yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1998621] Re: dnsmasq on DHCP Agent does not listen on tcp/53 after dnsmasq restart

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: OpenStack Infra <1998621@xxxxxxxxxxxxxxxxxx>
Date: Wed, 21 Dec 2022 20:14:59 -0000
Reply-to: Bug 1998621 <1998621@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

Reviewed:  https://review.opendev.org/c/openstack/neutron/+/866489
Committed: https://opendev.org/openstack/neutron/commit/74224e79e031636018b970fac9c2aa72516eb12d
Submitter: "Zuul (22348)"
Branch:    master

commit 74224e79e031636018b970fac9c2aa72516eb12d
Author: Sebastian Lohff <sebastian.lohff@xxxxxxx>
Date:   Fri Dec 2 17:36:44 2022 +0100

    Gracefully restart dnsmasq to not break tcp DNS
    
    When talking to dnsmasq using DNS over tcp dnsmasq will fork out for
    TCP connections. Forked processes will stay until all connections have
    been closed, meaning that dangling connections will keep the processes
    and with that will also keep the tcp/53 port in listening state. On
    dnsmasq restart (e.g. on network update, subnet create, ...) the parent
    process is killed with SIGKILL and a new process is started. This new
    process cannot listen on tcp/53, as it is still in use by the old child
    with the dangling connection.
    
    To prevent dangling dnsmasq connections on tcp we need to properly
    shutdown the child. This is done by first sending SIGTERM and only send
    a SIGKILL if the process is not shutting down properly. With that we
    get proper cleanup of all children and tcp will come up after a restart.
    
    Change-Id: Ie633148c512f5124e978648c50a4c6318c61baa8
    Closes-bug: #1998621


** Changed in: neutron
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1998621

Title:
  dnsmasq on DHCP Agent does not listen on tcp/53 after dnsmasq restart

Status in neutron:
  Fix Released

Bug description:
  When talking to dnsmasq using DNS over tcp dnsmasq will fork out for
  TCP connections. Forked processes will stay until all connections have
  been closed, meaning that dangling connections will keep the processes
  and with that will also keep the tcp/53 port in listening state. On
  dnsmasq restart (e.g. on network update, subnet create, ...) the
  parent process is killed with SIGKILL and a new process is started.
  This new process cannot listen on tcp/53, as it is still in use by the
  old child with the dangling connection.

  This could be prevented by sending SIGTERM instead of SIGKILL, as
  dnsmasq then does a proper cleanup of its forks and all tcp/53
  connections are properly closed.

  This only happens when starting the dnsmasq with --bind-dynamic, as with this flag dnsmasq will ignore any errors resulting form it not being able to bind on tcp/53, see here:
  https://github.com/imp/dnsmasq/blob/f186bdcbc76cd894133a043b115b4510c0ee1fcf/src/network.c#L725-L726
  The flag has been introduced here:
  https://bugs.launchpad.net/neutron/+bug/1828473

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1998621/+subscriptions

References

[Bug 1998621] [NEW] dnsmasq on DHCP Agent does not listen on tcp/53 after dnsmasq restart
From: Sebastian Lohff, 2022-12-02