Requirement for proper DNS resolving / source port = 0

Requirement for proper DNS resolving / source port = 0

[Stefan de Konink]

Hi,

I am setting up an embedded system, and consider that I have not set up 
anything other then I have explicitly described.

I am using a Linux kernel 3.14.2, and have set up kernel autoconfiguration 
(ip=dhcp). That having said, I am able to ping external hosts using 
busybox.

My current problem is that I am unable to resolve hostnames in my system. 
The file /etc/resolv.conf is in place, and I am observing outgoing DNS 
requests. The strange thing about them is that the source port is actually 
0, not illegal, but it isn't getting any replies.

I have tried to add /etc/hosts and /etc/services. I am able to ping 
localhost, which does resolve to an IP address using the entry from 
/etc/hosts.

Is this a bad kernel configuration? Does anyone have a hint where to look 
for?

My guess it is related to here... and I guess it is expecting udp port 
randomization, which does not seem to happen. Any clues?

http://git.musl-libc.org/cgit/musl/tree/src/network/getaddrinfo.c#n53


Stefan

Re: Requirement for proper DNS resolving / source port = 0

[Rich Felker]

On Thu, May 01, 2014 at 03:08:26AM +0200, Stefan de Konink wrote:
> Hi,
> 
> I am setting up an embedded system, and consider that I have not set
> up anything other then I have explicitly described.
> 
> I am using a Linux kernel 3.14.2, and have set up kernel
> autoconfiguration (ip=dhcp). That having said, I am able to ping
> external hosts using busybox.
> 
> My current problem is that I am unable to resolve hostnames in my
> system. The file /etc/resolv.conf is in place, and I am observing
> outgoing DNS requests. The strange thing about them is that the
> source port is actually 0, not illegal, but it isn't getting any
> replies.
> 
> I have tried to add /etc/hosts and /etc/services. I am able to ping
> localhost, which does resolve to an IP address using the entry from
> /etc/hosts.
> 
> Is this a bad kernel configuration? Does anyone have a hint where to
> look for?
> 
> My guess it is related to here... and I guess it is expecting udp
> port randomization, which does not seem to happen. Any clues?

Binding port 0 and calling connect should yield a kernel-assigned
source port. If this isn't happening, I think something is wrong with
your kernel, but I don't know exactly what. If there's an easy way we
could detect and work around this situation I wouldn't mind trying to
handle it, but I don't know how and didn't even expect for it to be
possible.

Rich

Re: Requirement for proper DNS resolving / source port = 0

[Rich Felker]

On Thu, May 01, 2014 at 03:08:26AM +0200, Stefan de Konink wrote:
> Hi,
> 
> I am setting up an embedded system, and consider that I have not set
> up anything other then I have explicitly described.
> 
> I am using a Linux kernel 3.14.2, and have set up kernel
> autoconfiguration (ip=dhcp). That having said, I am able to ping
> external hosts using busybox.
> 
> My current problem is that I am unable to resolve hostnames in my
> system. The file /etc/resolv.conf is in place, and I am observing
> outgoing DNS requests. The strange thing about them is that the
> source port is actually 0, not illegal, but it isn't getting any
> replies.
> 
> I have tried to add /etc/hosts and /etc/services. I am able to ping
> localhost, which does resolve to an IP address using the entry from
> /etc/hosts.
> 
> Is this a bad kernel configuration? Does anyone have a hint where to
> look for?
> 
> My guess it is related to here... and I guess it is expecting udp
> port randomization, which does not seem to happen. Any clues?

One further idea -- could you send the output of strace (using the -o
option to write a log file, and -f if the program you're using is
multithreaded or forking) showing a failed lookup? This might help
understand what's happening.

Rich

Re: Requirement for proper DNS resolving / source port = 0

[Stefan de Konink]

On Thursday, May 1, 2014 3:19:57 AM CEST, Rich Felker wrote:
> One further idea -- could you send the output of strace (using the -o
> option to write a log file, and -f if the program you're using is
> multithreaded or forking) showing a failed lookup? This might help
> understand what's happening.

...got it with some sleepdeprivation.

The problem was that I disabled CONFIG_PROC_SYSCTL, this resulted in the 
fact that /proc/sys was not mounted and probably 
net.ipv4.ip_local_port_range could not be used.

I don't know if any of the musl and/or busybox code explicitly depends on 
this. But it is one out of two problems [1] that I am breaking my head over 
today.

Thanks for your quick reply, it is very appreciated.


Stefan

[1] https://bugzilla.kernel.org/show_bug.cgi?id=75201

Re: Requirement for proper DNS resolving / source port = 0

[Rich Felker]

On Thu, May 01, 2014 at 03:31:57AM +0200, Stefan de Konink wrote:
> On Thursday, May 1, 2014 3:19:57 AM CEST, Rich Felker wrote:
> >One further idea -- could you send the output of strace (using the -o
> >option to write a log file, and -f if the program you're using is
> >multithreaded or forking) showing a failed lookup? This might help
> >understand what's happening.
> 
> ....got it with some sleepdeprivation.
> 
> The problem was that I disabled CONFIG_PROC_SYSCTL, this resulted in
> the fact that /proc/sys was not mounted and probably
> net.ipv4.ip_local_port_range could not be used.

It's probably a kernel bug that these properties don't even have
working defaults without CONFIG_PROC_SYSCTL, but disabling that option
gives you a badly crippled kernel anyway...

> I don't know if any of the musl and/or busybox code explicitly
> depends on this. But it is one out of two problems [1] that I am
> breaking my head over today.

There's no explicit dependence. musl is simply using bind and connect
and expecting them to work. It does not access /proc/sys (although it
does use /proc for some other purposes, mainly for /proc/self/fd/%d).
This is covered (albeit not in complete detail) in the manual, which
can be found at:

http://www.musl-libc.org/manual.html

Rich