Please keep redialing when DNS lookup fails

duck-rh commented 1 year ago

Describe the bug We have a LAC configuration and I noticed that when a batch of security fixes comes in and triggers a restart of DNS resolver + xl2tpd then due to the race often xl2tpd is faster and this ends up with Host name lookup failed. The redial option is enabled and seemed to work well in other situations but if the DNS resolution fails, at least when the service is restarted, then xl2tpd never retries until I manually issue a xl2tpd-control connect.

To Reproduce Steps to reproduce the behavior:

install bind9 or another resolver alongside xl2tpd
create a LAC configuration
restart both services at the same time
Host name lookup failed for lns.example.com in the logs and nothing else happens

Expected behavior If redial is set to yes then it should also retry the DNS resolution and then the connection.

It could be solved in the service file. I have no idea if this happens if the resolution fails without restarting or if there is a cache, but it would probably be safer to ensure it is retried in the code.

l2tp detail:

x2ltpd version: 1.3.15

I did not see anything that would solve my problem in the later changelog entries. I'll be able to test 1.3.18 when Debian Bookworm is released or if I have time preparing a backport.

Also it's not a recent problem, I just did not have time to check what's going on earlier.

xl2tpd.conf

[lac stuff]
lns = l2tp.example.com
redial = yes
redial timeout = 15
require chap = yes
refuse pap = yes
require authentication = yes
name = user@stuff
pppoptfile = /etc/ppp/options.l2tp.stuff
ppp debug = yes

StasLuts commented 9 months ago

Hi! fixed in 1.3.18

duck-rh commented 9 months ago

@StasLuts missed that, thanks a lot :-)

xelerance / xl2tpd

Please keep redialing when DNS lookup fails #258