[dnsdist] dnsdist using loopback address as source address for queries

Remi Gacogne remi.gacogne at powerdns.com
Fri Nov 12 10:00:48 UTC 2021

Hi Adam,

On 11/12/21 04:05, Adam Bishop via dnsdist wrote:> 'print *dss' didn't 
work, but dss looked like it contained a smart
> pointer, so I tried 'print *dss._M_ptr - the output of that is at the
> end of this message. The field seems intact though.

That's very useful, thank you. Indeed I don't see any unexpected content 
in there, the source interface and source address are unset, the 
destination address is correctly set, nothing that would explain why we 
suddenly get a socket connected with a different source.

>> It also happens on a health-check failure when
>> 'reconnectOnFailure=true' is set on a backend, but that's not the
>> case in your configuration. Actually, I wonder if that would make a
>> difference, do you think you could try setting that option on one
>> of the IPv6 backends?
> It's tricky to tell because the issue only happens infrequently, but
> my impression is after letting the systems run for several days is
> that this has had an effect. I can say definitively though that the
> back end going away is the proximal cause - I bounced one of the
> backends up and down and I was able to trigger failures that
> coincided with the backend going down. There must be an additional
> timing or duration factor though, as I've not yet been able to
> trigger the issue on demand.

Depending on how quickly that happens when you bound the backend up and 
down, do you think you might be able to strace the dnsdist process at 
the same time?

Best regards,
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20211112/2809e886/attachment-0001.sig>

More information about the dnsdist mailing list