Free Hosting       Free Domains        Free Scripts     Free Support

   ipv6 and dnssec

Hello,

I'm working for the French NIC and I operate a DNS nameserver (c.nic.fr) which use IPv6 and DNSSEC. I have a problem with the ip6_output() function which sometimes crash the named process !

I think it's occurs when named is creating a "big" IPv6 UDP packet for DNSSEC answers. The packet, which is bigger than 1500 bytes, need to be splitted in two fragments. And at this moment the ip6_output() function crash )-:

I cannot reproduce it, but it occurs 3 times this weekend !

When I query the DNS server with IPv6 and DNSSEC :
# dig -6 @c.nic.fr ripe.net +dnssec

I can see with tcpdump the two fragments :
| 12:42:07.146478 electron6.nic.fr.46352 > c.nic.fr.domain: 12431+
| [1au] A? ripe.net. (37) 12:42:07.146660 c.nic.fr > electron6.nic.fr:
| frag (0|1448) domain > 46352: 12431*- 2/6/16[|domain]
| 12:42:07.146666 c.nic.fr > electron6.nic.fr: frag (1448|597)

When the kernel bugs, I get this message :

Sep 4 19:09:22 troy kernel: ------------[ cut here ]------------ Sep 4 19:09:22 troy kernel: kernel BUG at net/ipv6/ip6_output.c:718!
Sep 4 19:09:22 troy kernel: invalid operand: 0000 [#1] Sep 4 19:09:22 troy kernel: SMP Sep 4 19:09:22 troy kernel: Modules linked in: dcdipm(U) dcdbas(U) autofs4 i2c_dev i2c_core sunrpc md5 ipv6 dm_mod video button battery ac uhci_hcd ehci_hcd hw_random shpchp e1000 floppy sg ext3 jbd megaraid_mbox megaraid_mm sd_mod scsi_mod
Sep 4 19:09:22 troy kernel: CPU: 1
Sep 4 19:09:22 troy kernel: EIP: 0060:[<f8aec7fb>] Tainted: PF VLI
Sep 4 19:09:22 troy kernel: EFLAGS: 00010282 (2.6.12-1.1447_FC4smp)
Sep 4 19:09:22 troy kernel: EIP is at ip6_fragment+0x1d9/0x7bd [ipv6]
Sep 4 19:09:22 troy kernel: eax: fffffff2 ebx: f7954280 ecx: fffffda0 edx: f34e0600
Sep 4 19:09:22 troy kernel: esi: fffffda0 edi: f3ce3840 ebp: f3ce3840 esp: f65abbe0
Sep 4 19:09:22 troy kernel: ds: 007b es: 007b ss: 0068
Sep 4 19:09:22 troy kernel: Process named-ns3.nic.f (pid: 3553, threadinfo=f65ab000 task=f793ca80) Sep 4 19:09:22 troy kernel: Stack: badc0ded fffffda0 00000245 f8aeb597 c222dc80 f7e3bc80 00000245 fffffda4
Sep 4 19:09:22 troy kernel: 00000830 ffffffe5 fffffda0 c6faab57 00000830 b7f0f134 0e000000 f65abeec
Sep 4 19:09:22 troy kernel: f4c33040 f6edb980 00000000 f34e0048 f6d40300 c222dc80 f34e0040 f6d404b4
Sep 4 19:09:22 troy kernel: Call Trace:
Sep 4 19:09:22 troy kernel: [<f8aeb597>] ip6_output2+0x0/0x2b4 [ipv6] Sep 4 19:09:22 troy kernel: [<f8aedd06>] ip6_push_pending_frames+0x291/0x42d [ipv6] Sep 4 19:09:22 troy kernel: [<f8aed804>] ip6_append_data+0x72d/0x99e [ipv6] Sep 4 19:09:22 troy kernel: [<c02c997b>] ip_generic_getfrag+0x0/0x94 Sep 4 19:09:22 troy kernel: [<f8afe91c>] udp_v6_push_pending_frames+0x124/0x1ac [ipv6] Sep 4 19:09:22 troy kernel: [<f8aff08c>] udpv6_sendmsg+0x6e8/0x8db [ipv6] Sep 4 19:09:22 troy kernel: [<c02e6200>] udp_recvmsg+0xbe/0x2f3 Sep 4 19:09:22 troy kernel: [<c02ecafa>] inet_sendmsg+0x2e/0x4c Sep 4 19:09:22 troy kernel: [<c02a2577>] sock_sendmsg+0xe4/0xff Sep 4 19:09:22 troy kernel: [<c011c9b3>] find_busiest_group+0xbe/0x320 Sep 4 19:09:22 troy kernel: [<c0134feb>] autoremove_wake_function+0x0/0x37 Sep 4 19:09:22 troy kernel: [<c01d7cae>] copy_from_user+0x42/0x84 Sep 4 19:09:23 troy kernel: [<c02a3e0c>] sys_sendmsg+0x11e/0x213 Sep 4 19:09:23 troy kernel: [<c011b7ca>] activate_task+0x8c/0x9b Sep 4 19:09:23 troy kernel: [<c011bb19>] try_to_wake_up+0x6e/0x2b1 Sep 4 19:09:23 troy kernel: [<c0156fc1>] find_extend_vma+0x12/0x4f Sep 4 19:09:23 troy kernel: [<c0137f52>] get_futex_key+0x38/0x133 Sep 4 19:09:23 troy kernel: [<c0156fc1>] find_extend_vma+0x12/0x4f Sep 4 19:09:23 troy kernel: [<c0137f52>] get_futex_key+0x38/0x133 Sep 4 19:09:23 troy kernel: [<c02a4348>] sys_socketcall+0x270/0x292 Sep 4 19:09:23 troy kernel: [<c0108709>] do_syscall_trace+0xef/0x123 Sep 4 19:09:23 troy kernel: [<c0104035>] syscall_call+0x7/0xb Sep 4 19:09:23 troy kernel: Code: 24 37 88 4d 00 c6 45 01 00 c7 45 04 00 00 00 00 8b 4b 24 8b 74 24 24 89 34 24 8b 54 24 2c 8b 44 24 0c e8 49 ae 7b c7 85 c0 74 08 <0f> 0b ce 02 7c 1f b1 f8 0f b7 44 24 44 89 c2 c1 e2 08 c1 e8 08

I use Linux Fedora Core 4 and bind 9.3.1 from the box :

# cat /proc/version
Linux version 2.6.12-1.1447_FC4smp (bhcompile@decompose.build.redhat.com) (gcc version 4.0.1 20050727 (Red Hat 4.0.1-5)) #1 SMP Fri Aug 26 20:57:13 EDT 2005

# /usr/src/redhat/BUILD/kernel-2.6.12/linux-2.6.12/scripts/ver_linux
Linux troy.nic.fr 2.6.12-1.1447_FC4smp #1 SMP Fri Aug 26 20:57:13 EDT 2005 i686 i686 i386 GNU/Linux

Gnu C 4.0.1
Gnu make 3.80
binutils 2.15.94.0.2.2
util-linux 2.12p
mount 2.12p
module-init-tools 3.1
e2fsprogs 1.37
reiserfsprogs line
reiser4progs line
quota-tools 3.12.
PPP 2.4.2
nfs-utils 1.0.7
Linux C Library 2.3.5
Dynamic linker (ldd) 2.3.5
Procps 3.2.5
Net-tools 1.60
Kbd 1.12
Sh-utils 5.2.1
udev 058
Modules Loaded dcdipm dcdbas autofs4 i2c_dev i2c_core sunrpc md5 ipv6 dm_mod video button battery ac uhci_hcd ehci_hcd hw_random shpchp e1000 floppy sg ext3 jbd megaraid_mbox megaraid_mm sd_mod scsi_mod

Everything seems fine with TCP.

I don't know if my diagnostic is right, then if somebody can help me !

  Latest articles

Bad zone content in transfers

Slave bind skips delegation record in master zone

Slave zones not updating

SPF RRType

Trying to get full domain info in nslookup

Whois Tool

PPC        Webhosts        News         DNS        Partners        Downloads        Designers         SEO        Registrars

Ze Network © 2007 Free Space Australia Inc. All rights reserved.

   Wallpaper World   Tran Community