Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dns_query "E! Error in plugin" with IPv6. #3021

Closed
tomtastic opened this issue Jul 15, 2017 · 6 comments · Fixed by #3042
Closed

dns_query "E! Error in plugin" with IPv6. #3021

tomtastic opened this issue Jul 15, 2017 · 6 comments · Fixed by #3042
Milestone
1.4.0

Comments

@tomtastic
Copy link

Directions

dns_query plugin needs a way of forcing IPv4 usage only.

Bug report

Jul 15 15:06:40 nibbler telegraf[442]: 2017-07-15T14:06:40Z E! Error in plugin [inputs.dns_query]: read udp [fe80::208:9bff:fef9:648b%enp3s0]:38342->[fe80::d0ae:44ff:fed3:9c6e%enp3s0]:53: read: connection refused
Jul 15 15:06:50 nibbler telegraf[442]: 2017-07-15T14:06:50Z E! Error in plugin [inputs.dns_query]: read udp [fe80::208:9bff:fef9:648b%enp3s0]:40813->[fe80::d0ae:44ff:fed3:9c6e%enp3s0]:53: read: connection refused
Jul 15 15:07:00 nibbler telegraf[442]: 2017-07-15T14:07:00Z E! Error in plugin [inputs.dns_query]: read udp [fe80::208:9bff:fef9:648b%enp3s0]:44013->[fe80::d0ae:44ff:fed3:9c6e%enp3s0]:53: read: connection refused
...etc...

Relevant telegraf.conf:

dns_query plugin enabled :

[[inputs.dns_query]]
#   ## servers to query
    servers = ["127.0.0.53","gateway","indnsc30.bt.net","indnsc74.bt.net","indnsc76.bt.net","resolver1.opendns.com","resolver2.opendns.com","8.8.8.8","8.8.4.4"] # required
#
#   ## Domains or subdomains to query. "."(root) is default
   domains = ["."] # optional
#
#   ## Query record type. Default is "A"
#   ## Posible values: A, AAAA, CNAME, MX, NS, PTR, TXT, SOA, SPF, SRV.
#   record_type = "A" # optional
#
#   ## Dns server port. 53 is default
#   port = 53 # optional
#
#   ## Query timeout in seconds. Default is 2 seconds
   timeout = 3 # optional

System info:

Telegraf version from github as of today (15July2017).
Ubuntu 17.04

Steps to reproduce:

  1. Enable IPv6 and attempt to use dns_query with the configuration listed here.

Expected behavior:

IPv6 link local address not used for DNS query.

Actual behavior:

DNS query is performed to local 'gateway' (systemd uses this name to refer to the local configured gateway) using IPv4, and not using IPv6 link local addresses.

Additional info:

IPv6 enabled on interface :

enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.2.18  netmask 255.255.255.0  broadcast 192.168.2.255
        inet6 fe80::208:9bff:fef9:648b  prefixlen 64  scopeid 0x20<link>
        inet6 2002:5692:97cf:10:208:9bff:fef9:648b  prefixlen 64  scopeid 0x0<global>
        ether 00:08:9b:f9:64:8b  txqueuelen 1000  (Ethernet)

xxx

$ systemd-resolve gateway
gateway: 192.168.2.254%enp3s0
         fe80::d0ae:44ff:fed3:9c6e%2%enp3s0

-- Information acquired via protocol DNS in 2.3ms.
-- Data is authenticated: yes

$ping6 -I enp3s0 -c4 fe80::d0ae:44ff:fed3:9c6e
PING fe80::d0ae:44ff:fed3:9c6e(fe80::d0ae:44ff:fed3:9c6e) from fe80::208:9bff:fef9:648b%enp3s0 enp3s0: 56 data bytes
64 bytes from fe80::d0ae:44ff:fed3:9c6e%enp3s0: icmp_seq=1 ttl=64 time=0.369 ms
64 bytes from fe80::d0ae:44ff:fed3:9c6e%enp3s0: icmp_seq=2 ttl=64 time=0.330 ms
64 bytes from fe80::d0ae:44ff:fed3:9c6e%enp3s0: icmp_seq=3 ttl=64 time=0.335 ms
64 bytes from fe80::d0ae:44ff:fed3:9c6e%enp3s0: icmp_seq=4 ttl=64 time=0.335 ms

--- fe80::d0ae:44ff:fed3:9c6e ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3052ms
rtt min/avg/max/mdev = 0.330/0.342/0.369/0.020 ms
@danielnelson
Copy link
Contributor

Any idea why we are getting connection refused to the ipv6 address when its working via ping6?

I think you should be able to configure your system to prefer ipv4: https://serverfault.com/questions/93717/setting-ipv4-as-preferred-protocol-over-ipv6

@tomtastic
Copy link
Author

tomtastic commented Jul 17, 2017
edited
Loading

I guess an ICMP packet is allowed, but port 53 for DNS is closed for the IPv6 protocol.

As IPv6 enabled systems become more widespread, wouldnt an option within the plugin to choose a preferred transport be better than forcing users to globally prefer a legacy protocol?

@danielnelson
Copy link
Contributor

I agree it would be nice to be able to select it, but don't think github.com/miekg/dns currently supports it, can you open an issue with them?

@tomtastic
Copy link
Author

tomtastic commented Jul 19, 2017
edited
Loading

It looks as though https://github.com/miekg/exdns/blob/master/q/q.go it's already possible to choose IPv4 or IPv6 queries with the library you mentioned above :

	c := new(dns.Client)
	t := new(dns.Transfer)
	c.Net = "udp"
	if *four {
		c.Net = "udp4"
	}
	if *six {
		c.Net = "udp6"
	}
	if *tcp {
		c.Net = "tcp"
		if *four {
			c.Net = "tcp4"
		}
		if *six {
			c.Net = "tcp6"
		}
	}

@danielnelson
Copy link
Contributor

Thanks, lets add an option called network like so:

[[inputs.dns_query]]
  domains = ["mjasion.pl"]
  servers = ["8.8.8.8", "8.8.4.4"]
  record_type = "A"
  network = "udp4"

@danielnelson danielnelson added this to the 1.4.0 milestone Jul 19, 2017
@tomtastic
Copy link
Author

Lovely, thanks Daniel!

@danielnelson danielnelson mentioned this issue Jul 21, 2017
Merged
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.4.0
Development

Successfully merging a pull request may close this issue.

Add explicit network control option to dns_query influxdata/telegraf
2 participants
@tomtastic @danielnelson