Fórum Root.cz

Hlavní témata => Server => Téma založeno: tuxmartin 03. 09. 2016, 10:59:25

Název: Padající dnsmasq v Debianu
Přispěvatel: tuxmartin 03. 09. 2016, 10:59:25: Ahoj,
mam problem s padajicim dnsmasq na Debian 8.5 jessie. Dela mi DNS a DHCP pro asi 10 zarizeni v LAN.

Nekdy jede 2 dny v kuse, jindy 3x za den spadne.

Na hlidani pouzivam monit, takze mi vzdy prijde info mail o padu:
Kód: [Vybrat]
# cat /etc/monit/monitrc check process dnsmasq with pidfile /var/run/dnsmasq.pid start program = "/usr/sbin/dnsmasq --conf-dir=/etc/dnsmasq.d" stop program = "/usr/bin/killall dnsmasq" if failed host 127.0.0.1 port 53 use type udp protocol dns with timeout 10 seconds then alert
Z monitu pak prijde mail a dnsmasq se znova nahodi:
Kód: [Vybrat]
Connection failed Service dnsmasq Date: Sat, 03 Sep 2016 09:12:24 Action: alert Host: localhost Description: failed protocol test [DNS] at INET[127.0.0.1:53] via UDP -- DNS: error receiving response -- Resource temporarily unavailable Your faithful employee, Monit
Otazka zni, proc se to deje. Zkousel jsem v dnsmasq zapnout co nejvice logovani:
Kód: [Vybrat]
log-dhcp log-queries log-facility=/var/log/dnsmasqale, v dobe padu jsou jen bezne DNS dotazy:
Kód: [Vybrat]
Sep 3 09:11:31 dnsmasq[19979]: forwarded play.googleapis.com to 8.8.8.8 Sep 3 09:11:31 dnsmasq[19979]: dnssec-query[DS] play.googleapis.com to 8.8.8.8 Sep 3 09:11:31 dnsmasq[19979]: dnssec-query[DS] googleapis.com to 8.8.8.8 Sep 3 09:11:31 dnsmasq[19979]: validation result is INSECURE Sep 3 09:11:31 dnsmasq[19979]: reply play.googleapis.com is <CNAME> Sep 3 09:11:31 dnsmasq[19979]: reply googleapis.l.google.com is 216.58.214.202 Sep 3 09:11:31 dnsmasq[19979]: reply googleapis.l.google.com is 216.58.214.234 Sep 3 09:11:31 dnsmasq[19979]: reply googleapis.l.google.com is 216.58.209.170 Sep 3 09:11:32 dnsmasq[19979]: query[A] www.google.cz from 10.123.1.103 Sep 3 09:11:32 dnsmasq[19979]: forwarded www.google.cz to 8.8.8.8 Sep 3 09:11:32 dnsmasq[19979]: dnssec-query[DS] www.google.cz to 8.8.8.8 Sep 3 09:11:32 dnsmasq[19979]: dnssec-query[DS] google.cz to 8.8.8.8 Sep 3 09:11:32 dnsmasq[19979]: dnssec-query[DS] baidu.com to 8.8.8.8 Sep 3 09:11:32 dnsmasq[19979]: validation result is INSECURE Sep 3 09:11:32 dnsmasq[19979]: reply dxp.baidu.com is <CNAME> Sep 3 09:11:32 dnsmasq[19979]: reply dxp.e.shifen.com is 202.108.23.24 Sep 3 09:11:32 dnsmasq[19979]: validation result is INSECURE Sep 3 09:11:32 dnsmasq[19979]: reply www.google.cz is 172.217.18.67 Sep 3 09:11:34 dnsmasq[19979]: query[A] android.googleapis.com from 10.123.1.103 Sep 3 09:11:34 dnsmasq[19979]: forwarded android.googleapis.com to 8.8.8.8 Sep 3 09:11:35 dnsmasq[19979]: dnssec-query[DS] android.googleapis.com to 8.8.8.8 Sep 3 09:11:35 dnsmasq[19979]: dnssec-query[DS] googleapis.com to 8.8.8.8 Sep 3 09:11:35 dnsmasq[19979]: validation result is INSECURE Sep 3 09:11:35 dnsmasq[19979]: reply android.googleapis.com is <CNAME> Sep 3 09:11:35 dnsmasq[19979]: reply googleapis.l.google.com is 216.58.209.202 Sep 3 09:11:35 dnsmasq[19979]: reply googleapis.l.google.com is 216.58.214.202 Sep 3 09:11:35 dnsmasq[19979]: reply googleapis.l.google.com is 216.58.214.234 Sep 3 09:11:46 dnsmasq[19979]: query[A] portal.fb.com from 10.123.1.100 Sep 3 09:11:46 dnsmasq[19979]: cached portal.fb.com is <CNAME> Sep 3 09:11:46 dnsmasq[19979]: forwarded portal.fb.com to 8.8.8.8 Sep 3 09:11:46 dnsmasq[19979]: validation result is INSECURE Sep 3 09:11:46 dnsmasq[19979]: reply portal.fb.com is <CNAME> Sep 3 09:11:46 dnsmasq[19979]: reply star.c10r.facebook.com is 31.13.93.3 Sep 3 09:11:49 dnsmasq[19979]: query[A] data.flurry.com from 10.123.1.103 Sep 3 09:11:49 dnsmasq[19979]: cached data.flurry.com is <CNAME> Sep 3 09:11:49 dnsmasq[19979]: forwarded data.flurry.com to 8.8.8.8 Sep 3 09:11:49 dnsmasq[19979]: validation result is INSECURE Sep 3 09:11:49 dnsmasq[19979]: reply data.flurry.com is <CNAME> Sep 3 09:11:49 dnsmasq[19979]: reply flurry.agentportal.prod.g04.yahoodns.net is 74.6.34.30 Sep 3 09:11:52 dnsmasq[19979]: query[A] www.gstatic.com from 10.123.1.103 Sep 3 09:11:52 dnsmasq[19979]: forwarded www.gstatic.com to 8.8.8.8 Sep 3 09:11:52 dnsmasq[19979]: dnssec-query[DS] www.gstatic.com to 8.8.8.8 Sep 3 09:11:52 dnsmasq[19979]: dnssec-query[DS] gstatic.com to 8.8.8.8 Sep 3 09:11:52 dnsmasq[19979]: validation result is INSECURE Sep 3 09:11:52 dnsmasq[19979]: reply www.gstatic.com is 172.217.16.99 Sep 3 09:12:04 dnsmasq[19979]: query[A] openrcv.baidu.com from 10.123.1.103 Sep 3 09:12:04 dnsmasq[19979]: forwarded openrcv.baidu.com to 8.8.8.8 Sep 3 09:12:04 dnsmasq[19979]: dnssec-query[DS] openrcv.baidu.com to 8.8.8.8 Sep 3 09:12:05 dnsmasq[19979]: dnssec-query[DS] baidu.com to 8.8.8.8 Sep 3 09:12:05 dnsmasq[19979]: validation result is INSECURE Sep 3 09:12:05 dnsmasq[19979]: reply openrcv.baidu.com is <CNAME> Sep 3 09:12:05 dnsmasq[19979]: reply openrcv.e.shifen.com is 111.202.114.38 Sep 3 09:12:21 dnsmasq[19979]: query[A] r4---sn-2gb7ln7e.gvt1.com from 10.123.1.103 Sep 3 09:12:21 dnsmasq[19979]: forwarded r4---sn-2gb7ln7e.gvt1.com to 8.8.8.8 Sep 3 09:12:21 dnsmasq[19979]: dnssec-query[DS] r4---sn-2gb7ln7e.gvt1.com to 8.8.8.8 Sep 3 09:12:21 dnsmasq[19979]: dnssec-query[DS] gvt1.com to 8.8.8.8 Sep 3 09:12:21 dnsmasq[19979]: validation result is INSECURE Sep 3 09:12:21 dnsmasq[19979]: reply r4---sn-2gb7ln7e.gvt1.com is <CNAME> Sep 3 09:12:21 dnsmasq[19979]: reply r4.sn-2gb7ln7e.gvt1.com is 173.194.10.9 Sep 3 09:12:23 dnsmasq[19979]: query[NS] . from 127.0.0.1 Sep 3 09:12:23 dnsmasq[19979]: forwarded . to 8.8.8.8
Tady jsou me konfiguraky:
Kód: [Vybrat]
#___________________________________________________________ # cat dnsmasq.conf no-resolv no-hosts port=53 bind-interfaces pid-file=/var/run/dnsmasq.pid no-dhcp-interface= listen-address=0.0.0.0 server=8.8.8.8 domain=lan local=/lan/ local=/123.10.in-addr.arpa/ expand-hosts domain-needed bogus-priv addn-hosts=/etc/dnsmasq.d/dnsmasq.hosts conf-file=/etc/dnsmasq.d/dnsmasq.dns_zaznamy dnssec dnssec-check-unsigned trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5 # https://blog.nic.cz/2014/05/15/validace-dnssec-pomoci-dnsmasq/ #___________________________________________________________ # cat /etc/dnsmasq.d/dnsmasq.hosts #redirect: #10.123.1.1 server.lan #___________________________________________________________ # cat /etc/dnsmasq.d/dnsmasq.dns_zaznamy #----------- address=/moje.domena.cz/10.123.1.1 address=/server.lan/10.123.1.1 address=/pc.lan/10.123.1.10 #----------- cname=*.server,server cname=*.pc,pc #----------- ptr-record=1.1.123.10.in-addr.arpa.,server.lan ptr-record=10.1.123.10.in-addr.arpa.,pc.lan #----------- #___________________________________________________________
Mate nekdo tuseni, co delam spatne? A hlavne jak to spravit. Zkousel jsem googlit, ale asi spatne.
Název: Re:Padajici dnsmasq
Přispěvatel: Filip Jirsák 03. 09. 2016, 11:15:24: Monit vás neinformuje o pád dnsmasq, ale o tom, že od něj nedostal odpověď. Je divné, že dnsmasq zaznamená požadavek v 9:12:23, a Monit už v 9:12:24 hlásí nedostupnost, když je tam limit 10 sekund. Důležité je pokračování v tom logu, zda dnsmasq odpověď od Google dostal a přeposlal jí dál. Pokud ano, je problém jen v monitoringu a ne v dnsmasq.
Název: Re:Padajici dnsmasq
Přispěvatel: tuxmartin 03. 09. 2016, 11:56:49: Tady je zbyvajici log:
Kód: [Vybrat]
Sep 3 09:12:21 dnsmasq[19979]: dnssec-query[DS] gvt1.com to 8.8.8.8 Sep 3 09:12:21 dnsmasq[19979]: validation result is INSECURE Sep 3 09:12:21 dnsmasq[19979]: reply r4---sn-2gb7ln7e.gvt1.com is <CNAME> Sep 3 09:12:21 dnsmasq[19979]: reply r4.sn-2gb7ln7e.gvt1.com is 173.194.10.9 Sep 3 09:12:23 dnsmasq[19979]: query[NS] . from 127.0.0.1 Sep 3 09:12:23 dnsmasq[19979]: forwarded . to 8.8.8.8 Sep 3 09:12:24 dnsmasq[19979]: query[MX] gmail.com from 127.0.0.1 Sep 3 09:12:24 dnsmasq[19979]: forwarded gmail.com to 8.8.8.8 Sep 3 09:12:24 dnsmasq[19979]: dnssec-query[DS] gmail.com to 8.8.8.8 Sep 3 09:12:24 dnsmasq[19979]: validation result is INSECURE Sep 3 09:12:24 dnsmasq[19979]: query[A] gmail-smtp-in.l.google.com from 127.0.0.1 Sep 3 09:12:24 dnsmasq[19979]: forwarded gmail-smtp-in.l.google.com to 8.8.8.8 Sep 3 09:12:24 dnsmasq[19979]: dnssec-query[DS] gmail-smtp-in.l.google.com to 8.8.8.8 Sep 3 09:12:24 dnsmasq[19979]: dnssec-query[DS] l.google.com to 8.8.8.8 Sep 3 09:12:24 dnsmasq[19979]: dnssec-query[DS] google.com to 8.8.8.8 Sep 3 09:12:24 dnsmasq[19979]: validation result is INSECURE Sep 3 09:12:24 dnsmasq[19979]: reply gmail-smtp-in.l.google.com is 74.125.136.26 Sep 3 09:12:24 dnsmasq[19979]: query[AAAA] gmail-smtp-in.l.google.com from 127.0.0.1 Sep 3 09:12:24 dnsmasq[19979]: forwarded gmail-smtp-in.l.google.com to 8.8.8.8 Sep 3 09:12:24 dnsmasq[19979]: dnssec-query[DS] l.google.com to 8.8.8.8 Sep 3 09:12:29 dnsmasq[19979]: query[A] alt1.gmail-smtp-in.l.google.com from 127.0.0.1 Sep 3 09:12:29 dnsmasq[19979]: forwarded alt1.gmail-smtp-in.l.google.com to 8.8.8.8 Sep 3 09:12:29 dnsmasq[19979]: dnssec-query[DS] alt1.gmail-smtp-in.l.google.com to 8.8.8.8 Sep 3 09:12:29 dnsmasq[19979]: dnssec-query[DS] gmail-smtp-in.l.google.com to 8.8.8.8 Sep 3 09:12:29 dnsmasq[19979]: dnssec-query[DS] l.google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: dnssec-query[DS] google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: validation result is INSECURE Sep 3 09:12:30 dnsmasq[19979]: reply alt1.gmail-smtp-in.l.google.com is 74.125.68.27 Sep 3 09:12:30 dnsmasq[19979]: query[AAAA] alt1.gmail-smtp-in.l.google.com from 127.0.0.1 Sep 3 09:12:30 dnsmasq[19979]: forwarded alt1.gmail-smtp-in.l.google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: dnssec-query[DS] l.google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: dnssec-query[DS] google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: validation result is INSECURE Sep 3 09:12:30 dnsmasq[19979]: reply alt1.gmail-smtp-in.l.google.com is 2404:6800:4003:c02::1a Sep 3 09:12:30 dnsmasq[19979]: query[A] alt2.gmail-smtp-in.l.google.com from 127.0.0.1 Sep 3 09:12:30 dnsmasq[19979]: forwarded alt2.gmail-smtp-in.l.google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: dnssec-query[DS] alt2.gmail-smtp-in.l.google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: dnssec-query[DS] gmail-smtp-in.l.google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: dnssec-query[DS] l.google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: dnssec-query[DS] google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: validation result is INSECURE Sep 3 09:12:30 dnsmasq[19979]: reply alt2.gmail-smtp-in.l.google.com is 64.233.189.26 Sep 3 09:12:30 dnsmasq[19979]: query[AAAA] alt2.gmail-smtp-in.l.google.com from 127.0.0.1 Sep 3 09:12:30 dnsmasq[19979]: forwarded alt2.gmail-smtp-in.l.google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: dnssec-query[DS] l.google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: dnssec-query[DS] google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: validation result is INSECURE Sep 3 09:12:30 dnsmasq[19979]: reply alt2.gmail-smtp-in.l.google.com is 2404:6800:4008:c07::1a Sep 3 09:12:30 dnsmasq[19979]: query[A] alt3.gmail-smtp-in.l.google.com from 127.0.0.1 Sep 3 09:12:30 dnsmasq[19979]: forwarded alt3.gmail-smtp-in.l.google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: dnssec-query[DS] alt3.gmail-smtp-in.l.google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: dnssec-query[DS] gmail-smtp-in.l.google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: dnssec-query[DS] l.google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: dnssec-query[DS] google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: validation result is INSECURE Sep 3 09:12:30 dnsmasq[19979]: reply alt3.gmail-smtp-in.l.google.com is 173.194.72.26 Sep 3 09:12:30 dnsmasq[19979]: query[AAAA] alt3.gmail-smtp-in.l.google.com from 127.0.0.1 Sep 3 09:12:30 dnsmasq[19979]: forwarded alt3.gmail-smtp-in.l.google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: dnssec-query[DS] l.google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: dnssec-query[DS] google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: validation result is INSECURE Sep 3 09:12:30 dnsmasq[19979]: reply alt3.gmail-smtp-in.l.google.com is 2404:6800:4008:c07::1a Sep 3 09:12:30 dnsmasq[19979]: query[A] alt4.gmail-smtp-in.l.google.com from 127.0.0.1 Sep 3 09:12:30 dnsmasq[19979]: forwarded alt4.gmail-smtp-in.l.google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: dnssec-query[DS] alt4.gmail-smtp-in.l.google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: dnssec-query[DS] gmail-smtp-in.l.google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: dnssec-query[DS] l.google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: dnssec-query[DS] google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: validation result is INSECURE Sep 3 09:12:30 dnsmasq[19979]: reply alt4.gmail-smtp-in.l.google.com is 74.125.25.26 Sep 3 09:12:30 dnsmasq[19979]: query[AAAA] alt4.gmail-smtp-in.l.google.com from 127.0.0.1 Sep 3 09:12:30 dnsmasq[19979]: forwarded alt4.gmail-smtp-in.l.google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: dnssec-query[DS] l.google.com to 8.8.8.8 Sep 3 09:12:30 dnsmasq[19979]: dnssec-query[DS] google.com to 8.8.8.8 Sep 3 09:12:31 dnsmasq[19979]: validation result is INSECURE
Zkusil jsem prenastavit monit. Treba to bude tim. I kdyz mi prijde divne, ze by se na localhostu nedokazal s 10s timeoutem pripojit.
Název: Re:Padajici dnsmasq
Přispěvatel: Filip Jirsák 03. 09. 2016, 12:18:15: V tom logu nikde nevidím odpověď na dotaz na kořenové servery, který předpokládám pochází od Monitu. Otázka je, kde je problém - zda dnsmasq odpověď opravdu nedostane, nebo zda ji nepošle dál. To zjistíte asi jedině tcpdumpem.