[Dnsmasq-discuss] excessive file descriptor usage after upgrading to 2.81
WU, CHRIS
cw1921 at att.com
Thu Oct 22 01:01:44 BST 2020
I have more information about what's happening. It seems that the large number of file descriptors doesn't change when you leave dnsmasq running. However, I realized that if I restarted dnsmasq that the number of file descriptors in use went back to normal (less than twenty).
I looked in /var/log/messages and I saw that there were an excessive number of these failures when dnsmasq initially started after boot. The date is Jan 1 because the clock hadn't been set yet at this point.
Jan 1 01:00:00 dnsmasq[1149]: failed to create listening socket for 127.0.0.1: Address already in use
Jan 1 01:00:00 dnsmasq[1149]: failed to create listening socket for 127.0.0.1: Address already in use
Jan 1 01:00:00 dnsmasq[1149]: failed to create listening socket for 127.0.0.1: Address already in use
Jan 1 01:00:00 dnsmasq[1149]: failed to create listening socket for 127.0.0.1: Address already in use
The message is printed by the "make_sock" function. I don't see where it changed significantly between 2.80 and 2.81.
When I looked up how many times this error appears I found that it is almost equal to the number of file descriptors dnsmasq has open.
# grep -i failed.to.create /var/log/messages* | wc -l
140
# lsof -P -n | grep dnsmasq | grep -i udp | wc -l
144
The "can't identify protocol" in my earlier message was because I was using a version of lsof that didn't support v6 sockets. After uprading to a newer version of lsof those messages went away.
From: WU, CHRIS
Sent: Thursday, October 15, 2020 7:48 PM
To: 'dnsmasq-discuss at lists.thekelleys.org.uk' <dnsmasq-discuss at lists.thekelleys.org.uk>
Subject: excessive file descriptor usage after upgrading to 2.81
Hello. We've been using Dnsmasq version 2.78 for quite a while but upgraded to 2.81 because of CVE-2019-14834. Upon inspecting the output of lsof we realized that Dnsmasq is using almost 200 file descriptors upon boot and after an hour later the number remains unchanged. Since I knew this did not happen with 2.78 I also tried Dnsmasq versions 2.79 and 2.80 and this does not happen. It looks like it started with 2.81 and also happens with 2.82. My operating environment is armv7l GNU/Linux.
Here's an example of (clipped) output of lsof:
version 2.81 (195 file descriptors open)
dnsmasq 1222 nobody 187u inet 2847 UDP 10.10.12.1:53
dnsmasq 1222 nobody 188u sock 0,7 2849 can't identify protocol
dnsmasq 1222 nobody 189u inet 2853 UDP 10.10.15.1:53
dnsmasq 1222 nobody 190u inet 2855 UDP 10.10.12.1:53
dnsmasq 1222 nobody 191u sock 0,7 2857 can't identify protocol
dnsmasq 1222 nobody 192u inet 2886 UDP 10.10.15.1:53
dnsmasq 1222 nobody 193u inet 2888 UDP 10.10.12.1:53
dnsmasq 1222 nobody 194u sock 0,7 2890 can't identify protocol
dnsmasq 1222 nobody 195u sock 0,7 2893 can't identify protocol
[root at U115 ~]# dnsmasq -v
Dnsmasq version 2.81 Copyright (c) 2000-2020 Simon Kelley
version 2.80
dnsmasq 4893 nobody 10r 0000 0,9 0 6 anon_inode
dnsmasq 4893 nobody 11r FIFO 0,8 6848 pipe
dnsmasq 4893 nobody 12w FIFO 0,8 6848 pipe
dnsmasq 4893 nobody 13u unix 0xf7791905 6850 socket
[root at U115 ~]# dnsmasq -v
Dnsmasq version 2.80 Copyright (c) 2000-2018 Simon Kelley
version 2.79
dnsmasq 466 nobody 7u inet 1760 TCP 127.0.0.1:53 (LISTEN)
dnsmasq 466 nobody 8u inet 1761 UDP 127.0.0.1:53
dnsmasq 466 nobody 9u inet 1762 TCP 127.0.0.1:53 (LISTEN)
dnsmasq 466 nobody 10r 0000 0,9 0 6 anon_inode
dnsmasq 466 nobody 11r FIFO 0,8 1763 pipe
dnsmasq 466 nobody 12w FIFO 0,8 1763 pipe
dnsmasq 466 nobody 13u unix 0xea856025 1765 socket
[root at U115 ~]# dnsmasq -v
Dnsmasq version 2.79 Copyright (c) 2000-2018 Simon Kelley
version 2.78
dnsmasq 430 nobody 10r 0000 0,9 0 6 anon_inode
dnsmasq 430 nobody 11r FIFO 0,8 460 pipe
dnsmasq 430 nobody 12w FIFO 0,8 460 pipe
dnsmasq 430 nobody 13u unix 0xcc699e5c 462 socket
[root at U115 ~]# dnsmasq -v
Dnsmasq version 2.78 Copyright (c) 2000-2017 Simon Kelley
.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20201022/1e2d2380/attachment.html>
More information about the Dnsmasq-discuss
mailing list