[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#960739: libc-bin: getaddrinfo() fails with EAI_AGAIN when the DNS query returns a large number of A and AAAA records.

control: reassign -1 libc6

Hi,

On 2020-05-15 21:24, Michael Przybylski wrote:
> Package: libc-bin
> Version: 2.30-7
> Severity: important
> Tags: ipv6
> 
> Dear Maintainer,
> 
> When attempting to follow the instructions for installing the latest version of Docker Engine at 
> https://docs.docker.com/engine/install/debian/ I noticed that 'apt-get update' and curl were both
> failing to resolve download.docker.com.  The error message from both ping and curl was 
> "Temporary failure in name resolution"
> 
> However, running 'host download.docker.com' yielded the following results:
> 
> download.docker.com is an alias for d2h67oheeuigaw.cloudfront.net.
> d2h67oheeuigaw.cloudfront.net has address 13.227.73.43
> d2h67oheeuigaw.cloudfront.net has address 13.227.73.44
> d2h67oheeuigaw.cloudfront.net has address 13.227.73.95
> d2h67oheeuigaw.cloudfront.net has address 13.227.73.15
> d2h67oheeuigaw.cloudfront.net has IPv6 address 2600:9000:2202:c00:3:db06:4200:93a1
> d2h67oheeuigaw.cloudfront.net has IPv6 address 2600:9000:2202:5000:3:db06:4200:93a1
> d2h67oheeuigaw.cloudfront.net has IPv6 address 2600:9000:2202:7a00:3:db06:4200:93a1
> d2h67oheeuigaw.cloudfront.net has IPv6 address 2600:9000:2202:9200:3:db06:4200:93a1
> d2h67oheeuigaw.cloudfront.net has IPv6 address 2600:9000:2202:9600:3:db06:4200:93a1
> d2h67oheeuigaw.cloudfront.net has IPv6 address 2600:9000:2202:9c00:3:db06:4200:93a1
> d2h67oheeuigaw.cloudfront.net has IPv6 address 2600:9000:2202:a200:3:db06:4200:93a1
> d2h67oheeuigaw.cloudfront.net has IPv6 address 2600:9000:2202:f600:3:db06:4200:93a1

From here, I see a different set of IPs, but the number of returned IPs
is the same. However I am not able to reproduce the problem with curl or
ping, it works even without using the -4 option.

> After examining the source code for iputils-ping, I was able to determine that the cause of the
> error message was getaddrinfo() returning EAI_AGAIN

That means the DNS server you use is returning a temporary error, it's
just passed to the callers.

Which nameserver do you use? As the answer is probably large, it might
be interesting to check if it supports TCP connections as a fallback.
Alternative you might want to enable edns0 if it's not already done.

Could you try with other nameservers, there are many public DNS servers
available to test.

Finally would it be possible to get a tcpdump trace of the issue? That
would likely help to understand the issue.

Thanks,
Aurelien

-- 
Aurelien Jarno                          GPG: 4096R/1DDD8C9B
aurelien@aurel32.net                 http://www.aurel32.net
Reply to: