[DNSOP] port 0 requests leading to errors
bert hubert <bert.hubert@netherlabs.nl> Sat, 22 March 2014 11:27 UTC
Return-Path: <ahu@xs.powerdns.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B39541A08B2 for <dnsop@ietfa.amsl.com>; Sat, 22 Mar 2014 04:27:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.01
X-Spam-Level:
X-Spam-Status: No, score=-0.01 tagged_above=-999 required=5 tests=[T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dsUnq3-2VCoU for <dnsop@ietfa.amsl.com>; Sat, 22 Mar 2014 04:26:57 -0700 (PDT)
Received: from xs.powerdns.com (xs.powerdns.com [IPv6:2001:888:2000:1d::2]) by ietfa.amsl.com (Postfix) with ESMTP id B8E831A06B4 for <dnsop@ietf.org>; Sat, 22 Mar 2014 04:26:57 -0700 (PDT)
Received: from ahu by xs.powerdns.com with local (Exim 4.71) (envelope-from <ahu@xs.powerdns.com>) id 1WRK4l-0000Os-Rt for dnsop@ietf.org; Sat, 22 Mar 2014 12:26:55 +0100
Date: Sat, 22 Mar 2014 12:26:55 +0100
From: bert hubert <bert.hubert@netherlabs.nl>
To: "dnsop@ietf.org" <dnsop@ietf.org>
Message-ID: <20140322112655.GA32652@xs.powerdns.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
User-Agent: Mutt/1.5.20 (2009-06-14)
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsop/2ewE6-PBFmZV0kmIrH76l_-5Exc
Subject: [DNSOP] port 0 requests leading to errors
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 22 Mar 2014 11:27:01 -0000
Hi everybody, This is mostly a note to implementors, but it may also be helpful to operators. Periodically, PowerDNS users would tell us about odd errors in their logs about 'Invalid arguments' from sendmsg or sendto. We spent a lot of time investigating these messages, as they usually point to subtle memory corruption. But we didn't find anything. Yesterday, an AS112 operator reported seeing an increased number of these issues, and we decided to consult the Linux kernel source code to see under what conditions UDP sendmsg/sendto generate EINVAL. One cause jumped out: trying to send packets to port 0. On a hunch, we asked the operator to tcpdump for port 0 packets, and lo, these turned out to be frequent. 43.504115 IP x.y.117.10.0 > 192.175.48.6.53: 6365+ SOA? 168.192.in-addr.arpa. (38) 45.504152 IP x.y.117.10.0 > 192.175.48.6.53: 6365+ SOA? 168.192.in-addr.arpa. (38) 49.505124 IP x.y.117.10.0 > 192.175.48.6.53: 6365+ SOA? 168.192.in-addr.arpa. (38) PowerDNS now refuses to attempt to answer such packets, which silences the error messages. If anyone else was chasing odd errors on UDP sendmsg/sendto, this may have been the reason. I think it may be wise to drop port 0 packets as soon as feasible with UDP software, as no good can come from them. Original ticket: https://github.com/PowerDNS/pdns/issues/844 Commit in: https://github.com/PowerDNS/pdns/commit/81859ba591d7de51d45e48b4fe499b08e08c221b Kind regards, Bert -- PowerDNS Website: http://www.powerdns.com/ Contact us by phone on +31-15-7850372
- [DNSOP] port 0 requests leading to errors bert hubert
- Re: [DNSOP] port 0 requests leading to errors Paul Vixie
- Re: [DNSOP] port 0 requests leading to errors Christopher Morrow
- Re: [DNSOP] port 0 requests leading to errors Paul Vixie
- Re: [DNSOP] port 0 requests leading to errors Olafur Gudmundsson