Ubuntu
systemd package

  1. Bug #1934221
  2. Comment #15

Comment 15 for bug 1934221

Revision history for this message
Denys Fedoryshchenko (nuclearcat) wrote :

I recorded pcap and captured moment just before crash. It doesnt looks like there was any MDNS at all at this moment, only suspicious is many weird DNS requests. (spinesystems.solutions is my local domain set on pc). Not sure what generated them.

Small snap of these:

02:16:36.658522 IP 127.0.0.1.39766 > 127.0.0.1.53: 17063+ A? roxquromlpczqgh.spinesystems.solutions. (56)
02:16:36.658626 IP 127.0.0.1.31846 > 127.0.0.53.53: 54480+ A? roxquromlpczqgh.spinesystems.solutions. (56)
02:16:36.659106 IP 127.0.0.53.53 > 127.0.0.1.6126: 42840 NXDomain 0/0/0 (56)
02:16:36.659603 IP 127.0.0.53.53 > 127.0.0.1.31846: 54480 NXDomain 0/0/0 (56)
02:16:36.659644 IP 127.0.0.1.53 > 127.0.0.1.54315: 17063 NXDomain 0/0/0 (56)
02:16:36.659660 IP 127.0.0.1.53 > 127.0.0.1.39766: 17063 NXDomain 0/0/0 (56)
02:16:36.660099 IP 127.0.0.53.53 > 127.0.0.1.6126: 42840 NXDomain 0/0/0 (56)
02:16:36.660603 IP 127.0.0.53.53 > 127.0.0.1.6126: 42840 NXDomain 0/0/0 (56)
02:16:36.661082 IP 127.0.0.53.53 > 127.0.0.1.6126: 42840 NXDomain 0/0/0 (56)
02:16:36.661513 IP 127.0.0.53.53 > 127.0.0.1.25474: 60255 NXDomain 0/0/1 (67)
02:16:36.661898 IP 127.0.0.53.53 > 127.0.0.1.6126: 42840 NXDomain 0/0/0 (56)
02:16:36.662282 IP 127.0.0.53.53 > 127.0.0.1.6126: 42840 NXDomain 0/0/0 (56)
02:16:36.662778 IP 127.0.0.53.53 > 127.0.0.1.6126: 42840 NXDomain 0/0/0 (56)
02:16:36.663188 IP 127.0.0.1.60869 > 127.0.0.1.53: 47647+ AAAA? xjstkkuhaqclygt.spinesystems.solutions. (56)
02:16:36.663259 IP 127.0.0.1.32600 > 127.0.0.53.53: 10939+ AAAA? xjstkkuhaqclygt.spinesystems.solutions. (56)
02:16:36.663449 IP 127.0.0.1.36798 > 127.0.0.1.53: 30847+ AAAA? roxquromlpczqgh.spinesystems.solutions. (56)
02:16:36.663481 IP 127.0.0.1.15565 > 127.0.0.53.53: 54137+ AAAA? roxquromlpczqgh.spinesystems.solutions. (56)
02:16:36.664474 IP 127.0.0.1.47179 > 127.0.0.1.53: 3316+ A? roxquromlpczqgh.spinesystems.solutions. (56)
02:16:36.664563 IP 127.0.0.1.40056 > 127.0.0.53.53: 55684+ A? roxquromlpczqgh.spinesystems.solutions. (56)
02:16:36.664969 IP 10.255.255.225.55743 > 10.255.255.1.53: 60614+ [1au] A? roxquromlpczqgh.spinesystems.solutions. (67)
02:16:36.665503 IP 10.255.255.1.53 > 10.255.255.225.55743: 60614 NXDomain 0/1/1 (140)
02:16:36.666994 IP 10.255.255.225.55743 > 10.255.255.1.53: 60614+ A? roxquromlpczqgh.spinesystems.solutions. (56)
02:16:36.667494 IP 10.255.255.1.53 > 10.255.255.225.55743: 60614 NXDomain 0/1/0 (129)

Maybe because there is massive timeouts in query to nonexisting domain it triggers this bug like in original issue in systemd ( https://github.com/systemd/systemd/issues/18427 )?
In my ISP also all port 53 requests are force-redirected to their DNS, so they might timeout sometimes, instead of NXDomain.