search

balena-os / meta-balena

A collection of Yocto layers used to build balenaOS images
https://www.balena.io/os
967 stars 115 forks source link

dnsmasq nslookup via 127.0.0.2 is slow #1204

Open ZubairLK opened 5 years ago

ZubairLK commented 5 years ago

nslookup vpn.resin.io tries to query through dnsmasq on 127.0.0.2.

Running nslookup vpn.resin.io is considerably slower than nslookup vpn.resin.io 8.8.8.8

Front logo Front conversations

Front logo Front conversations

majorz commented 5 years ago

Adding an /etc/hosts entry for 127.0.0.2 solves the issue.

Without the entry dnsmasq logs look like this:

Oct 11 09:20:57 0bf6855 dnsmasq[721]: dnsmasq[721]: query[PTR] 2.0.0.127.in-addr.arpa from 127.0.0.1
Oct 11 09:20:57 0bf6855 dnsmasq[721]: dnsmasq[721]: config 127.0.0.2 is NXDOMAIN
Oct 11 09:21:02 0bf6855 dnsmasq[721]: dnsmasq[721]: query[A] vpn.resin.io from 127.0.0.1
Oct 11 09:21:02 0bf6855 dnsmasq[721]: dnsmasq[721]: cached vpn.resin.io is <CNAME>
Oct 11 09:21:02 0bf6855 dnsmasq[721]: dnsmasq[721]: forwarded vpn.resin.io to 192.168.1.1
Oct 11 09:21:02 0bf6855 dnsmasq[721]: dnsmasq[721]: query[AAAA] vpn.resin.io from 127.0.0.1
Oct 11 09:21:02 0bf6855 dnsmasq[721]: dnsmasq[721]: forwarded vpn.resin.io to 192.168.1.1
Oct 11 09:21:02 0bf6855 dnsmasq[721]: dnsmasq[721]: reply vpn.resin.io is <CNAME>
Oct 11 09:21:02 0bf6855 dnsmasq[721]: dnsmasq[721]: reply resin-vpnnl-s1wro58y28co-67b66e9f6dbf0e29.elb.us-east-1.amazonaws.com is 18.232.192.190
Oct 11 09:21:02 0bf6855 dnsmasq[721]: dnsmasq[721]: reply resin-vpnnl-s1wro58y28co-67b66e9f6dbf0e29.elb.us-east-1.amazonaws.com is 34.237.229.125
Oct 11 09:21:02 0bf6855 dnsmasq[721]: dnsmasq[721]: reply vpn.resin.io is <CNAME>
Oct 11 09:21:02 0bf6855 dnsmasq[721]: dnsmasq[721]: reply resin-vpnnl-s1wro58y28co-67b66e9f6dbf0e29.elb.us-east-1.amazonaws.com is NODATA-IPv6
Oct 11 09:21:02 0bf6855 dnsmasq[721]: dnsmasq[721]: query[PTR] 190.192.232.18.in-addr.arpa from 127.0.0.1
Oct 11 09:21:02 0bf6855 dnsmasq[721]: dnsmasq[721]: forwarded 190.192.232.18.in-addr.arpa to 192.168.1.1
Oct 11 09:21:02 0bf6855 dnsmasq[721]: dnsmasq[721]: reply 18.232.192.190 is ec2-18-232-192-190.compute-1.amazonaws.com
Oct 11 09:21:02 0bf6855 dnsmasq[721]: dnsmasq[721]: query[PTR] 125.229.237.34.in-addr.arpa from 127.0.0.1
Oct 11 09:21:02 0bf6855 dnsmasq[721]: dnsmasq[721]: forwarded 125.229.237.34.in-addr.arpa to 192.168.1.1
Oct 11 09:21:02 0bf6855 dnsmasq[721]: dnsmasq[721]: reply 34.237.229.125 is ec2-34-237-229-125.compute-1.amazonaws.com

With it they look like this (no more reversed DNS lookup logged for 127.0.0.2 at the beginning):

Oct 11 10:20:36 0bf6855 dnsmasq[717]: dnsmasq[717]: query[A] vpn.resin.io from 127.0.0.1
Oct 11 10:20:36 0bf6855 dnsmasq[717]: dnsmasq[717]: cached vpn.resin.io is <CNAME>
Oct 11 10:20:36 0bf6855 dnsmasq[717]: dnsmasq[717]: forwarded vpn.resin.io to 192.168.1.1
Oct 11 10:20:36 0bf6855 dnsmasq[717]: dnsmasq[717]: query[AAAA] vpn.resin.io from 127.0.0.1
Oct 11 10:20:36 0bf6855 dnsmasq[717]: dnsmasq[717]: forwarded vpn.resin.io to 192.168.1.1
Oct 11 10:20:36 0bf6855 dnsmasq[717]: dnsmasq[717]: reply vpn.resin.io is <CNAME>
Oct 11 10:20:36 0bf6855 dnsmasq[717]: dnsmasq[717]: reply resin-vpnnl-s1wro58y28co-67b66e9f6dbf0e29.elb.us-east-1.amazonaws.com is 34.237.229.125
Oct 11 10:20:36 0bf6855 dnsmasq[717]: dnsmasq[717]: reply resin-vpnnl-s1wro58y28co-67b66e9f6dbf0e29.elb.us-east-1.amazonaws.com is 18.232.192.190
Oct 11 10:20:36 0bf6855 dnsmasq[717]: dnsmasq[717]: reply vpn.resin.io is <CNAME>
Oct 11 10:20:36 0bf6855 dnsmasq[717]: dnsmasq[717]: reply resin-vpnnl-s1wro58y28co-67b66e9f6dbf0e29.elb.us-east-1.amazonaws.com is NODATA-IPv6
Oct 11 10:20:36 0bf6855 dnsmasq[717]: dnsmasq[717]: query[PTR] 125.229.237.34.in-addr.arpa from 127.0.0.1
Oct 11 10:20:36 0bf6855 dnsmasq[717]: dnsmasq[717]: forwarded 125.229.237.34.in-addr.arpa to 192.168.1.1
Oct 11 10:20:36 0bf6855 dnsmasq[717]: dnsmasq[717]: reply 34.237.229.125 is ec2-34-237-229-125.compute-1.amazonaws.com
Oct 11 10:20:36 0bf6855 dnsmasq[717]: dnsmasq[717]: query[PTR] 190.192.232.18.in-addr.arpa from 127.0.0.1
Oct 11 10:20:36 0bf6855 dnsmasq[717]: dnsmasq[717]: forwarded 190.192.232.18.in-addr.arpa to 192.168.1.1
Oct 11 10:20:36 0bf6855 dnsmasq[717]: dnsmasq[717]: reply 18.232.192.190 is ec2-18-232-192-190.compute-1.amazonaws.com
majorz commented 5 years ago

Next is to find out why the five seconds gap occurs when there is no hosts entry. I will post more information here once I start looking into it.

majorz commented 5 years ago

This looks related to reverse DNS lookup only. When doing a ping resolving is fast. I get fast results when using the trust-dns library as well.

majorz commented 5 years ago

This may or may not be related to occasional getaddrinfo EAI_AGAIN api.resin.io:443 errors we see - those indicate a DNS timeout.