Hello, Am Sonntag, 15. Februar 2009 schrieb Carlos E. R.:
My configuration was using "database.clamav.net", which yields a list of hosts:
nimrodel:~ # host database.clamav.net database.clamav.net is an alias for db.local.clamav.net. db.local.clamav.net is an alias for db.eu.rr.clamav.net. db.eu.rr.clamav.net has address 195.70.36.141 db.eu.rr.clamav.net has address 213.174.32.130 db.eu.rr.clamav.net has address 217.19.16.188 db.eu.rr.clamav.net has address 62.236.254.228 <====== ... The thing is that the daemon should be poling any server from the list, but somehow it was trying the same broken server repeatedly. When that server failed the algorithm should try another, but it didn't. That's probably a bug.
The problem is how DNS round robin works. It is intended for load balancing, not for being failsafe in case one of the servers is broken. Basically: - clamav asks your nameserver for "database.clamav.net" - Your nameserver queries the upstream nameserver and gets multiple results as listed above - Your nameserver [1] picks one(!) of the results and gives clamav the answer "database.clamav.net -> 62.236.254.228" A proper solution would be to make clamav asking for multiple servernames, for example something like "1.database.clamav.net" and "2.database.clamav.net" Regards, Christian Boltz [1] I'm not exactly sure about this fact - I hope there's someone who corrects me if I'm wrong ;-) -- The mission statement is simply 'world domination', but we don't tell anybody. :-) [Juergen Weigert in opensuse-project] -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org