Bug 12198

Summary: Local recusor after reboot
Product: IPFire Reporter: DJ-Melo <markus>
Component: ---Assignee: Arne.F <arne.fitzenreiter>
Status: CLOSED FIXED QA Contact:
Severity: Minor Usability    
Priority: Will affect an average number of users CC: bbitsch, michael.tremer, m.rosnau, n003, peter.mueller, stefan.schantl
Version: 2   
Hardware: unspecified   
OS: Unspecified   
Bug Depends on: 12239    
Bug Blocks: 12233    

Description DJ-Melo 2019-10-03 08:40:04 UTC 
If reboot the ipfire in Core 135/136 the wui shows local recusor by DNS.

See https://forum.ipfire.org/viewtopic.php?f=5&t=23397

Restart of unbound fix this until the next reboot of the machine.
Comment 1 Michael Tremer 2019-10-03 10:05:25 UTC 
I have absolutely no idea what you think the problem here should be.

The local recursor mode is not a degraded mode of operation. The configured name servers might not be suitable for use with IPFire.

Please attach log files of your dial-up process.
Comment 2 DJ-Melo 2019-10-03 14:02:47 UTC 
In my case Red is static behind a Fritz Box and Ipfire is an exposed host. Ipfire use the DNS-Server of Digital-Courage and LWL.
Comment 3 Michael Tremer 2019-10-03 15:25:44 UTC 
How long does it take until link comes up after the interface is being brought up?

Do you have any switches that use STP?
Comment 4 DJ-Melo 2019-10-03 17:00:22 UTC 
LWL mini appliance unmanaged tp-Link Switch behind the 2nd Nic for green before Core 135 the problem did not exist. In Forum other's say same.
Comment 5 Michael Tremer 2019-10-03 20:19:34 UTC 
(In reply to Markus from comment #4)
> LWL mini appliance unmanaged tp-Link Switch behind the 2nd Nic for green
> before Core 135 the problem did not exist.

Any answers to the questions?

> In Forum other's say same.

Another person has the same message shown. There is no indication that this is the same problem.
Comment 6 Alorotom 2019-10-03 21:53:04 UTC 
In my case IPFire RED static behind a Fritz!Box but not as exposed host. No Switch inbetween - plugged direct to a Port of the Fritz!Box. Not STP.
DNS 1 = FB, DNS 2 digitalcourage.

Problem is, Web-UI does not show the configured DNS Servers on "Startseite" anymore although they are set correct, working and showing under "Status" - "Netzwerk extern" - until /etc/init.d/unbound restart.

How can I messure the time from bringing the interface up to link being up?
Comment 7 DJ-Melo 2019-10-04 08:44:38 UTC 
which log is need to see the time?
Comment 8 Michael Tremer 2019-10-04 08:59:25 UTC 
(In reply to Markus from comment #7)
> which log is need to see the time?

I would need /var/log/messages which should show the dial-up process (or whatever that can be called when RED is static).

Did you ever try setting RED to DHCP? Does the problem persist then?
Comment 9 DJ-Melo 2019-10-04 09:42:59 UTC 
using dhcp for red the problem doesn't exist. Than the wui of Ipfire show's the ip of the Fritz Box on Mainpage by DNS
Comment 10 Martin Rosnau 2019-10-04 14:04:53 UTC 
Hello,

may I give an example configuration:

1. Internet
2.   # ISP Dhcp, settings changing
3. HW: router, from ISP rented
4.   # Adresse lokal static
5. HW: Firewall: IP-Fire
6.   (# other) Adresse lokal static
7. HW: PCs inside LAN 

Remark: IPFire uses not from ISP given DNS-settings, 
       but fom local Admin choosen DNS-Server.

Greetings  Martin
Comment 11 Alorotom 2019-10-05 08:25:08 UTC 
(In reply to Michael Tremer from comment #5)

Round about 4 sec.

Relevant part from /var/log/messages

Oct  5 09:53:20 RADONIO kernel: r8169 Gigabit Ethernet driver 2.3LK-NAPI loaded
Oct  5 09:53:20 RADONIO kernel: r8169 0000:03:00.0: can't disable ASPM; OS doesn't have ASPM control
Oct  5 09:53:20 RADONIO kernel: r8169 0000:03:00.0 eth0: RTL8168evl/8111evl at 0xffffa051c0045000, 00:13:3b:0f:62:fd, XID 0c900800 IRQ 89
Oct  5 09:53:20 RADONIO kernel: r8169 0000:03:00.0 eth0: jumbo features [frames: 9200 bytes, tx checksumming: ko]
Oct  5 09:53:20 RADONIO kernel: r8169 Gigabit Ethernet driver 2.3LK-NAPI loaded
Oct  5 09:53:20 RADONIO kernel: r8169 0000:05:00.0: can't disable ASPM; OS doesn't have ASPM control
Oct  5 09:53:20 RADONIO kernel: r8169 0000:05:00.0 eth1: RTL8168evl/8111evl at 0xffffa051c0065000, 00:13:3b:0f:62:fe, XID 0c900800 IRQ 90
Oct  5 09:53:20 RADONIO kernel: r8169 0000:05:00.0 eth1: jumbo features [frames: 9200 bytes, tx checksumming: ko]
Oct  5 09:53:20 RADONIO kernel: r8169 Gigabit Ethernet driver 2.3LK-NAPI loaded
Oct  5 09:53:20 RADONIO kernel: r8169 0000:08:00.0: can't disable ASPM; OS doesn't have ASPM control
Oct  5 09:53:20 RADONIO kernel: r8169 0000:08:00.0 eth2: RTL8168g/8111g at 0xffffa051c006d000, d0:50:99:a5:59:5b, XID 0c000800 IRQ 91
Oct  5 09:53:20 RADONIO kernel: r8169 0000:08:00.0 eth2: jumbo features [frames: 9200 bytes, tx checksumming: ko]
Oct  5 09:53:20 RADONIO kernel: iTCO_vendor_support: vendor-support=0
Oct  5 09:53:20 RADONIO kernel: iTCO_wdt: Intel TCO WatchDog Timer Driver v1.11
Oct  5 09:53:20 RADONIO kernel: iTCO_wdt: Found a Bay Trail SoC TCO device (Version=3, TCOBASE=0x0460)
Oct  5 09:53:20 RADONIO kernel: iTCO_wdt: initialized. heartbeat=30 sec (nowayout=1)
Oct  5 09:53:20 RADONIO kernel: <27>udevd[499]: ignoring invalid mode '@DEV_KVM_MODE@'
Oct  5 09:53:20 RADONIO kernel: (NULL device *): hwmon_device_register() is deprecated. Please convert the driver to use hwmon_device_register_with_info().
Oct  5 09:53:20 RADONIO kernel: (NULL device *): hwmon_device_register() is deprecated. Please convert the driver to use hwmon_device_register_with_info().
Oct  5 09:53:20 RADONIO kernel: intel_soc_dts_thermal: request_threaded_irq ret -22
Oct  5 09:53:20 RADONIO kernel: Adding 983544k swap on /dev/sda2.  Priority:1 extents:1 across:983544k SS
Oct  5 09:53:20 RADONIO kernel: EXT4-fs (sda3): re-mounted. Opts: (null)
Oct  5 09:53:20 RADONIO kernel: EXT4-fs (sda3): re-mounted. Opts: (null)
Oct  5 09:53:20 RADONIO kernel: EXT4-fs (sda1): mounted filesystem with ordered data mode. Opts: (null)
Oct  5 09:53:20 RADONIO kernel: EXT4-fs (sda4): mounted filesystem with ordered data mode. Opts: (null)
Oct  5 09:53:20 RADONIO kernel: compat_xtables: loading out-of-tree module taints kernel.
Oct  5 09:53:20 RADONIO kernel: r8169 0000:03:00.0 orange0: renamed from eth0
Oct  5 09:53:20 RADONIO kernel: r8169 0000:05:00.0 red0: renamed from eth1
Oct  5 09:53:20 RADONIO kernel: r8169 0000:08:00.0 green0: renamed from eth2
Oct  5 09:53:20 RADONIO kernel: random: crng init done
Oct  5 09:53:20 RADONIO kernel: random: 7 urandom warning(s) missed due to ratelimiting
Oct  5 09:53:20 RADONIO unbound: [2110:0] notice: init module 0: validator
Oct  5 09:53:20 RADONIO unbound: [2110:0] notice: init module 1: iterator
Oct  5 09:53:20 RADONIO unbound: [2110:0] info: start of service (unbound 1.9.2).
Oct  5 09:53:20 RADONIO acpid: starting up with netlink and the input layer
Oct  5 09:53:20 RADONIO acpid: 1 rule loaded
Oct  5 09:53:20 RADONIO acpid: waiting for events: event logging is off
Oct  5 09:53:21 RADONIO kernel: r8169 0000:08:00.0 green0: link down
Oct  5 09:53:21 RADONIO kernel: r8169 0000:08:00.0 green0: link down
Oct  5 09:53:21 RADONIO kernel: r8169 0000:03:00.0 orange0: link down
Oct  5 09:53:22 RADONIO kernel: r8169 0000:05:00.0 red0: link down
Oct  5 09:53:22 RADONIO kernel: r8169 0000:05:00.0 red0: link down
Oct  5 09:53:24 RADONIO kernel: r8169 0000:08:00.0 green0: link up
Oct  5 09:53:24 RADONIO kernel: r8169 0000:05:00.0 red0: link up
Oct  5 09:53:29 RADONIO suricata: This is Suricata version 4.1.4 RELEASE
Oct  5 09:53:29 RADONIO suricata: [ERRCODE: SC_WARN_NO_STATS_LOGGERS(261)] - stats are enabled but no loggers are active
Oct  5 09:53:29 RADONIO suricata: all 4 packet processing threads, 2 management threads initialized, engine started.
Oct  5 09:53:29 RADONIO suricata: rule reload starting
Comment 12 DJ-Melo 2019-10-08 10:36:43 UTC 
this should be the log part after reboot core 136 before restart unbound:

Oct  8 12:16:18 ipfire kernel: igb 0000:02:00.0: eth1: PBA No: FFFFFF-0FF
Oct  8 12:16:18 ipfire kernel: igb 0000:02:00.0: Using MSI-X interrupts. 2 rx queue(s), 2 tx queue(s)
Oct  8 12:16:18 ipfire kernel: pps pps2: new PPS source ptp2
Oct  8 12:16:18 ipfire kernel: igb 0000:03:00.0: added PHC on eth2
Oct  8 12:16:18 ipfire kernel: igb 0000:03:00.0: Intel(R) Gigabit Ethernet Network Connection
Oct  8 12:16:18 ipfire kernel: igb 0000:03:00.0: eth2: (PCIe:2.5Gb/s:Width x1) 00:0d:b9:51:49:3e
Oct  8 12:16:18 ipfire kernel: igb 0000:03:00.0: eth2: PBA No: FFFFFF-0FF
Oct  8 12:16:18 ipfire kernel: igb 0000:03:00.0: Using MSI-X interrupts. 2 rx queue(s), 2 tx queue(s)
Oct  8 12:16:18 ipfire kernel: pps pps3: new PPS source ptp3
Oct  8 12:16:18 ipfire kernel: igb 0000:04:00.0: added PHC on eth3
Oct  8 12:16:18 ipfire kernel: igb 0000:04:00.0: Intel(R) Gigabit Ethernet Network Connection
Oct  8 12:16:18 ipfire kernel: igb 0000:04:00.0: eth3: (PCIe:2.5Gb/s:Width x1) 00:0d:b9:51:49:3f
Oct  8 12:16:18 ipfire kernel: igb 0000:04:00.0: eth3: PBA No: FFFFFF-0FF
Oct  8 12:16:18 ipfire kernel: igb 0000:04:00.0: Using MSI-X interrupts. 2 rx queue(s), 2 tx queue(s)
Oct  8 12:16:18 ipfire kernel: igb 0000:02:00.0 green0: renamed from eth1
Oct  8 12:16:18 ipfire kernel: igb 0000:01:00.0 red0: renamed from eth0
Oct  8 12:16:18 ipfire kernel: Adding 1005012k swap on /dev/sda3.  Priority:1 extents:1 across:1005012k SS
Oct  8 12:16:18 ipfire kernel: EXT4-fs (sda4): re-mounted. Opts: (null)
Oct  8 12:16:18 ipfire kernel: EXT4-fs (sda4): re-mounted. Opts: (null)
Oct  8 12:16:18 ipfire kernel: EXT4-fs (sda1): mounted filesystem with ordered data mode. Opts: (null)
Oct  8 12:16:18 ipfire kernel: FAT-fs (sda2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
Oct  8 12:16:18 ipfire kernel: compat_xtables: loading out-of-tree module taints kernel.
Oct  8 12:16:18 ipfire kernel: random: crng init done
Oct  8 12:16:18 ipfire kernel: random: 1 urandom warning(s) missed due to ratelimiting
Oct  8 12:16:18 ipfire unbound: [13381:0] notice: init module 0: validator
Oct  8 12:16:18 ipfire unbound: [13381:0] notice: init module 1: iterator
Oct  8 12:16:18 ipfire unbound: [13381:0] info: start of service (unbound 1.9.3).
Oct  8 12:16:19 ipfire acpid: starting up with netlink and the input layer
Oct  8 12:16:19 ipfire acpid: 1 rule loaded
Oct  8 12:16:19 ipfire acpid: waiting for events: event logging is off
Oct  8 12:16:22 ipfire suricata: This is Suricata version 4.1.4 RELEASE

this should be after restart unbound:

Oct  8 12:23:27 ipfire unbound: [13381:0] info: service stopped (unbound 1.9.3).
Oct  8 12:23:27 ipfire unbound: [13381:0] info: server stats for thread 0: 54 queries, 1 answers from cache, 53 recursions, 0 prefetch, 0 rejected by ip ratelimiting
Oct  8 12:23:27 ipfire unbound: [13381:0] info: server stats for thread 0: requestlist max 38 avg 2.39623 exceeded 0 jostled 0
Oct  8 12:23:27 ipfire unbound: [13381:0] info: average recursion processing time 0.402934 sec
Oct  8 12:23:27 ipfire unbound: [13381:0] info: histogram of recursion processing times
Oct  8 12:23:27 ipfire unbound: [13381:0] info: [25%]=0.04096 median[50%]=0.167481 [75%]=0.458752
Oct  8 12:23:27 ipfire unbound: [13381:0] info: lower(secs) upper(secs) recursions
Oct  8 12:23:27 ipfire unbound: [13381:0] info:    0.000000    0.000001 2
Oct  8 12:23:27 ipfire unbound: [13381:0] info:    0.002048    0.004096 1
Oct  8 12:23:27 ipfire unbound: [13381:0] info:    0.004096    0.008192 1
Oct  8 12:23:27 ipfire unbound: [13381:0] info:    0.008192    0.016384 3
Oct  8 12:23:27 ipfire unbound: [13381:0] info:    0.016384    0.032768 5
Oct  8 12:23:27 ipfire unbound: [13381:0] info:    0.032768    0.065536 5
Oct  8 12:23:27 ipfire unbound: [13381:0] info:    0.065536    0.131072 7
Oct  8 12:23:27 ipfire unbound: [13381:0] info:    0.131072    0.262144 9
Oct  8 12:23:27 ipfire unbound: [13381:0] info:    0.262144    0.524288 9
Oct  8 12:23:27 ipfire unbound: [13381:0] info:    0.524288    1.000000 4
Oct  8 12:23:27 ipfire unbound: [13381:0] info:    1.000000    2.000000 7
Oct  8 12:23:27 ipfire unbound: [13381:0] info: server stats for thread 1: 64 queries, 1 answers from cache, 63 recursions, 0 prefetch, 0 rejected by ip ratelimiting
Oct  8 12:23:27 ipfire unbound: [13381:0] info: server stats for thread 1: requestlist max 26 avg 1.95238 exceeded 0 jostled 0
Oct  8 12:23:27 ipfire unbound: [13381:0] info: average recursion processing time 0.253180 sec
Oct  8 12:23:27 ipfire unbound: [13381:0] info: histogram of recursion processing times
Oct  8 12:23:27 ipfire unbound: [13381:0] info: [25%]=0.0160427 median[50%]=0.0923462 [75%]=0.2119
Oct  8 12:23:27 ipfire unbound: [13381:0] info: lower(secs) upper(secs) recursions
Oct  8 12:23:27 ipfire unbound: [13381:0] info:    0.000000    0.000001 9
Oct  8 12:23:27 ipfire unbound: [13381:0] info:    0.001024    0.002048 1
Oct  8 12:23:27 ipfire unbound: [13381:0] info:    0.008192    0.016384 6
Oct  8 12:23:27 ipfire unbound: [13381:0] info:    0.016384    0.032768 6
Oct  8 12:23:27 ipfire unbound: [13381:0] info:    0.032768    0.065536 5

after restart whui shows dns before after reboot wui shows local recusor.
Comment 13 Michael Tremer 2019-10-25 09:15:30 UTC 
I can confirm that this has been working in Core Update 134 and is not working since.

The commit that introduced the problem is:

  https://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=3ec3329dffe9e045c37b1b3d048947bb59cd6fa6

Circumventing the function check_red_has_carrier_and_ip fixed the problem, but systems will take a long time to boot up.
Comment 14 DJ-Melo 2019-12-11 12:54:40 UTC 
problem did not occur with core 139 testing
Comment 15 Peter Müller 2019-12-16 16:25:29 UTC 
I assume this is ON_QA by now...
Comment 16 Stefan Schantl 2020-01-14 14:18:07 UTC 
Fix shipped with IPFire Core 139.