System Calls that do DNS

Doug Hardie bc979 at lafn.org
Thu Jun 6 18:00:23 UTC 2013 

On 3 June 2013, at 22:21, Doug Hardie <bc979 at lafn.org> wrote:

> 
> On 3 June 2013, at 20:39, staticsafe <me at staticsafe.ca> wrote:
> 
>> On Mon, Jun 03, 2013 at 07:57:07PM -0700, Doug Hardie wrote:
>>> I have an unusual situation.  A program is doing a DNS lookup and often the IP address has no reverse DNS entries.  As a result the program hangs for several timeouts.  The call is not being made directly in its code, but is occurring in a system call.  There are no specific calls to DNS, its something else doing it.  I have been trying to track down which system call is doing it, but without success so far.  I have tried syslog calls around each of the system calls I thought might be the culprit, but my guessing is not very good.  How can I identify the system call that is calling DNS?  If I can find it, I hopefully can find another way to do whatever it does that does not involve a reverse DNS lookup.
>>> 
>>> 
>> 
>> Use truss:
>> http://www.freebsd.org/cgi/man.cgi?query=truss
>> 
>> The truss utility traces the system calls called by the specified
>> process or program.
>> -- 
>> staticsafe
>> O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
>> Please don't top post - http://goo.gl/YrmAb
>> Don't CC me! I'm subscribed to whatever list I just posted on.
>> 
> 
> Unfortunately truss does not show anything more than ktrace.  I know what is going out on the internet connection.  Its a plain old reverse DNS request.  The question is what library module (probably not a system call now that I think about it) is making that request.  Interestingly enough, adding the IP address with a dummy name in /etc/hosts causes the reverse request to succeed and there are no time delays.  So whatever module it is, is not using bind.  Bind doesn't check the hosts files as far as I can tell.
> _______________________________________________

After considering all the advice I received, the method I found that worked was to start the process and when it entered the reverse DNS timeout, quickly find the process ID and do a gdb on that process.  Then a where command showed the entire stack which included all the module calls.  I had to rebuild the process with debugging first.

The IPv6 API when getting the client information will also do a reverse DNS lookup unless you specifically tell it not to do so.  Changing that eliminated the lookup and the timeouts.

Thanks to all.

-- Doug

More information about the freebsd-questions mailing list