A DNS failure causes a slow problem resolution process for Linux Telnet ports

Lvs+keepalived was deployed yesterday and passed the test, no problems were found. This morning suddenly found, with ipvsadm–l view LVS information, response is very slow, and then go from the LVS telnet node port 22nd, found particularly slow.

At first I checked the keepalived.conf configuration file, thought to be the same network segment multiple LVS settings, resulting in multicast collisions, blocking the network.  Later stopped the LVS after the failure is still. Suddenly think of using strace to analyze, find out the reason.

The Telnet command calls the following shared object libraries and files, indicating that Telnet does permissions and security checks (such as SELinux), and then parse, the order is, first from the Hosts file, if there is a corresponding entry, can directly follow, if not, and then from the resolve.conf to find, Finally, the real IP address is reflected.

Today, due to a DNS 202.96.209.5 failure, there is a problem connecting its port 53, waiting for the timeout to continue. So Telnet has a few seconds to stutter.

Solution: Delete the records in the resolve or point to the available DNS.

/etc/ld.so.preload

/etc/ld.so.cache

/usr/lib64/libkrb4.so.2

/usr/lib64/libkrb4.so.2

/usr/lib64/libdes425.so.3

/usr/lib64/libkrb5.so.3

/usr/lib64/libk5crypto.so.3

/lib64/libcom_err.so.2

/usr/lib64/libkrb5support.so.0

/lib64/libkeyutils.so.1

/lib64/libresolv.so.2

/usr/lib64/libncurses.so.5

/lib64/libselinux.so.1

/lib64/libdl.so.2

/lib64/libc.so.6

/lib64/libsepol.so.1

/etc/selinux/config

/etc/nsswitch.conf

/etc/resolv.conf

[Email protected] ~]# stracetelnet 10.67.130.232 22

Execve ("/usr/kerberos/bin/telnet", ["Telnet", "10.67.130.232", "All"], [/* vars*/]) = 0

BRK (0) =0x2b867de32000

........................................................

Open ("/etc/resolv.conf", o_rdonly) = 3

Fstat (3, {st_mode=s_ifreg|0644, st_size=24,...}) = 0

Mmap (NULL, 4096, prot_read| prot_write,map_private| Map_anonymous,-1, 0) = 0x2b8670400000

Read (3, "NameServer 202.96.209.5\n", 4096) = 24

Read (3, "", 4096) = 0

Close (3) = 0

Munmap (0x2b8670400000, 4096) = 0

Uname ({sys= "Linux", node= "LVS1", ...}) = 0

Open ("/etc/host.conf", o_rdonly) = 3

Fstat (3, {st_mode=s_ifreg|0644, st_size=0,...}) = 0

Mmap (NULL, 4096, prot_read| prot_write,map_private| Map_anonymous,-1, 0) = 0x2b8670400000

Read (3, "", 4096) = 0

Close (3) = 0

Munmap (0x2b8670400000, 4096) = 0

Open ("/etc/hosts", o_rdonly) = 3

Fcntl (3, F_GETFD) = 0

Fcntl (3, f_setfd, fd_cloexec) = 0

Fstat (3, {st_mode=s_ifreg|0644,st_size=168, ...}) = 0

Mmap (NULL, 4096, prot_read| prot_write,map_private| Map_anonymous,-1, 0) = 0x2b8670400000

Read (3, "# Do not remove the Followingli" ..., 4096) = 168

Read (3, "", 4096) = 0

Close (3) = 0

Munmap (0x2b8670400000, 4096) = 0

Open ("/etc/ld.so.cache", o_rdonly) = 3

Fstat (3, {st_mode=s_ifreg|0644,st_size=96055, ...}) = 0

Mmap (NULL, 96055, Prot_read, map_private,3, 0) = 0x2b8670400000

Close (3) = 0

Open ("/lib64/libnss_dns.so.2", o_rdonly) = 3

Read (3, "\177elf\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340\17\0\0\0\0\0\0" ..., 832) = 832

Fstat (3, {st_mode=s_ifreg|0755,st_size=23736, ...}) = 0

Mmap (NULL, 2113792, prot_read| Prot_exec, map_private| map_denywrite,3, 0) = 0x2b8672527000

Mprotect (0x2b867252b000, 2093056,prot_none) = 0

Mmap (0x2b867272a000, 8192,prot_read| Prot_write, map_private| map_fixed| Map_denywrite, 3, 0x3000) =0x2b867272a000

Close (3) = 0

Mprotect (0x2b867272a000, 4096, Prot_read) =0

Munmap (0x2b8670400000, 96055) = 0

Socket (pf_inet, SOCK_DGRAM, ipproto_ip) = 3

Connect (3, {sa_family=af_inet, sin_port=htons (+), sin_addr=inet_addr ("202.96.209.5")}, 28) = 0

Fcntl (3, F_GETFL) = 0x2 (Flags O_RDWR)

Fcntl (3, F_SETFL, o_rdwr| O_nonblock) = 0

Poll ([{fd=3, events=pollout}], 1, 0) = 1 ([{fd=3, revents=pollout}])

SendTo (3, "\255a\1\0\0\1\0\0\0\0\0\0\003232\003130\00267\00210\7in-ad" ..., 44,msg_nosignal, NULL, 0) = 44

Poll ([{fd=3, Events=pollin}], 1,) = 0 (Timeout)

Poll ([{fd=3, events=pollout}], 1, 0) = 1 ([{fd=3, revents=pollout}])

SendTo (3, "\255a\1\0\0\1\0\0\0\0\0\0\003232\003130\00267\00210\7in-ad" ..., 44,msg_nosignal, NULL, 0) = 44

Poll ([{Fd=3,events=pollin}], 1, +) = 0 (Timeout)

Close (3) = 0

Fstat (1, {St_mode=s_ifchr|0620,st_rdev=makedev (136, 2), ...}) = 0

Mmap (NULL, 4096, prot_read| prot_write,map_private| Map_anonymous,-1, 0) = 0x2b8670400000

Write (1, "Trying 10.67.130.232...\r\n", 25trying10.67.130.232 ...

) = 25

Socket (pf_inet, Sock_stream, ipproto_ip) =3

SetSockOpt (3, Sol_ip, Ip_tos, [16], 4) = 0

Connect (3, {sa_family=af_inet, sin_port=htons (), Sin_addr=inet_addr ("10.67.130.232")}, 16) = 0

Open ("/proc/filesystems", o_rdonly) = 4

Read (4, "NODEV\TSYSFS\NNODEV\TROOTFS\NNODEV\TB" ..., 4095) = 331

Close (4) = 0

Open ("/root/.telnetrc", o_rdonly) =-1 ENOENT (No such fileor directory)

Open ("/proc/filesystems", o_rdonly) = 4

Read (4, "NODEV\TSYSFS\NNODEV\TROOTFS\NNODEV\TB" ..., 4095) = 331

Close (4) = 0

Write (1, "Connected to 10.67.130.232 (10.6" ...,Connected to 10.67.130.232 (10.67.130.232).

) = 45

This article is from the "son of the Father" blog, please be sure to keep this source http://kerdady.blog.51cto.com/9695053/1595987

A DNS failure causes a slow problem resolution process for Linux Telnet ports