Project

General

Profile

Actions
Copy link

Bug #13889

closed

Dynamic DNS update stay locked somewhere

Added by Yann Papouin over 2 years ago. Updated over 2 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
Dynamic DNS
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Default
Affected Version:
2.6.0
Affected Architecture:
amd64

Description

Dynamic DNS are configured like this:

Interface   Service         Hostname             Cached IP          Description                      Monitored Interface
WAN_1       DNS-O-Matic     ns1.mydomain.com     80.41.32.14        ns1.mydomain.com@WAN_1          WAN_1
WAN_2       DNS-O-Matic     ns2.mydomain.com     90.21.111.73       ns2.mydomain.com@WAN_2          WAN_2
WAN_FO      DNS-O-Matic     nsx.mydomain.com     80.41.32.14        nsx.mydomain.com@WAN_ALL        GW Group WAN_FO

My WAN_FO gateway group is made like this:

Gateway Priority
                    WAN_1_GW    Tier 1
                    WAN_2_GW    Tier 2
Trigger Level
                    Member Down

I've added some logs log_error("###... in the dyndns.class (attached to this report, 3 lines added) to try to understand why dynamic DNS were updating only once my nsx.mydomain.com
Please ignore ipsec_check.sh, it is a simple script to check my IPsec status.
I've an IPSEC configured to work in failover mode over WAN_FO.

To test my WAN failover settings, I manually unplug the incoming fiber.
If you take a look on the log attached, you will see:

  • WAN_1_GW is down.
  • DynDNS try to update WAN_1 but fails to get a new IP (normal) and complete the updating process.
  • DynDNS try to update WAN_FO with success BUT never complete the process, the DDNS2 is never unlocked.
  • WAN_1_GW is up.
  • DynDNS try to update WAN_1 with success and complete the updating process.
  • DynDNS try to update WAN_FO but nothing is done since the DDNS2 is still locked.
  • Restarting php-fpm using option 16
  • Calling /etc/rc.dyndns.update to force dynamic DNS update

I know that the locking system is a security added to avoid concurrent DNS update.
I don't know how to do step-by-step debugging with pfSense PHP code but I can just say that the updatedns class constructor never reach unlock($dyndnslck); for the Gateway Group related dynamic DNS.
Since we never exit the updatedns class constructor, does that mean that a PHP thread is in a deadlock state or is there an non catched exception somewhere ?

Files

Download all files
system-ano.log (25.3 KB) system-ano.log Yann Papouin, 01/19/2023 09:18 AM
dyndns.class (127 KB) dyndns.class Yann Papouin, 01/19/2023 09:19 AM
Actions
Copy link
 #1

Updated by Jim Pingle over 2 years ago

  • Status changed from New to Rejected

You appear to be testing this on a non-dev version, and the Dynamic DNS code has had quite a few bugs fixed since the last release(s). Please re-run your tests on a development snapshot and start a forum thread to discuss the problem.

If a problem can be identified after discussion and diagnosing the issue on the forum, then you can reopen a new issue with more complete details.

Actions
Copy link

Also available in: Atom PDF