System Calls that do DNS

Doug Hardie bc979 at
Tue Jun 4 05:22:08 UTC 2013

On 3 June 2013, at 20:39, staticsafe <me at> wrote:

> On Mon, Jun 03, 2013 at 07:57:07PM -0700, Doug Hardie wrote:
>> I have an unusual situation.  A program is doing a DNS lookup and often the IP address has no reverse DNS entries.  As a result the program hangs for several timeouts.  The call is not being made directly in its code, but is occurring in a system call.  There are no specific calls to DNS, its something else doing it.  I have been trying to track down which system call is doing it, but without success so far.  I have tried syslog calls around each of the system calls I thought might be the culprit, but my guessing is not very good.  How can I identify the system call that is calling DNS?  If I can find it, I hopefully can find another way to do whatever it does that does not involve a reverse DNS lookup.
> Use truss:
> The truss utility traces the system calls called by the specified
> process or program.
> -- 
> staticsafe
> O< ascii ribbon campaign - stop html mail -
> Please don't top post -
> Don't CC me! I'm subscribed to whatever list I just posted on.

Unfortunately truss does not show anything more than ktrace.  I know what is going out on the internet connection.  Its a plain old reverse DNS request.  The question is what library module (probably not a system call now that I think about it) is making that request.  Interestingly enough, adding the IP address with a dummy name in /etc/hosts causes the reverse request to succeed and there are no time delays.  So whatever module it is, is not using bind.  Bind doesn't check the hosts files as far as I can tell.

More information about the freebsd-questions mailing list