Well, I think at least part of the reason that it keeps trying to look things
up is because you keep not answering. I think if you answered, it'd stop
asking so much. So... hopefully the answer is yes.
-- Murphy
On Aug 26, 2011, at 6:08 AM, IBRAHIM MENEM wrote:
> Hi Murphy,
>
> firstly,Thanks for your great help :D
> Actually, I'm now hard codding the addresses and for the moment I'll
> use a file to make nox my dns server. I'll try to solve the reverse
> lookups problem as you suggested, however ping is not what i want to do,
> so if connectivity is achieved "ping -n" will work for me :)
> Does this "the reverse lookups" solve the problem of dns cache?
>
> Many thanks,
> Ibrahim
>
>
> Con fecha 26/8/2011, "Murphy McCauley" <jam...@nau.edu> escribió:
>
>> How does your DNS component in NOX work? Does it just query some other
>> server? Or have you entered your own list of addresses?
>>
>> I think what you are seeing is because ping *does* try to resolve a name for
>> every ping. Specifically, I think something like the following is
>> happening: ping does a reverse lookup on the IP of every returned ping so
>> that it can print out the hostname. In your case, these are failing and
>> apparently timing out, hence the long initial delay. Since there's no
>> response, it keeps trying to look them up, which never works.
>>
>> Why there's no response could be due to a couple of things. If you're
>> sending the requests to another server, it's certainly not going to know the
>> answers, since the addresses from mininet are in the private class A. If
>> you've hardcoded a list of name->address mappings, the problem is that
>> you're not handling reverse (address->name) lookups and are maybe not
>> returning an error instead.
>>
>> Reverse lookups for IPv4 look like normal name lookups, but the name is
>> "<backwards-dotted-quad>.in-addr.arpa." So 10.0.0.1 is
>> 1.0.0.10.in-addr.arpa. If you know the address, send back the hostname. I
>> think one thing I have done in the past to get around a similar problem is
>> just to always return the dotted quad (back in its normal arrangement) as if
>> it were the hostname.
>>
>> -- Murphy
>>
>> On Aug 26, 2011, at 5:13 AM, ibrahim mun wrote:
>>
>>> Sorry!! I didn't see the -n :o
>>> yes, with ping -n it works perfectly, the only problem is the DNS request
>>> for every ping.
>>>
>>> Ibrahim,
>>>
>>> From: ibrahim.me...@alumnos.upm.es
>>> To: jam...@nau.edu
>>> CC: nox-dev@noxrepo.org
>>> Subject: RE: [nox-dev] Adding DNS functionality to nox
>>> Date: Fri, 26 Aug 2011 14:02:39 +0200
>>>
>>> It takes about 45 sec to respond, and it sends dns request for every ping!
>>> however, nslookup responds in 0 sec. Also, no more unknown host messages.
>>>
>>> Ibrahim,
>>>
>>> Subject: Re: [nox-dev] Adding DNS functionality to nox
>>> From: jam...@nau.edu
>>> Date: Fri, 26 Aug 2011 04:24:53 -0700
>>> CC: nox-dev@noxrepo.org
>>> To: ibrahim.me...@alumnos.upm.es
>>>
>>> What's the behavior with "ping -n <host>" ?
>>>
>>> -- Murphy
>>>
>>> On Aug 26, 2011, at 4:05 AM, ibrahim mun wrote:
>>>
>>> Hi Murphy, Christian, All,
>>>
>>> The problem is partially solved. I've added the following code to
>>> pyswitchpacket_in_callback
>>>
>>> # drop packets to dns 10.0.0.2
>>> iph=packet.find("ipv4")
>>> udph=packet.find("udp")
>>> if iph!= None and udph!= None:
>>> if iph.dstip==ipstr_to_int("10.0.0.2") and udph.dstport==53:
>>> return CONTINUE
>>>
>>> Now I can always ping but:
>>> 1. I have dns request for every ping (not cached?).
>>> 2. It takes a lot of time to respond to ping, while as you suggested,
>>> nslookup responds immediately. it seems something should be timed out
>>> before ping responds.
>>>
>>> This is the traffic on "h3-eth0" for one " ping pc4"
>>> http://codepad.org/DBZg46yB
>>> And this is the expanded DNS reply packet as show in wireshark:
>>> http://codepad.org/NEkkGH06
>>>
>>> Thank you,
>>> Ibrahim
>>>
>>> Subject: Re: [nox-dev] Adding DNS functionality to nox
>>> From: jam...@nau.edu
>>> Date: Thu, 25 Aug 2011 13:34:58 -0700
>>> CC: chest...@dca.fee.unicamp.br; nox-dev@noxrepo.org
>>> To: ibrahim.me...@alumnos.upm.es
>>>
>>> What is generating these ICMP messages? You should be able to stop them by
>>> dropping the packets you're intercepting. It strikes me as totally
>>> possible that they are causing the problem.
>>>
>>> Also, I might try testing using nslookup or dig instead of ping.
>>>
>>> -- Murphy
>>>
>>> On Aug 25, 2011, at 9:55 AM, ibrahim mun wrote:
>>>
>>> Hi Christian,
>>>
>>> Wireshark shows standard dns replays, and that's why ping works sometimes.
>>> The only irregularity I see are icmp "port unreachable" packets, generated
>>> because nothing is listening on 10.0.0.2:53. but I think it's not the
>>> problem!
>>>
>>> Thanks for you help.
>>>
>>> Ibrahim
>>>
>>> From: chest...@dca.fee.unicamp.br
>>> Date: Thu, 25 Aug 2011 10:13:38 -0300
>>> Subject: Re: [nox-dev] Adding DNS functionality to nox
>>> To: ibrahim.me...@alumnos.upm.es
>>>
>>> Hi Ibrahim,
>>>
>>> I would try to trace back where the problem might be.
>>>
>>> As you pointed, this could be due to:
>>> - nox and my reply packet,
>>> - mininet,
>>> - linux caches dns.
>>> - ?
>>>
>>> For the first possibility, have you tried to capture the DNS traffic with
>>> wireshark to see if they are correctly decoded?
>>>
>>> -Christian
>>>
>>> On Thu, Aug 25, 2011 at 07:22, ibrahim mun <ibrahim.me...@alumnos.upm.es>
>>> wrote:
>>> Hi again,
>>>
>>> One last question in this thread :) , about weird dns functionality:
>>>
>>> In mininet I have a single switch (s1), 4 hosts (h2,h3,h4,h5) (10.0.0.2 ->
>>> 10.0.0.5)
>>> resolve.conf points to 10.0.0.2 as dns server, but actually nox catchs dns
>>> requests matching with dst port 53, builds the response packet and sends it
>>> to the asker with src ip 10.0.0.2.
>>>
>>> first, I restart /etc/init.d/nscd, then
>>> xterm h3
>>> h3>> ping -c2 pc4
>>> it works correctly for one time
>>> ====================================
>>> = PING pc4 (10.0.0.4) 56(84) bytes of data.
>>> = 64 bytes from 10.0.0.4: icmp_seq=1 ttl=64 time=19.9 ms
>>> = 64 bytes from 10.0.0.4: icmp_seq=2 ttl=64 time=3.39 ms
>>> =
>>> = --- pc4 ping statistics ---
>>> = 2 packets transmitted, 2 received, 0% packet loss, time 1007ms
>>> = rtt min/avg/max/mdev = 3.391/11.660/19.929/8.269 ms
>>> ====================================
>>>
>>> then, for 3 to 5 times, it gives
>>> ====================================
>>> = ping: unknow host pc4
>>> ====================================
>>>
>>> Then it works again for one time.
>>>
>>> Observations:
>>> 1.. host sends dns request at every ping, even those with unknow host
>>> 2. I changed TTL in the dns reply (the time to be cached) and it has no
>>> effect.
>>>
>>> I don't know where is the problem (nox and my reply packet, mininet, how
>>> linux caches dns)..
>>>
>>> Thanks,
>>>
>>> Ibrahim
>>>
>>> From: ibrahim.me...@alumnos.upm.es
>>> To: jam...@nau.edu
>>> CC: nox-dev@noxrepo.org
>>> Subject: RE: [nox-dev] Adding DNS functionality to nox
>>> Date: Fri, 19 Aug 2011 15:17:58 +0200
>>>
>>>
>>> Hi murphy,
>>>
>>> Thank you very much, I stupidly thought that 0 is a special value which
>>> means *full packet* instead of *zero bytes*, I've Added flows for both src
>>> and dst ports with higher priorty than pyswitch rules and finally it
>>> responses :D
>>> thank you again!
>>>
>>> Ibrahim
>>>
>>> _______________________________________________
>>> nox-dev mailing list
>>> nox-dev@noxrepo.org
>>> http://noxrepo.org/mailman/listinfo/nox-dev
>>>
>>>
>>>
>>>
>>> --
>>> Christian
>>> _______________________________________________
>>> nox-dev mailing list
>>> nox-dev@noxrepo.org
>>> http://noxrepo.org/mailman/listinfo/nox-dev
>>>
>>>
>>>
>>>
>>
_______________________________________________
nox-dev mailing list
nox-dev@noxrepo.org
http://noxrepo.org/mailman/listinfo/nox-dev
