[opensuse] I get lots of "named 24667 - - connect(fe80::#53) 22/Invalid argument" errors.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I get dozens of these in /var/log/warn while fetching emails: <3.3> 2014-06-03 21:52:34 Telcontar named 24667 - - socket.c:5351: unexpected error: <3.3> 2014-06-03 21:52:34 Telcontar named 24667 - - connect(fe80::#53) 22/Invalid argument They started after an update, on 2014-03-31: <3.3> 2014-03-31 05:15:20 Telcontar named 2784 - - socket.c:5351: unexpected error: <3.3> 2014-03-31 05:15:20 Telcontar named 2784 - - connect(fe80::#53) 22/Invalid argument What do you think? Where should I look at? I found posts in google: https://groups.google.com/forum/#!topic/comp.protocols.dns.bind/fhWs_15pRB4 and the chap there reports getting the issue on Apr 1, that is, the day after me, and with the same bind version "BIND 9.9.4-rpz2.13269.14-P2 (Extended Support Version)" (mine is the official openSUSE 13.1 one). One of the answers says: “My guess would be that some miscreant out there created a glue AAAA record with an RDATA of "fe80::" and your network stack balks at connecting to such an abomination.” I don't really understand what it means. Another answer says: Just mark fe80::/10 as bogus. AAAA records do not have enough information in them to disambiguate link-local addresses and map them to per machine scope id's. server fe80::/10 { bogus yes; }; which I don't understand either, or its implications O:-) The OP answered: “Thank you Mark for all your help in the mail list. I will try this instead, so is this happening when an link local client is trying to query my server?” And the thread ends, so I assume it worked. [...] Ok, so I add that line to my named.conf, and they dissapeared (I run fetchmail to test). I watched "/var/log/named" and saw interesting things: <3.6> 2014-06-04 04:31:47 Telcontar named 10746 - - error (host unreachable) resolving 'opensuse.org.rhsbl.ahbl.org/A/IN': 10.230.230.230#53 <3.6> 2014-06-04 04:31:47 Telcontar named 10746 - - error (host unreachable) resolving 'opensuse.org.rhsbl.ahbl.org/A/IN': 192.168.230.230#53 <3.6> 2014-06-04 04:31:48 Telcontar named 10746 - - error (host unreachable) resolving 'opensuse.org.rhsbl.ahbl.org/A/IN': 10.230.230.230#53 <3.6> 2014-06-04 04:31:48 Telcontar named 10746 - - error (host unreachable) resolving 'opensuse.org.rhsbl.ahbl.org/A/IN': 192.168.230.230#53 Those would be local IPs, right? How are they related to opensuse.org? I think this comes from spamassassin checks, or amavis. - -- Cheers Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iEUEARECAAYFAlOOhl0ACgkQtTMYHG2NR9WoYQCgkbm/DVRGwqXwSjNhoEPOMS0Q D9UAlRf3MGwvyG274J3IIDzRju4vH5E= =0Awn -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 6/3/2014 7:37 PM, Carlos E. R. wrote:
I get dozens of these in /var/log/warn while fetching emails:
<3.3> 2014-06-03 21:52:34 Telcontar named 24667 - - socket.c:5351: unexpected error: <3.3> 2014-06-03 21:52:34 Telcontar named 24667 - - connect(fe80::#53) 22/Invalid argument
They started after an update, on 2014-03-31:
<3.3> 2014-03-31 05:15:20 Telcontar named 2784 - - socket.c:5351: unexpected error: <3.3> 2014-03-31 05:15:20 Telcontar named 2784 - - connect(fe80::#53) 22/Invalid argument
What do you think? Where should I look at?
I found posts in google:
https://groups.google.com/forum/#!topic/comp.protocols.dns.bind/fhWs_15pRB4
and the chap there reports getting the issue on Apr 1, that is, the day after me, and with the same bind version "BIND 9.9.4-rpz2.13269.14-P2 (Extended Support Version)" (mine is the official openSUSE 13.1 one).
One of the answers says:
“My guess would be that some miscreant out there created a glue AAAA record with an RDATA of "fe80::" and your network stack balks at connecting to such an abomination.”
I don't really understand what it means.
I think your named is being asked to resolve a dna name, by something connecting via ipv6, but its not prepared to honor these. Why it thinks it should hit your own name server to resolve a foreign address is beyond me, maybe it is a spam checking program which thinks your server is authoritative for foreign addresses. - -- _____________________________________ - ---This space for rent--- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) iEYEARECAAYFAlOOj1UACgkQv7M3G5+2DLIveACghnaFgY9hEemvI5h1f3Auq2Qe 0/wAoK8qjIWVzQ1bYapDyI49/XMQUulV =GxMD -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Carlos E. R. wrote:
I get dozens of these in /var/log/warn while fetching emails:
<3.3> 2014-06-03 21:52:34 Telcontar named 24667 - - socket.c:5351: unexpected error: <3.3> 2014-06-03 21:52:34 Telcontar named 24667 - - connect(fe80::#53) 22/Invalid argument
They started after an update, on 2014-03-31:
<3.3> 2014-03-31 05:15:20 Telcontar named 2784 - - socket.c:5351: unexpected error: <3.3> 2014-03-31 05:15:20 Telcontar named 2784 - - connect(fe80::#53) 22/Invalid argument
What do you think? Where should I look at?
The source code? To better understand what's being logged here. The 22 is presumably the return code from connect() meaning "Invalid argument".
Another answer says:
Just mark fe80::/10 as bogus. AAAA records do not have enough information in them to disambiguate link-local addresses and map them to per machine scope id's.
server fe80::/10 { bogus yes; };
which I don't understand either, or its implications O:-)
fe80 is for link-local addresses, that is non-routable addresses. They're used for auto-configuration for instance. Marking them as bogus _presumably_ means bind will never try to use them. Sounds okay.
Ok, so I add that line to my named.conf, and they dissapeared (I run fetchmail to test).
I watched "/var/log/named" and saw interesting things:
<3.6> 2014-06-04 04:31:47 Telcontar named 10746 - - error (host unreachable) resolving 'opensuse.org.rhsbl.ahbl.org/A/IN': 10.230.230.230#53
ahbl.org has been closed down. http://www.ahbl.org/content/changes-ahbl
<3.6> 2014-06-04 04:31:47 Telcontar named 10746 - - error (host unreachable) resolving 'opensuse.org.rhsbl.ahbl.org/A/IN': 192.168.230.230#53 <3.6> 2014-06-04 04:31:48 Telcontar named 10746 - - error (host unreachable) resolving 'opensuse.org.rhsbl.ahbl.org/A/IN': 10.230.230.230#53 <3.6> 2014-06-04 04:31:48 Telcontar named 10746 - - error (host unreachable) resolving 'opensuse.org.rhsbl.ahbl.org/A/IN': 192.168.230.230#53
Those would be local IPs, right? How are they related to opensuse.org?
It's blacklist lookup to see if opensuse.org is listed as an abusive address. -- Per Jessen, Zürich (14.3°C) http://www.dns24.ch/ - free dynamic DNS, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (3)
-
Carlos E. R. -
John Andersen -
Per Jessen