subject:"\[systemd\-devel\] nss\-mymachines\: slow name resolution"

Re: [systemd-devel] nss-mymachines: slow name resolution

2016-02-16 Thread Kai Krakow

Am Tue, 16 Feb 2016 19:39:26 +0100
schrieb Kai Krakow :

> Am Tue, 16 Feb 2016 15:35:24 +0100
> schrieb Lennart Poettering :
> 
> > On Mon, 15.02.16 21:32, Kai Krakow (hurikha...@gmail.com) wrote:
> > 
> > > Am Mon, 15 Feb 2016 14:28:19 +0100
> > > schrieb Lennart Poettering :
> > > 
> > > > On Sun, 14.02.16 13:49, Kai Krakow (hurikha...@gmail.com) wrote:
> > > > 
> > > > > Hello!
> > > > > 
> > > > > I've followed the man page guide to setup mymachines name
> > > > > resolution in nsswitch.conf. It works. But it takes around 4-5
> > > > > seconds to resolve a name. This is unexpected and cannot be
> > > > > used in production.
> > > > 
> > > > This sounds like the LLMNR timeout done. I figure we should fix
> > > > the docs to suggest that "mymachines" appears before "resolve"
> > > > in nsswitch.conf. That should fix your issue...
> > > 
> > > Apparently it doesn't fix it - although I will leave it in this
> > > order according to your recommendation.
> > > 
> > > Is there a way to globally disable LLMNR altogether to nail it
> > > down? I tried setting LLMNR=false in *.network - didn't help.
> > 
> > Use the LLMNR= setting in /etc/systemd/resolved.conf
> 
> Yeah! *thumbsup* You da man, Lennart!
> 
> Setting LLMNR to "resolve" or to "no" globally solves the problem
> which proves your first suspicion.

BTW: Enabling and starting avahi also fixed the problem (at least it
looks like, did a few other steps), although I don't see it listening
on port 5353.

> Now, how can I figure out which interface is the problematic one? Do I
> actually need LLMNR in a simple home network?
> 
> The long term is to use this in a container based hosting environment.
> I'm pretty sure I actually don't need LLMNR there. So I'm just curious
> how to "optimize" my home setup.


-- 
Regards,
Kai

Replies to list-only preferred.

___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] nss-mymachines: slow name resolution

2016-02-16 Thread Kai Krakow

Am Tue, 16 Feb 2016 15:35:24 +0100
schrieb Lennart Poettering :

> On Mon, 15.02.16 21:32, Kai Krakow (hurikha...@gmail.com) wrote:
> 
> > Am Mon, 15 Feb 2016 14:28:19 +0100
> > schrieb Lennart Poettering :
> > 
> > > On Sun, 14.02.16 13:49, Kai Krakow (hurikha...@gmail.com) wrote:
> > > 
> > > > Hello!
> > > > 
> > > > I've followed the man page guide to setup mymachines name
> > > > resolution in nsswitch.conf. It works. But it takes around 4-5
> > > > seconds to resolve a name. This is unexpected and cannot be
> > > > used in production.
> > > 
> > > This sounds like the LLMNR timeout done. I figure we should fix
> > > the docs to suggest that "mymachines" appears before "resolve" in
> > > nsswitch.conf. That should fix your issue...
> > 
> > Apparently it doesn't fix it - although I will leave it in this
> > order according to your recommendation.
> > 
> > Is there a way to globally disable LLMNR altogether to nail it
> > down? I tried setting LLMNR=false in *.network - didn't help.
> 
> Use the LLMNR= setting in /etc/systemd/resolved.conf

Yeah! *thumbsup* You da man, Lennart!

Setting LLMNR to "resolve" or to "no" globally solves the problem which
proves your first suspicion.

Now, how can I figure out which interface is the problematic one? Do I
actually need LLMNR in a simple home network?

The long term is to use this in a container based hosting environment.
I'm pretty sure I actually don't need LLMNR there. So I'm just curious
how to "optimize" my home setup.

-- 
Regards,
Kai

Replies to list-only preferred.

___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] nss-mymachines: slow name resolution

2016-02-16 Thread Lennart Poettering

On Mon, 15.02.16 21:32, Kai Krakow (hurikha...@gmail.com) wrote:

> Am Mon, 15 Feb 2016 14:28:19 +0100
> schrieb Lennart Poettering :
> 
> > On Sun, 14.02.16 13:49, Kai Krakow (hurikha...@gmail.com) wrote:
> > 
> > > Hello!
> > > 
> > > I've followed the man page guide to setup mymachines name
> > > resolution in nsswitch.conf. It works. But it takes around 4-5
> > > seconds to resolve a name. This is unexpected and cannot be used in
> > > production.
> > 
> > This sounds like the LLMNR timeout done. I figure we should fix the
> > docs to suggest that "mymachines" appears before "resolve" in
> > nsswitch.conf. That should fix your issue...
> 
> Apparently it doesn't fix it - although I will leave it in this order
> according to your recommendation.
> 
> Is there a way to globally disable LLMNR altogether to nail it down? I
> tried setting LLMNR=false in *.network - didn't help.

Use the LLMNR= setting in /etc/systemd/resolved.conf

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] nss-mymachines: slow name resolution

2016-02-15 Thread Kai Krakow

Am Mon, 15 Feb 2016 14:28:19 +0100
schrieb Lennart Poettering :

> On Sun, 14.02.16 13:49, Kai Krakow (hurikha...@gmail.com) wrote:
> 
> > Hello!
> > 
> > I've followed the man page guide to setup mymachines name
> > resolution in nsswitch.conf. It works. But it takes around 4-5
> > seconds to resolve a name. This is unexpected and cannot be used in
> > production.
> 
> This sounds like the LLMNR timeout done. I figure we should fix the
> docs to suggest that "mymachines" appears before "resolve" in
> nsswitch.conf. That should fix your issue...

Apparently it doesn't fix it - although I will leave it in this order
according to your recommendation.

Is there a way to globally disable LLMNR altogether to nail it down? I
tried setting LLMNR=false in *.network - didn't help.

-- 
Regards,
Kai

Replies to list-only preferred.

___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] nss-mymachines: slow name resolution

2016-02-15 Thread Lennart Poettering

On Sun, 14.02.16 13:49, Kai Krakow (hurikha...@gmail.com) wrote:

> Hello!
> 
> I've followed the man page guide to setup mymachines name resolution in
> nsswitch.conf. It works. But it takes around 4-5 seconds to resolve a
> name. This is unexpected and cannot be used in production.

This sounds like the LLMNR timeout done. I figure we should fix the
docs to suggest that "mymachines" appears before "resolve" in
nsswitch.conf. That should fix your issue...

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] nss-mymachines: slow name resolution

2016-02-14 Thread Kai Krakow

Hello!

I've followed the man page guide to setup mymachines name resolution in
nsswitch.conf. It works. But it takes around 4-5 seconds to resolve a
name. This is unexpected and cannot be used in production.

I'm using systemd-networkd and systemd-resolved.

This is my config:

# /etc/nsswitch.conf:
# $Header: /var/cvsroot/gentoo/src/patchsets/glibc/extra/etc/nsswitch.conf,v 
1.1 2006/09/29 23:52:23 vapier Exp $

passwd:  compat mymachines
shadow:  compat
group:   compat mymachines

# passwd:db files nis
# shadow:db files nis
# group: db files nis

hosts:   files resolve mymachines myhostname
networks:files

services:db files
protocols:   db files
rpc: db files
ethers:  db files
netmasks:files
netgroup:files
bootparams:  files

automount:   files
aliases: files


Not sure if the errors below are related:

$ systemctl status systemd-{network,resolve}d
● systemd-networkd.service - Network Service
   Loaded: loaded (/usr/lib64/systemd/system/systemd-networkd.service; enabled; 
vendor preset: enabled)
   Active: active (running) since Sa 2016-02-13 13:40:51 CET; 24h ago
 Docs: man:systemd-networkd.service(8)
 Main PID: 763 (systemd-network)
   Status: "Processing requests..."
Tasks: 1 (limit: 512)
   Memory: 1.1M
  CPU: 400ms
   CGroup: /system.slice/systemd-networkd.service
   └─763 /usr/lib/systemd/systemd-networkd

Feb 14 13:11:27 jupiter.sol.local systemd-networkd[763]: Could not send 
rtnetlink message: Invalid argument
Feb 14 13:11:27 jupiter.sol.local systemd-networkd[763]: Could not remove 
route: Invalid argument
Feb 14 13:18:22 jupiter.sol.local systemd-networkd[763]: Could not send 
rtnetlink message: Invalid argument
Feb 14 13:18:22 jupiter.sol.local systemd-networkd[763]: Could not remove 
route: Invalid argument
Feb 14 13:25:43 jupiter.sol.local systemd-networkd[763]: Could not send 
rtnetlink message: Invalid argument
Feb 14 13:25:43 jupiter.sol.local systemd-networkd[763]: Could not remove 
route: Invalid argument
Feb 14 13:30:23 jupiter.sol.local systemd-networkd[763]: Could not send 
rtnetlink message: Invalid argument
Feb 14 13:30:23 jupiter.sol.local systemd-networkd[763]: Could not remove 
route: Invalid argument
Feb 14 13:39:57 jupiter.sol.local systemd-networkd[763]: Could not send 
rtnetlink message: Invalid argument
Feb 14 13:39:57 jupiter.sol.local systemd-networkd[763]: Could not remove 
route: Invalid argument

● systemd-resolved.service - Network Name Resolution
   Loaded: loaded (/usr/lib64/systemd/system/systemd-resolved.service; enabled; 
vendor preset: enabled)
   Active: active (running) since Sa 2016-02-13 13:40:51 CET; 24h ago
 Docs: man:systemd-resolved.service(8)
 Main PID: 824 (systemd-resolve)
   Status: "Processing requests..."
Tasks: 1 (limit: 512)
   Memory: 1.0M
  CPU: 2.122s
   CGroup: /system.slice/systemd-resolved.service
   └─824 /usr/lib/systemd/systemd-resolved

Feb 13 13:40:51 jupiter.sol.local systemd[1]: Starting Network Name 
Resolution...
Feb 13 13:40:51 jupiter.sol.local systemd-resolved[824]: Using system hostname 
'jupiter'.
Feb 13 13:40:51 jupiter.sol.local systemd[1]: Started Network Name Resolution.
Feb 13 13:40:56 jupiter.sol.local systemd-resolved[824]: Switching to DNS 
server 192.168.4.254 for interface enp5s0.

-- 
Regards,
Kai

Replies to list-only preferred.


___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] nss-mymachines: slow name resolution

2016-02-14 Thread Kai Krakow

Am Sun, 14 Feb 2016 13:49:01 +0100
schrieb Kai Krakow :

> Hello!
> 
> I've followed the man page guide to setup mymachines name resolution
> in nsswitch.conf. It works. But it takes around 4-5 seconds to
> resolve a name. This is unexpected and cannot be used in production.
> 
> I'm using systemd-networkd and systemd-resolved.

Some further investigation shows it is exactly 5 seconds because that
is the timeout e.g. "ping" and "ssh" use for the poll() call when I
strace the programs.

I then tried "ltrace" and it shows hanging in gethostbyname().

This behaviour is independent of resolver order in nsswitch.conf.

In contrast:

dig immediately returns, with expected result NXDOMAIN has my nspawns
machines are not registered in a DNS zone.

"getent hosts" returns immediately, yielding the correct IP.

gethostip shows the same behavior as ping and ssh.

What is special in this case? Why the timeout of 5 seconds?

> This is my config:
> 
> # /etc/nsswitch.conf:
> #
> $Header: /var/cvsroot/gentoo/src/patchsets/glibc/extra/etc/nsswitch.conf,v
> 1.1 2006/09/29 23:52:23 vapier Exp $
> 
> passwd:  compat mymachines
> shadow:  compat
> group:   compat mymachines
> 
> # passwd:db files nis
> # shadow:db files nis
> # group: db files nis
> 
> hosts:   files resolve mymachines myhostname
> networks:files
> 
> services:db files
> protocols:   db files
> rpc: db files
> ethers:  db files
> netmasks:files
> netgroup:files
> bootparams:  files
> 
> automount:   files
> aliases: files
> 
> 
> Not sure if the errors below are related:
> 
> $ systemctl status systemd-{network,resolve}d
> ● systemd-networkd.service - Network Service
>Loaded: loaded
> (/usr/lib64/systemd/system/systemd-networkd.service; enabled; vendor
> preset: enabled) Active: active (running) since Sa 2016-02-13
> 13:40:51 CET; 24h ago Docs: man:systemd-networkd.service(8) Main PID:
> 763 (systemd-network) Status: "Processing requests..."
> Tasks: 1 (limit: 512)
>Memory: 1.1M
>   CPU: 400ms
>CGroup: /system.slice/systemd-networkd.service
>└─763 /usr/lib/systemd/systemd-networkd
> 
> Feb 14 13:11:27 jupiter.sol.local systemd-networkd[763]: Could not
> send rtnetlink message: Invalid argument Feb 14 13:11:27
> jupiter.sol.local systemd-networkd[763]: Could not remove route:
> Invalid argument Feb 14 13:18:22 jupiter.sol.local
> systemd-networkd[763]: Could not send rtnetlink message: Invalid
> argument Feb 14 13:18:22 jupiter.sol.local systemd-networkd[763]:
> Could not remove route: Invalid argument Feb 14 13:25:43
> jupiter.sol.local systemd-networkd[763]: Could not send rtnetlink
> message: Invalid argument Feb 14 13:25:43 jupiter.sol.local
> systemd-networkd[763]: Could not remove route: Invalid argument Feb
> 14 13:30:23 jupiter.sol.local systemd-networkd[763]: Could not send
> rtnetlink message: Invalid argument Feb 14 13:30:23 jupiter.sol.local
> systemd-networkd[763]: Could not remove route: Invalid argument Feb
> 14 13:39:57 jupiter.sol.local systemd-networkd[763]: Could not send
> rtnetlink message: Invalid argument Feb 14 13:39:57 jupiter.sol.local
> systemd-networkd[763]: Could not remove route: Invalid argument
> 
> ● systemd-resolved.service - Network Name Resolution
>Loaded: loaded
> (/usr/lib64/systemd/system/systemd-resolved.service; enabled; vendor
> preset: enabled) Active: active (running) since Sa 2016-02-13
> 13:40:51 CET; 24h ago Docs: man:systemd-resolved.service(8) Main PID:
> 824 (systemd-resolve) Status: "Processing requests..."
> Tasks: 1 (limit: 512)
>Memory: 1.0M
>   CPU: 2.122s
>CGroup: /system.slice/systemd-resolved.service
>└─824 /usr/lib/systemd/systemd-resolved
> 
> Feb 13 13:40:51 jupiter.sol.local systemd[1]: Starting Network Name
> Resolution... Feb 13 13:40:51 jupiter.sol.local
> systemd-resolved[824]: Using system hostname 'jupiter'. Feb 13
> 13:40:51 jupiter.sol.local systemd[1]: Started Network Name
> Resolution. Feb 13 13:40:56 jupiter.sol.local systemd-resolved[824]:
> Switching to DNS server 192.168.4.254 for interface enp5s0.

-- 
Regards,
Kai

Replies to list-only preferred.


___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] nss-mymachines: slow name resolution

Re: [systemd-devel] nss-mymachines: slow name resolution

Re: [systemd-devel] nss-mymachines: slow name resolution

Re: [systemd-devel] nss-mymachines: slow name resolution

Re: [systemd-devel] nss-mymachines: slow name resolution

[systemd-devel] nss-mymachines: slow name resolution

Re: [systemd-devel] nss-mymachines: slow name resolution

7 matches

Site Navigation

Mail list logo

Footer information