen the answer with tcpdump, you can kill ktrace/ping=20=20 (or=20wait for a timeout, but this will increase the amount of data=20=20 traced)=20and inspect the result via "kdump" (this will take the file=20=20 "ktrace.out"=20in the current directory and print out the data). IF this works (I'm not sure if the ktrace inherits(descents into a=20=20 jail),=20you will see the calls to jexec and the exec of ping and what=20= =20 all=20those do in the kernel. This will then give a hint where to look=20= =20 next. IF=20this doesn't work, you can use "ktrace -di -p " from=20= =20 the=20jail-host while ping is running. If ping tries to redo the DNS=20=20 lookup,=20or a second nameserver is configured and it tries to get the=20= =20 info=20from the second after a timeout, you may be lucky to catch that=20= =20 in=20the trace. Bye, Alexander. --=20 http://www.Leidinger.net=20Alexander@Leidinger.net: PGP 0x8F31830F9F2772BF http://www.FreeBSD.org netchild@FreeBSD.org : PGP 0x8F31830F9F2772BF --=_HITCnOCO51Zm7V8wel7pu2u Content-Type: application/pgp-signature Content-Description: Digitale PGP-Signatur Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIzBAABCAAdFiEER9UlYXp1PSd08nWXEg2wmwP42IYFAmO9Fl0ACgkQEg2wmwP4 2Ibp3g//Sv66tw4u5+w1SRwgpOisd46UWeUbaCYzF89l2NPB1KZBxF1XtFBctzWn 8QYIzbrFDbq5uPhRI1GCbtUhpkjyn5Qogv6drmH9r5JVYrNi2SggqMb4cAB+A4+c bzxAL8wg9Le53YQtk/VvmjMaUbLskvWAcYIPZVLGIh5mDo7+MoiTMsX91r/m+Sf+ qqQY5r5mb/Dqk+tMFMkKvU/pVfcT1cxl6xEe37o08u1lybMglUQojK2Ieh2nX9Ll mQqMe8zyHxHcXlhQrEl9LQjRKOzxbhQgslvhwP09ecGZ6C8DfZQZQdzEAs1aeKv4 GXyY4Nl1D8pOn2Z7VVeTRL8suOdcn3GZ5PTt7CPANHDDn3xSg3RQRtgEHmVH1h31 P4Tpw619R0+KOar/0rsEjkOtBJJ7aZM1SYk0QWLzCbeKRak/UL2p7jB4KK1qXNWn EJ2/5StyvM0iBdEGoKC+zUxUsmt7y8ksh7tiEgrtkbkus7faHVNZiigZEl/Dbyut c39vwzAHjQkQV7KsUcHwjJGc/IhDPf/t6qfjT6wOmB+eO5L6ETtWZG5PwnRWBPTL dZe9m0jQwlfaC4kKdiF3WUcId1PO+rdB2Ly7P+1ItKthaIVoN5elEHz5CQj7JyBr +O6XqNEYN4bQpJK+NhUYkNSD/mDoS0fX210lk9880yspdB9JCvg= =M+ZR -----END PGP SIGNATURE----- --=_HITCnOCO51Zm7V8wel7pu2u--