Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Undefined
Fix Version/s: None
Affects Version/s: rhel-9.2.0
Component/s: dnsmasq
Labels:
- upstream

Regression:
None
Severity:
Moderate

Pool Team:

sst_cs_infra_services
Sub-System Group:

ssg_core_services

Story Points:
None
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
None
Products:

Red Hat Enterprise Linux
Sprint:
None

Preliminary Testing:
None
Test Coverage:
None

Experience:

PX Impact Score:
PX Technical Impact:
PX Impact Range:
PX Priority Data:
PX Review Complete:
SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

This issue is reproducible on RH-7.x, RH-8.x and RH-9.x

By default dnsmasq allow only a single instance to bind tcp/udp port 53 to single instance but with bind-dynamic it allows more and more.

Note: in RH-9 you have to disable bind-interface in dnsmasq.conf.

Reprocer steps:

*** Without bind-dynamic ***

[root@192 ~]# grep bind /etc/dnsmasq.d/a.conf
#bind-dynamic
[root@192 ~]#
[root@192 ~]# systemctl restart dnsmasq
[root@192 ~]#
[root@192 ~]# ps -ef | grep dnsmasq
dnsmasq 2782 1 0 07:51 ? 00:00:00 /usr/sbin/dnsmasq
root 2784 2515 0 07:51 pts/1 00:00:00 grep --color=auto dnsmasq
[root@192 ~]#

netstat -neopa | grep dnsmasq | grep -w udp
udp 0 0 127.0.0.1:53 0.0.0.0:* 0 29667 2834/dnsmasq off (0.00/0/0)

[root@192 ~]# dnsmasq -help

dnsmasq: failed to create listening socket for port 53: Address already in use
[root@192 ~]#

*** with bind-dynamic ***

You can have multiple different services binding the same ip and the same port.

This causes disruption for clients. Like in the case of openshift 3.x (rh-7) where some changes (related to openshift internal domain) are pushed via D-BUS. SDN pushes changes via dbus to X service but when traffic comes to Y service, it doesn't understand that and forwards the traffic to the forwarder causing internal dns resolution failure.

[root@192 ~]# dnsmasq -help
[root@192 ~]#
[root@192 ~]# ps -ef | grep dnsmasq
dnsmasq 2834 1 0 07:53 ? 00:00:00 /usr/sbin/dnsmasq
dnsmasq 2847 1 0 07:54 ? 00:00:00 dnsmasq -help
root 2849 2515 0 07:54 pts/1 00:00:00 grep --color=auto dnsmasq
[root@192 ~]#
[root@192 ~]# netstat -neopa | grep dnsmasq | grep -w udp
udp 0 0 127.0.0.1:53 0.0.0.0:* 0 29832 2847/dnsmasq off (0.00/0/0)
udp 0 0 127.0.0.1:53 0.0.0.0:* 0 29667 2834/dnsmasq off (0.00/0/0)
[root@192 ~]#
[root@192 ~]# dnsmasq -help
[root@192 ~]#
[root@192 ~]# netstat -neopa | grep dnsmasq | grep -w udp
udp 0 0 127.0.0.1:53 0.0.0.0:* 0 29925 2855/dnsmasq off (0.00/0/0)
udp 0 0 127.0.0.1:53 0.0.0.0:* 0 29832 2847/dnsmasq off (0.00/0/0)
udp 0 0 127.0.0.1:53 0.0.0.0:* 0 29667 2834/dnsmasq off (0.00/0/0)
[root@192 ~]#
[root@192 ~]# dnsmasq -help
[root@192 ~]#
[root@192 ~]# netstat -neopa | grep dnsmasq | grep -w udp
udp 0 0 127.0.0.1:53 0.0.0.0:* 0 30000 2861/dnsmasq off (0.00/0/0)
udp 0 0 127.0.0.1:53 0.0.0.0:* 0 29925 2855/dnsmasq off (0.00/0/0)
udp 0 0 127.0.0.1:53 0.0.0.0:* 0 29832 2847/dnsmasq off (0.00/0/0)
udp 0 0 127.0.0.1:53 0.0.0.0:* 0 29667 2834/dnsmasq off (0.00/0/0)
[root@192 ~]#

links to

upstream proposal thread

Assignee:: Petr Mensik

Reporter:: Rupesh Patel

Developer:: Petr Mensik

QA Contact:: rhel-cs-infra-services-qe rhel-cs-infra-services-qe

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2023/06/08 2:36 AM

Updated:: 2024/09/23 6:29 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates