[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: nsdispatch errors on security/spiped when mdns lookups are enabled



On 11/09/16 07:19, Dave Cottlehuber wrote:
> On Tue, 8 Nov 2016, at 21:59, Colin Percival wrote:
>> The address "127.0.0.1" is interpreted by spiped as a host name and is
>> resolved using getaddrinfo (just like the "c1.skunkwerks.at" is).  To
>> specify a "raw" IP address, add square brackets: "[127.0.0.1]:5984".
> 
> thanks Colin. I've added brackets (apologies for missing the man page, I
> assumed it was for IPv6 only)

No worries.  I made spiped a bit non-standard here; I preferred the
consistency of using square brackets to mark all types of IP addresses
rather than the more common approach of dropping the brackets for IPv4.

> but I still get errors.
> 
> /etc/rc.conf.d/spiped/couchdb:spiped_pipe_COUCHDB_SERVER_source="[0.0.0.0]:45984"
> /etc/rc.conf.d/spiped/couchdb:spiped_pipe_COUCHDB_SERVER_target="[127.0.0.1]:5984"
> /etc/rc.conf.d/spiped/couchdb:spiped_pipe_COUCHDB_BACKUP_source="[127.0.0.1]:5985"
> /etc/rc.conf.d/spiped/couchdb:spiped_pipe_COUCHDB_BACKUP_target="c1.skunkwerks.at:45984"

Hmm.  The IP addresses should be parsed internally, so I have to assume
that the errors are coming from resolving the c1.skunkwerks.at hostname.
As an experiment, can you try changing that (say, to an IP address which
you've resolved ahead of time) to see if the errors go away?  If yes, then
the problem is coming from the standard getaddrinfo(3) call.

> On a vanilla 11.0 however I see nsdispatch errors also from ntpd and pkg
> so I think we can safely assume spiped is not the issue here. Sorry for
> the noise.

Even if spiped isn't at fault, it would be nice to find out what is going
wrong. :-)

-- 
Colin Percival
Security Officer Emeritus, FreeBSD | The power to serve
Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid