PROBLEM: ipv6 and dnssec
Stephane Bortzmeyer
bortzmeyer at nic.fr
Tue Sep 6 06:57:48 UTC 2005
[For unknown reasons, the email from my colleague Jean-Philippe Pick
<jean-philippe.pick at nic.fr> seems to have missed the list. I re-send
it.]
Hello,
I'm working for the French NIC and I operate a DNS nameserver
(c.nic.fr) which use IPv6 and DNSSEC. I have a problem with the
ip6_output() function which sometimes crash the named process !
I think it's occurs when named is creating a "big" IPv6 UDP packet for
DNSSEC answers. The packet, which is bigger than 1500 bytes, need to
be splitted in two fragments. And at this moment the ip6_output()
function crash )-:
I cannot reproduce it, but it occurs 3 times this weekend !
When I query the DNS server with IPv6 and DNSSEC :
# dig -6 @c.nic.fr ripe.net +dnssec
I can see with tcpdump the two fragments :
| 12:42:07.146478 electron6.nic.fr.46352 > c.nic.fr.domain: 12431+ [1au] A? ripe.net. (37)
| 12:42:07.146660 c.nic.fr > electron6.nic.fr: frag (0|1448) domain > 46352: 12431*- 2/6/16[|domain]
| 12:42:07.146666 c.nic.fr > electron6.nic.fr: frag (1448|597)
When the kernel bugs, I get this message :
Sep 4 19:09:22 troy kernel: ------------[ cut here ]------------
Sep 4 19:09:22 troy kernel: kernel BUG at net/ipv6/ip6_output.c:718!
Sep 4 19:09:22 troy kernel: invalid operand: 0000 [#1]
Sep 4 19:09:22 troy kernel: SMP
Sep 4 19:09:22 troy kernel: Modules linked in: dcdipm(U) dcdbas(U) autofs4 i2c_dev i2c_core sunrpc md5 ipv6 dm_mod video button battery ac uhci_hcd ehci_hcd hw_random shpchp e1000 floppy sg ext3 jbd megaraid_mbox megaraid_mm sd_mod scsi_mod
Sep 4 19:09:22 troy kernel: CPU: 1
Sep 4 19:09:22 troy kernel: EIP: 0060:[<f8aec7fb>] Tainted: PF VLI
Sep 4 19:09:22 troy kernel: EFLAGS: 00010282 (2.6.12-1.1447_FC4smp)
Sep 4 19:09:22 troy kernel: EIP is at ip6_fragment+0x1d9/0x7bd [ipv6]
Sep 4 19:09:22 troy kernel: eax: fffffff2 ebx: f7954280 ecx: fffffda0 edx: f34e0600
Sep 4 19:09:22 troy kernel: esi: fffffda0 edi: f3ce3840 ebp: f3ce3840 esp: f65abbe0
Sep 4 19:09:22 troy kernel: ds: 007b es: 007b ss: 0068
Sep 4 19:09:22 troy kernel: Process named-ns3.nic.f (pid: 3553, threadinfo=f65ab000 task=f793ca80)
Sep 4 19:09:22 troy kernel: Stack: badc0ded fffffda0 00000245 f8aeb597 c222dc80 f7e3bc80 00000245 fffffda4
Sep 4 19:09:22 troy kernel: 00000830 ffffffe5 fffffda0 c6faab57 00000830 b7f0f134 0e000000 f65abeec
Sep 4 19:09:22 troy kernel: f4c33040 f6edb980 00000000 f34e0048 f6d40300 c222dc80 f34e0040 f6d404b4
Sep 4 19:09:22 troy kernel: Call Trace:
Sep 4 19:09:22 troy kernel: [<f8aeb597>] ip6_output2+0x0/0x2b4 [ipv6]
Sep 4 19:09:22 troy kernel: [<f8aedd06>] ip6_push_pending_frames+0x291/0x42d [ipv6]
Sep 4 19:09:22 troy kernel: [<f8aed804>] ip6_append_data+0x72d/0x99e [ipv6]
Sep 4 19:09:22 troy kernel: [<c02c997b>] ip_generic_getfrag+0x0/0x94
Sep 4 19:09:22 troy kernel: [<f8afe91c>] udp_v6_push_pending_frames+0x124/0x1ac [ipv6]
Sep 4 19:09:22 troy kernel: [<f8aff08c>] udpv6_sendmsg+0x6e8/0x8db [ipv6]
Sep 4 19:09:22 troy kernel: [<c02e6200>] udp_recvmsg+0xbe/0x2f3
Sep 4 19:09:22 troy kernel: [<c02ecafa>] inet_sendmsg+0x2e/0x4c
Sep 4 19:09:22 troy kernel: [<c02a2577>] sock_sendmsg+0xe4/0xff
Sep 4 19:09:22 troy kernel: [<c011c9b3>] find_busiest_group+0xbe/0x320
Sep 4 19:09:22 troy kernel: [<c0134feb>] autoremove_wake_function+0x0/0x37
Sep 4 19:09:22 troy kernel: [<c01d7cae>] copy_from_user+0x42/0x84
Sep 4 19:09:23 troy kernel: [<c02a3e0c>] sys_sendmsg+0x11e/0x213
Sep 4 19:09:23 troy kernel: [<c011b7ca>] activate_task+0x8c/0x9b
Sep 4 19:09:23 troy kernel: [<c011bb19>] try_to_wake_up+0x6e/0x2b1
Sep 4 19:09:23 troy kernel: [<c0156fc1>] find_extend_vma+0x12/0x4f
Sep 4 19:09:23 troy kernel: [<c0137f52>] get_futex_key+0x38/0x133
Sep 4 19:09:23 troy kernel: [<c0156fc1>] find_extend_vma+0x12/0x4f
Sep 4 19:09:23 troy kernel: [<c0137f52>] get_futex_key+0x38/0x133
Sep 4 19:09:23 troy kernel: [<c02a4348>] sys_socketcall+0x270/0x292
Sep 4 19:09:23 troy kernel: [<c0108709>] do_syscall_trace+0xef/0x123
Sep 4 19:09:23 troy kernel: [<c0104035>] syscall_call+0x7/0xb
Sep 4 19:09:23 troy kernel: Code: 24 37 88 4d 00 c6 45 01 00 c7 45 04 00 00 00 00 8b 4b 24 8b 74 24 24 89 34 24 8b 54 24 2c 8b 44 24 0c e8 49 ae 7b c7 85 c0 74 08 <0f> 0b ce 02 7c 1f b1 f8 0f b7 44 24 44 89 c2 c1 e2 08 c1 e8 08
I use Linux Fedora Core 4 and bind 9.3.1 from the box :
# cat /proc/version
Linux version 2.6.12-1.1447_FC4smp (bhcompile at decompose.build.redhat.com) (gcc version 4.0.1 20050727 (Red Hat 4.0.1-5)) #1 SMP Fri Aug 26 20:57:13 EDT 2005
# /usr/src/redhat/BUILD/kernel-2.6.12/linux-2.6.12/scripts/ver_linux
Linux troy.nic.fr 2.6.12-1.1447_FC4smp #1 SMP Fri Aug 26 20:57:13 EDT 2005 i686 i686 i386 GNU/Linux
Gnu C 4.0.1
Gnu make 3.80
binutils 2.15.94.0.2.2
util-linux 2.12p
mount 2.12p
module-init-tools 3.1
e2fsprogs 1.37
reiserfsprogs line
reiser4progs line
quota-tools 3.12.
PPP 2.4.2
nfs-utils 1.0.7
Linux C Library 2.3.5
Dynamic linker (ldd) 2.3.5
Procps 3.2.5
Net-tools 1.60
Kbd 1.12
Sh-utils 5.2.1
udev 058
Modules Loaded dcdipm dcdbas autofs4 i2c_dev i2c_core sunrpc md5 ipv6 dm_mod video button battery ac uhci_hcd ehci_hcd hw_random shpchp e1000 floppy sg ext3 jbd megaraid_mbox megaraid_mm sd_mod scsi_mod
Everything seems fine with TCP.
I don't know if my diagnostic is right, then if somebody can help me !
--
Jean-Philippe PICK
AFNIC / NIC-France
More information about the bind-users
mailing list