Strange ping issue on gentoo?

M

mafet2011-02-09 02:53:24

linux

mafet, 2011-02-09 02:53:24

Faced such a problem when ping -f ya.ru at home:

02:37:47.456428 IP 127.0.0.1.37285 &gt; 127.0.0.1.53: 13364+ PTR? 3.251.250.87.in-addr.arpa. (43)<br/>
02:37:47.456494 IP 127.0.0.1.53 &gt; 127.0.0.1.37285: 13364 1/7/1 PTR <a href="http://www.yandex.ru.">www.yandex.ru.</a> (262)<br/>
02:37:47.459406 IP 127.0.0.1.50299 &gt; 127.0.0.1.53: 9445+ PTR? 3.251.250.87.in-addr.arpa. (43)<br/>
02:37:47.459473 IP 127.0.0.1.53 &gt; 127.0.0.1.50299: 9445 1/7/1 PTR <a href="http://www.yandex.ru.">www.yandex.ru.</a> (262)<br/>
02:37:47.459486 IP 127.0.0.1 &gt; 127.0.0.1: ICMP 127.0.0.1 udp port 50299 unreachable, length 298<br/>
02:37:52.465455 IP 127.0.0.1.53 &gt; 127.0.0.1.50299: 9445 1/7/1 PTR <a href="http://www.yandex.ru.">www.yandex.ru.</a> (262)<br/>
02:37:52.465470 IP 127.0.0.1 &gt; 127.0.0.1: ICMP 127.0.0.1 udp port 50299 unreachable, length 298<br/>
02:37:57.474243 IP 127.0.0.1.59784 &gt; 127.0.0.1.53: 5279+ PTR? 3.251.250.87.in-addr.arpa. (43)<br/>
02:37:57.474385 IP 127.0.0.1.53 &gt; 127.0.0.1.59784: 5279 1/7/1 PTR <a href="http://www.yandex.ru.">www.yandex.ru.</a> (262)<br/>
02:37:57.477619 IP 127.0.0.1.40930 &gt; 127.0.0.1.53: 54444+ PTR? 3.251.250.87.in-addr.arpa. (43)<br/>
02:37:57.477721 IP 127.0.0.1.53 &gt; 127.0.0.1.40930: 54444 1/7/1 PTR <a href="http://www.yandex.ru.">www.yandex.ru.</a> (262)

I must say right away - I have a dns server on my localhost, I do ping without the -n option (everything is ok with it, because there are no calls to dns), everything is fine with dns, because. he answers honestly.
Axis gentoo dom0 (using xen virtualization), 2.6.34-xen-r4 x86_64, profile hardened/linux/amd64
Updated to the latest package version.
I recompiled ping just in case.
sysctl.conf is stock except for:

net.ipv4.ip_forward = 1<br/>
net.ipv4.conf.all.send_redirects = 0<br/>
net.ipv4.conf.all.force_igmp_version = 2<br/>
net.ipv4.conf.all.rp_filter=0

A little analysis of what is happening and what is strange:

1) 02:37:47.459406 IP 127.0.0.1.50299 &gt; 127.0.0.1.53: 9445+ PTR? 3.251.250.87.in-addr.arpa. (43)<br/>
2) 02:37:47.459473 IP 127.0.0.1.53 &gt; 127.0.0.1.50299: 9445 1/7/1 PTR <a href="http://www.yandex.ru.">www.yandex.ru.</a> (262)<br/>
3) 02:37:47.459486 IP 127.0.0.1 &gt; 127.0.0.1: ICMP 127.0.0.1 udp port 50299 unreachable, length 298<br/>
4) 02:37:52.465455 IP 127.0.0.1.53 &gt; 127.0.0.1.50299: 9445 1/7/1 PTR <a href="http://www.yandex.ru.">www.yandex.ru.</a> (262)<br/>
5) 02:37:52.465470 IP 127.0.0.1 &gt; 127.0.0.1: ICMP 127.0.0.1 udp port 50299 unreachable, length 298<br/>

1) there was a request to resolve the address 3.251.250.87.in-addr.arpa. from port 50299/udp
2) the dns server honestly answered him - like www.yandex.ru
3) and then op-pa. No one is listening to 50299/udp and there is no one to receive the answer, although the ping continues to work and continues to successfully ping after the timeout.
4) repeated attempt to send a response (there are two of them in total) 5) again -
unrichbl
I have not done a complete rebuild since installation (which was several years ago). But I don’t feel like kagbe, because for a long time.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

D

digreen, 2011-02-09
@digreen

And why are you launching a ping flood (-f) on a poor Yandex, and why are you waiting for a response to each icmp-request?

S

Sergey, 2011-02-09
@bondbig

That's because how stubborn the harsh gentushniks are, they even rebuild the ping. I always envied such people, so much free time and such strong nerves.
Oh yes, I don’t know how to help, I’m sorry, I just came to express my admiration.