[Pdns-users] public DoH/DoT dnsdist 1.9.8 exited on signal 11

Wed, 29 Jan 2025 14:26:29 -0800 

Hi,

our public DoH/DoT dnsdist instance just crashed.
It is the first time I see a dnsdist crash.
Unfortunately we do not have any core dump.
Jan 29 22:48:09 kernel: pid 75804 (dnsdist), jid 0, uid 208: exited on signal 11 (no core dump - bad address) 

Our dnsdist runs behind an nginx and forwards queries to recursors.

the config:
lines with secrets were removed
-----------------------------
newServer({address="109.70.100.136", maxInFlight=1000, sockets=32, name="clamps"}) newServer({address="109.70.100.140", maxInFlight=1000, sockets=32, name="roberto"}) 
newServer({address="127.0.0.1", sockets=4, name="bender"})
setServerPolicy(leastOutstanding)
addTLSLocal("0.0.0.0", "/usr/local/etc/ssl/lego/certificates/doh.applied-privacy.net.crt", "/usr/local/etc/ssl/lego/certificates/doh.applied-privacy.net.key", {ciphers='ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256', minTLSVersion='tls1.2', tcpFastOpenQueueSize=1000, maxInFlight=1000 }) addTLSLocal("[::]", "/usr/local/etc/ssl/lego/certificates/doh.applied-privacy.net.crt", "/usr/local/etc/ssl/lego/certificates/doh.applied-privacy.net.key", {ciphers='ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256', minTLSVersion='tls1.2', tcpFastOpenQueueSize=1000, maxInFlight=1000 })
addDOHLocal("0.0.0.0:444", "/usr/local/etc/ssl/lego/certificates/doh.applied-privacy.net.crt", "/usr/local/etc/ssl/lego/certificates/doh.applied-privacy.net.key", "/query", {minTLSVersion='tls1.3', serverTokens='doh', tcpFastOpenQueueSize=1000, tcpListenQueueSize=4096 }) addDOHLocal("[::]:444", "/usr/local/etc/ssl/lego/certificates/doh.applied-privacy.net.crt", "/usr/local/etc/ssl/lego/certificates/doh.applied-privacy.net.key", "/query", {minTLSVersion='tls1.3', serverTokens='doh', tcpFastOpenQueueSize=1000, tcpListenQueueSize=4096 }) 

setACL({'0.0.0.0/0', '::/0'})
controlSocket('127.0.0.1:5199')
setConsoleACL('127.0.0.1/8')
pc = newPacketCache(50000, {maxTTL=86400, minTTL=3, temporaryFailureTTL=60, staleTTL=60, dontAge=false}) 
getPool(""):setCache(pc)

webserver("127.0.0.1:8083")
setVerboseHealthChecks(true)
addAction(QTypeRule(65535), RCodeAction(DNSRCode.NOTIMP))




used version on FreeBSD 14.2:
---------------------------
Version        : 1.9.8
Origin         : dns/dnsdist
Architecture   : FreeBSD:14:amd64
Prefix         : /usr/local
Categories     : net dns
Licenses       : MIT, GPLv2, ISCL
Maintainer     : trem...@cainites.net
WWW            : https://dnsdist.org/
Comment        : Highly DNS-, DoS- and abuse-aware loadbalancer
Options        :
        CDB            : on
        DNSTAP         : off
        GNUTLS         : on
        LMDB           : on
        LUA            : on
        LUAJIT         : off
        OPENSSL        : on
        SNMP           : off
Shared Libs required:
        libsodium.so.26
        libre2.so.11
        libquiche.so.0
        libnghttp2.so.14
        liblua-5.4.so
        liblmdb.so.0
        libgnutls.so.30
        libedit.so.0
        libcdb.so.1
------------------------

Are there any currently known bugs that could cause this?

best regards,
Christoph

_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users

Reply via email to