Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

lwip udp handles for dns queries are retained for 5 seconds #504

Closed
scareything opened this issue Oct 4, 2022 · 1 comment · Fixed by #505
Closed

lwip udp handles for dns queries are retained for 5 seconds #504

scareything opened this issue Oct 4, 2022 · 1 comment · Fixed by #505

Comments

@scareything
Copy link
Member

client connections for inbound dns queries are never explicitly closed. eventually (after 5s) the udp timeout callback closes the connection but that can lead to temporary pcbs exhaustion when dns queries are coming in quickly enough (e.g. 50-100/sec).

[2022-10-04T17:29:37.230Z]   TRACE tunnel-sdk:tunnel_udp.c:175 recv_udp() received datagram 100.64.0.2:56324->100.64.0.2:53
[2022-10-04T17:29:37.230Z]   DEBUG tunnel-sdk:tunnel_udp.c:251 recv_udp() intercepted address[udp:100.64.0.2:53] client[udp:100.64.0.1:56324] service[ziti:dns-resolver]
[2022-10-04T17:29:37.230Z]   DEBUG tunnel-cbs:ziti_dns.c:211 on_dns_client() new DNS client
[2022-10-04T17:29:37.230Z]   DEBUG tunnel-sdk:ziti_tunnel.c:219 ziti_tunneler_dial_completed() ziti dial succeeded: client[udp:100.64.0.1:56324] service[ziti:dns-resolver]
...
[2022-10-04T17:29:42.283Z]   TRACE tunnel-cbs:ziti_dns.c:221 on_dns_close() DNS client close
[2022-10-04T17:29:42.283Z]   DEBUG tunnel-sdk:ziti_tunnel.c:431 ziti_tunneler_close() closing connection: client[udp:100.64.0.1:56324] service[ziti:dns-resolver]
[2022-10-04T17:29:42.283Z]   DEBUG tunnel-sdk:tunnel_udp.c:112 tunneler_udp_close() closing ziti:dns-resolver session
[2022-10-04T17:29:42.283Z]   TRACE tunnel-cbs:ziti_dns.c:221 on_dns_close() DNS client close
@scareything
Copy link
Member Author

This will lead to intermittent

recv_udp() unable to allocate UDP pcb - UDP connection limit is 512

errors when too many queries are being handled.

@scareything scareything mentioned this issue Oct 4, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

always close underlay connection for dns queries openziti/ziti-tunnel-sdk-c
1 participant
@scareything