Bug#960739: marked as done (libc-bin: getaddrinfo() fails with EAI_AGAIN when the DNS query returns a large number of A and AAAA records.)

Mon, 18 May 2020 11:28:14 -0700 

Your message dated Mon, 18 May 2020 20:22:48 +0200
with message-id <87lflp85mv....@mid.deneb.enyo.de>
and subject line Re: Bug#960739: libc-bin: getaddrinfo() fails with EAI_AGAIN 
when the DNS query returns a large number of A and AAAA records.
has caused the Debian Bug report #960739,
regarding libc-bin: getaddrinfo() fails with EAI_AGAIN when the DNS query 
returns a large number of A and AAAA records.
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
960739: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960739
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: libc-bin
Version: 2.30-7
Severity: important
Tags: ipv6

Dear Maintainer,

When attempting to follow the instructions for installing the latest version of 
Docker Engine at 
https://docs.docker.com/engine/install/debian/ I noticed that 'apt-get update' 
and curl were both
failing to resolve download.docker.com.  The error message from both ping and 
curl was 
"Temporary failure in name resolution"

However, running 'host download.docker.com' yielded the following results:

download.docker.com is an alias for d2h67oheeuigaw.cloudfront.net.
d2h67oheeuigaw.cloudfront.net has address 13.227.73.43
d2h67oheeuigaw.cloudfront.net has address 13.227.73.44
d2h67oheeuigaw.cloudfront.net has address 13.227.73.95
d2h67oheeuigaw.cloudfront.net has address 13.227.73.15
d2h67oheeuigaw.cloudfront.net has IPv6 address 
2600:9000:2202:c00:3:db06:4200:93a1
d2h67oheeuigaw.cloudfront.net has IPv6 address 
2600:9000:2202:5000:3:db06:4200:93a1
d2h67oheeuigaw.cloudfront.net has IPv6 address 
2600:9000:2202:7a00:3:db06:4200:93a1
d2h67oheeuigaw.cloudfront.net has IPv6 address 
2600:9000:2202:9200:3:db06:4200:93a1
d2h67oheeuigaw.cloudfront.net has IPv6 address 
2600:9000:2202:9600:3:db06:4200:93a1
d2h67oheeuigaw.cloudfront.net has IPv6 address 
2600:9000:2202:9c00:3:db06:4200:93a1
d2h67oheeuigaw.cloudfront.net has IPv6 address 
2600:9000:2202:a200:3:db06:4200:93a1
d2h67oheeuigaw.cloudfront.net has IPv6 address 
2600:9000:2202:f600:3:db06:4200:93a1

After examining the source code for iputils-ping, I was able to determine that 
the cause of the
error message was getaddrinfo() returning EAI_AGAIN

The following workarounds were effective:

* curl -4 https://download.docker.com/... (Forcing curl to use IPv4 only)
* ping -4 download.docker.com (Forcing IPv4 ping to use IPv4 only)
* Forcing apt to use IPv4 by adding 'Acquire::ForceIPv4 "true";' to apt.conf

It is also noteworthy that not all hostnames with both A and AAAA records 
trigger this bug. In fact,
hostnames with a low total record count like www.google.com have no problem 
whatsoever

<SNIP>
root@sandbox:~# host www.google.com
www.google.com has address 172.217.6.36
www.google.com has IPv6 address 2607:f8b0:4005:809::2004
...
root@sandbox:~# ping www.google.com
PING www.google.com (172.217.6.36) 56(84) bytes of data.
64 bytes from sfo03s08-in-f4.1e100.net (172.217.6.36): icmp_seq=1 ttl=63 
time=29.6 ms
...
^C
--- www.google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2005ms
rtt min/avg/max/mdev = 29.572/37.733/42.045/5.774 ms
</SNIP>

Please note that this bug also affects libc-bin 2.28-10 in buster.

-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-9-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libc-bin depends on:
ii  libc6  2.30-7

Versions of packages libc-bin recommends:
ii  manpages  5.06-1

libc-bin suggests no packages.

-- Configuration Files:
/etc/gai.conf changed [not included]

-- no debconf information

--- End Message ---
--- Begin Message --- 
* Mike Przybylski:

> Since you’ve pointed out pretty clearly from the pcap that Google
> and VirtualBox are having some bizarre interaction, I think we can
> close this as “not a bug.”  I apologize for taking up your time with
> it.

It's the DNS implementation in Virtualbox that's broken, particularly
in the area of TCP support.  Upstream glibc occasionally receives bug
reports about it, too.

--- End Message ---

Reply via email to