Hi,
I found a problem with the DNS resolution in a Solaris 10 DomU.
The Test Environment was:
I installed the Xen bfu on top of Solaris snv43 and booted the Dom0 with
Solaris. Then I installed and booted a Solaris 10 DomU.
In the Solaris 10 Dom0 the DNS resolution works; in the Solaris 10 DomU
the DNS resolution does not work as expected:
Inside the Solaris 10 DomU I can''t use hostnames resolved by the DNS,
e.g.
bash-3.00# ping www.heise.de
ping: unknown host www.heise.de
The name resolution via /etc/hosts works:
bash-3.00# tail -1 /etc/hosts
152.2.210.80 ibiblio.org
bash-3.00# ping ibiblio.org
ibiblio.org is alive
nslookup works also:
bash-3.00# nslookup www.heise.de
Server: 192.168.178.1
Address: 192.168.178.1#53
Non-authoritative answer:
Name: www.heise.de
Address: 193.99.144.85
And I can ping the machine via it''s IP address:
bash-3.00# ping 193.99.144.85
193.99.144.85 is alive
The /etc/nsswitch.conf and /etc/resolv.conf are okay:
bash-3.00# egrep "hosts|ipnodes" /etc/nsswitch.conf | grep -v
"^#"
hosts: files dns
ipnodes: files dns
bash-3.00# cat /etc/resolv.conf
domain isbs.de
nameserver 192.168.178.1
Because I can reach the machines via there IP address the IP and routing
configuration is also okay.
A truss on ping gives the following results:
bash-3.00# truss ping www.heise.de
execve("/usr/sbin/ping", 0x08047E84, 0x08047E90) argc = 2
resolvepath("/usr/lib/ld.so.1", "/lib/ld.so.1", 1023) = 12
resolvepath("/usr/sbin/ping", "/usr/sbin/ping", 1023) = 14
sysconfig(_CONFIG_PAGESIZE) = 4096
xstat(2, "/usr/sbin/ping", 0x08047C48) = 0
open("/var/ld/ld.config", O_RDONLY) Err#2 ENOENT
xstat(2, "/lib/libxnet.so.1", 0x08047448) = 0
resolvepath("/lib/libxnet.so.1", "/lib/libxnet.so.1", 1023)
= 17
open("/lib/libxnet.so.1", O_RDONLY) = 3
mmap(0x00010000, 4096, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_ALIGN, 3, 0)
= 0xC6FC0000
mmap(0x00001000, 8192, PROT_NONE,
MAP_PRIVATE|MAP_NORESERVE|MAP_ANON|MAP_ALIGN, -1, 0) = 0xC6FB0000
mmap(0xC6FB0000, 5292, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED|MAP_TEXT, 3, 0) = 0xC6FB0000
mmap(0x00000000, 4096, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_ANON, -1, 0) = 0xC6FA0000
close(3) = 0
xstat(2, "/lib/libsocket.so.1", 0x08047448) = 0
resolvepath("/lib/libsocket.so.1", "/lib/libsocket.so.1",
1023) = 19
open("/lib/libsocket.so.1", O_RDONLY) = 3
mmap(0xC6FC0000, 4096, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0)
= 0xC6FC0000
mmap(0x00010000, 114688, PROT_NONE,
MAP_PRIVATE|MAP_NORESERVE|MAP_ANON|MAP_ALIGN, -1, 0) = 0xC6F80000
mmap(0xC6F80000, 44258, PROT_READ|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED|MAP_TEXT, 3, 0) = 0xC6F80000
mmap(0xC6F9B000, 2613, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_INITDATA, 3, 45056) = 0xC6F9B000
munmap(0xC6F8B000, 65536) = 0
memcntl(0xC6F80000, 11716, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
close(3) = 0
xstat(2, "/lib/libnsl.so.1", 0x08047448) = 0
resolvepath("/lib/libnsl.so.1", "/lib/libnsl.so.1", 1023) =
16
open("/lib/libnsl.so.1", O_RDONLY) = 3
mmap(0xC6FC0000, 4096, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0)
= 0xC6FC0000
mmap(0x00010000, 643072, PROT_NONE,
MAP_PRIVATE|MAP_NORESERVE|MAP_ANON|MAP_ALIGN, -1, 0) = 0xC6EE0000
mmap(0xC6EE0000, 529981, PROT_READ|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED|MAP_TEXT, 3, 0) = 0xC6EE0000
mmap(0xC6F72000, 20397, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_INITDATA, 3, 532480) = 0xC6F72000
mmap(0xC6F77000, 22816, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANON, -1, 0) = 0xC6F77000
munmap(0xC6F62000, 65536) = 0
memcntl(0xC6EE0000, 56996, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
close(3) = 0
xstat(2, "/lib/libm.so.2", 0x08047448) = 0
resolvepath("/lib/libm.so.2", "/lib/libm.so.2", 1023) = 14
open("/lib/libm.so.2", O_RDONLY) = 3
mmap(0xC6FC0000, 4096, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0)
= 0xC6FC0000
mmap(0x00010000, 364544, PROT_NONE,
MAP_PRIVATE|MAP_NORESERVE|MAP_ANON|MAP_ALIGN, -1, 0) = 0xC6E80000
mmap(0xC6E80000, 284148, PROT_READ|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED|MAP_TEXT, 3, 0) = 0xC6E80000
mmap(0xC6ED5000, 14760, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED|MAP_INITDATA, 3, 282624) = 0xC6ED5000
munmap(0xC6EC6000, 61440) = 0
memcntl(0xC6E80000, 22716, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
close(3) = 0
xstat(2, "/lib/libinetutil.so.1", 0x08047448) = 0
resolvepath("/lib/libinetutil.so.1",
"/lib/libinetutil.so.1", 1023) = 21
open("/lib/libinetutil.so.1", O_RDONLY) = 3
mmap(0xC6FC0000, 4096, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0)
= 0xC6FC0000
mmap(0x00000000, 4096, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_ANON, -1, 0) = 0xC6E70000
mmap(0x00010000, 81920, PROT_NONE,
MAP_PRIVATE|MAP_NORESERVE|MAP_ANON|MAP_ALIGN, -1, 0) = 0xC6E50000
mmap(0xC6E50000, 8963, PROT_READ|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED|MAP_TEXT, 3, 0) = 0xC6E50000
mmap(0xC6E63000, 372, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_INITDATA, 3, 12288) = 0xC6E63000
munmap(0xC6E53000, 65536) = 0
memcntl(0xC6E50000, 2760, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
close(3) = 0
xstat(2, "/lib/libc.so.1", 0x08047448) = 0
resolvepath("/lib/libc.so.1", "/lib/libc.so.1", 1023) = 14
open("/lib/libc.so.1", O_RDONLY) = 3
mmap(0xC6FC0000, 4096, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0)
= 0xC6FC0000
mmap(0x00010000, 897024, PROT_NONE,
MAP_PRIVATE|MAP_NORESERVE|MAP_ANON|MAP_ALIGN, -1, 0) = 0xC6D70000
mmap(0xC6D70000, 794871, PROT_READ|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED|MAP_TEXT, 3, 0) = 0xC6D70000
mmap(0xC6E43000, 23778, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_INITDATA, 3, 798720) = 0xC6E43000
mmap(0xC6E49000, 5152, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANON, -1, 0) = 0xC6E49000
munmap(0xC6E33000, 65536) = 0
memcntl(0xC6D70000, 120792, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
close(3) = 0
mmap(0x00000000, 4096, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_ANON, -1, 0) = 0xC6D60000
munmap(0xC6FC0000, 4096) = 0
mmap(0x00010000, 24576, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_ANON|MAP_ALIGN, -1, 0) = 0xC6D50000
getcontext(0x080479F0)
getrlimit(RLIMIT_STACK, 0x080479E8) = 0
getpid() = 103279 [103278]
lwp_private(0, 1, 0xC6D52000) = 0x000001C3
setustack(0xC6D52060)
sigfillset(0xC6E49578) = 0
sysi86(SI86FPSTART, 0xC6E49AEC, 0x0000133F, 0x00001F80) = 0x00000001
getuid() = 0 [0]
getuid() = 0 [0]
fstat64(1, 0x08047CF0) = 0
getpid() = 103279 [103278]
sysconfig(_CONFIG_PAGESIZE) = 4096
open("/etc/netconfig", O_RDONLY) = 3
fstat64(3, 0x08047580) = 0
brk(0x0809BE78) = 0
brk(0x0809FE78) = 0
fstat64(3, 0x080474A0) = 0
ioctl(3, TCGETA, 0x0804754C) Err#25 ENOTTY
read(3, " # C D D L H E A D E".., 8192) = 2150
read(3, 0x0809BE84, 8192) = 0
llseek(3, 0, SEEK_CUR) = 2150
llseek(3, 0, SEEK_SET) = 0
read(3, " # C D D L H E A D E".., 8192) = 2150
read(3, 0x0809BE84, 8192) = 0
llseek(3, 0, SEEK_CUR) = 2150
close(3) = 0
open("/dev/udp", O_RDONLY) = 3
ioctl(3, SIOCGLIFNUM, 0x08047A64) = 0
close(3) = 0
open("/dev/udp6", O_RDONLY) = 3
ioctl(3, SIOCGLIFNUM, 0x08047A84) = 0
close(3) = 0
open("/dev/udp", O_RDONLY) = 3
ioctl(3, SIOCGLIFNUM, 0x08047A84) = 0
close(3) = 0
brk(0x0809FE78) = 0
brk(0x080A1E78) = 0
open64("/var/run/name_service_door", O_RDONLY) = 3
fcntl(3, F_SETFD, 0x00000001) = 0
door_info(3, 0xC6E491F0) = 0
door_call(3, 0x080459F8) = 0
door_info(3, 0x080459C0) = 0
door_call(3, 0x080459F8) = 0
fstat64(2, 0x08046E20) = 0
pingwrite(2, " p i n g", 4) = 4
: unknownwrite(2, " : u n k n o w n", 9) = 9
host write(2, " h o s t ", 6) = 6
www.heise.dewrite(2, " w w w . h e i s e . d e", 12) = 12
write(2, "\n", 1) = 1
_exit(1)
bash-3.00#
While doing the "ping www.heise.de" I can not see any traffic between
the DomU
and the nameserver via snoop in the Dom0.
It this a known bug?
regards
Bernd
--
Bernd Schemmer, Frankfurt am Main, Germany
http://home.arcor.de/bnsmb/index.html
Más temprano que tarde el mundio cambiará
Fidel Castro
On Tue, Aug 01, 2006 at 11:49:07PM +0000, Bernd Schemmer wrote:> bash-3.00# ping www.heise.de > ping: unknown host www.heise.de> nslookup works also:This is odd, but it''s not obvious how it can be Xen related. What does getent hosts www.heise.de say? Do you get anything interesting in nscd.log if you enable it (/etc/nscd.conf)? Does restarting nscd help at all? regards john
Bernd Schemmer
2006-Aug-03 00:02 UTC
Re: DNS resolutions is not working in a Solaris 10 DomU
Bernd Schemmer wrote:
fyi: The problem also exists in a Solaris DomU created with minimal
necessary number of packages. The problem does not exist in a Linux DomU.
regards
Bernd
--
Bernd Schemmer, Frankfurt am Main, Germany
http://home.arcor.de/bnsmb/index.html
Más temprano que tarde el mundio cambiará
Fidel Castro
Chris Brookes
2006-Aug-03 18:10 UTC
re: DNS resolutions is not working in a Solaris 10 DomU
>Very strange - now it works. I did not change anything since yesterday >-only shutdown the Laptop and rebooted it today.I''ve seen this sort of thing occur when there''s been TCP checksum offloading problems...
Bernd Schemmer
2006-Aug-03 18:57 UTC
Re: DNS resolutions is not working in a Solaris 10 DomU
John Levon wrote: John,>getent hosts www.heise.de say? > >bash-3.00# getent hosts www.heise.de 193.99.144.85 www.heise.de bash-3.00# ping www.heise.de www.heise.de is alive Very strange - now it works. I did not change anything since yesterday -only shutdown the Laptop and rebooted it today. Thanks Bernd -- Bernd Schemmer, Frankfurt am Main, Germany http://home.arcor.de/bnsmb/index.html Más temprano que tarde el mundio cambiará Fidel Castro
I''m seeing the same thing in a new install of Solaris build-81 with Solaris dom0 and domU. Pointing a Solaris domU to a known good DNS server (works from dom0) fails to resolve anything. Network connectivity seems OK; I can ping the DNS server, but I get timeouts resolving hostnames. This message posted from opensolaris.org
Bernd Schemmer
2008-Feb-02 16:55 UTC
Re: DNS resolutions is not working in a Solaris 10 DomU
Chris wrote:> I''m seeing the same thing in a new install of Solaris build-81 with Solaris dom0 and domU. Pointing a Solaris domU to a known good DNS server (works from dom0) fails to resolve anything. Network connectivity seems OK; I can ping the DNS server, but I get timeouts resolving hostnames. > > > This message posted from opensolaris.org > _______________________________________________ > xen-discuss mailing list > xen-discuss@opensolaris.org > >Did you set the /etc/system entry to disable the TCP checksum (shouldn''t be necessary anymore but who knows)? I did not install snv81 yet but will install it in one of the next days (in Dom0 and DomU) regards Bernd -- Bernd Schemmer, Frankfurt am Main, Germany http://home.arcor.de/bnsmb/index.html M s temprano que tarde el mundo cambiar . Fidel Castro
TCP checksum was indeed causing the problem. Adding this line to /etc/system in the domU solves the problem: set xnf:xnf_cksum_offload = 0 Thanks! This message posted from opensolaris.org
Hi,>>TCP checksum was indeed causing the problem. Adding this line to /etc/system in the domU solves the problem:>>set xnf:xnf_cksum_offload = 0Good, but strange in a Solaris snv_81 DomU running in a Solaris snv_78 Dom0 the name resolution works without the /etc/system entry. bash-3.2# getent hosts www.heise.de 193.99.144.85 www.heise.de regards Bernd Chris wrote:> TCP checksum was indeed causing the problem. Adding this line to /etc/system in the domU solves the problem: > > set xnf:xnf_cksum_offload = 0 > > Thanks! > > > This message posted from opensolaris.org > _______________________________________________ > xen-discuss mailing list > xen-discuss@opensolaris.org > >-- Bernd Schemmer, Frankfurt am Main, Germany http://home.arcor.de/bnsmb/index.html M s temprano que tarde el mundo cambiar . Fidel Castro
> I''m seeing the same thing in a new install of Solaris > build-81 with Solaris dom0 and domU. Pointing a > Solaris domU to a known good DNS server (works from > dom0) fails to resolve anything.The DNS server is external to dom0, that is, we have to go over a wire to reach the DNS server? Or is the DNS server running on the dom0? What kind of NIC is used on the opensolaris build81 dom0?> Network > connectivity seems OK; I can ping the DNS server, but > I get timeouts resolving hostnames....> TCP checksum was indeed causing the problem. > Adding this line to /etc/system in the domU solves the problem: > > set xnf:xnf_cksum_offload = 0Would it be possible that you run a "tcpdump -v -s 0" on the DNS server or some router between dom0 and the DNS server, to verify that there really is an issue with the dom0/domU sending out packes with bad UDP or TCP checksums? This message posted from opensolaris.org