ddns-scripts: do not verify DNS server on start #24183
Open
+1
−4
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
When the ddns update script is started, the system checks whether the configured DNS server can be reached. This is checked with the 'netcat' tool. The tool tries to establish a TCP connection on port 53 of the configured DNS server. The problem with this implementation is, that this call blocks the ddns update script until 'netcat' returns from the call. Verfification failed: If the IP and the port cannot be reached, the netcat call returns immediately. Verfification successfull: If the IP and the port of the DNS server can be reached, the connection remains established and so the ddns update scripts blocks until the configured TCP session timeout of the DNS server resets the connection. The behavior in the event of an successfull verificataion is a problem for the ddns update script if it is called via the hotplug. Since the ddns update script runs too long! This blocking behavior also depends on the TCP session timeout setting of the DNS server. > time netcat 1.1.1.1 53 netcat 1.1.1.1 53 0.00s user 0.00s system 0% cpu 10.016 total > time netcat 8.8.8.8 53 netcat 8.8.8.8 53 0.00s user 0.00s system 0% cpu 2.012 total The TCP session timeout is for 1.1.1.1 10 seconds and for 8.8.8.8 2 seconds. The '--wait' option of necat or the additional integration of the 'timeout' function of busybox was implemented for this behavior. But the used '--wait' function of netcat of the busybox shows no effect here. Since the used implementation is not clean, the question arise why this is necessary for the ddns update script at all? As the nslookup throws an error anyway if it cannot resolve the IP. This check is only informative. The check does not affect the script behavior. The check is therefore removed on ddns update. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
Works for me without issues. |
|
Can't check at this time :( |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Maintainer: me
Compile tested: no only script changes
Run tested: x86_64, APU3, OpenWrt latest
Description:
Can any of @McGiverGim @jummo @maxberger check that the change does not generate regressions?
I had problem with my ddns update and debugged it and the problem is the DNS server check.
When the ddns update script is started, the system checks whether the configured DNS server can be reached. This is checked with the 'netcat' tool. The tool tries to establish a TCP connection on port 53 of the configured DNS server.
The problem with this implementation is, that this call blocks the ddns update script until 'netcat' returns from the call.
Verfification failed:
If the IP and the port cannot be reached, the netcat call returns immediately.
Verfification successfull:
If the IP and the port of the DNS server can be reached, the connection remains established and so the ddns update scripts blocks until the configured TCP session timeout of the DNS server resets the connection.
The behavior in the event of an successfull verificataion is a problem for the ddns update script if it is called via the hotplug. Since the ddns update script runs too long! This blocking behavior also depends on the TCP session timeout setting of the DNS server.
The TCP session timeout is for 1.1.1.1 10 seconds and for 8.8.8.8 2 seconds.
The '--wait' option of necat or the additional integration of the 'timeout' function of busybox was implemented for this behavior. But the used '--wait' function of netcat of the busybox shows no effect here.
Since the used implementation is not clean, the question arise why this is necessary for the ddns update script at all? As the nslookup throws an error anyway if it cannot resolve the IP. This check is only informative. The check does not affect the script behavior.
The check is therefore removed on ddns update.