Unexpected error occured while sending response in IPv6 environment
BIND logs the following error message frequently while sending response in IPv6 environment.
26-Sep-2019 13:47:47.217 socket.c:1739: unexpected error: 26-Sep-2019 13:47:47.217 internal_send: 2405:8a00:4001:17:cf69::ce#43084: Invalid argument 26-Sep-2019 13:47:47.217 client @0x7f03ac352da0 2405:8a00:4001:17:cf69::ce#43084 (7e60e9fc93458393e43e0c23985203bfd0d6627420289a8f9c863771.iith.ipv6.ernet.in): error sending response: invalid file
Output logged in the rndc shows that there were 704326 UDP/IPv6 send errors
++ Name Server Statistics ++ 2520563 IPv6 requests received 2520563 responses sent 2520563 queries resulted in successful answer 2520563 queries resulted in authoritative answer 2520563 UDP queries received
++ Socket I/O Statistics ++ 157 UDP/IPv4 sockets opened 97 UDP/IPv6 sockets opened 2 TCP/IPv4 sockets opened 38 TCP/IPv6 sockets opened 1 Raw sockets opened 102 UDP/IPv4 sockets closed 42 UDP/IPv6 sockets closed 137 TCP/IPv6 sockets closed 102 UDP/IPv4 socket connect failures 41 UDP/IPv6 connections established 35 TCP/IPv6 connections established 1 TCP/IPv4 connections accepted 102 TCP/IPv6 connections accepted 102 UDP/IPv4 send errors 704326 UDP/IPv6 send errors 46 TCP/IPv6 send errors 1 TCP/IPv6 recv errors 55 UDP/IPv4 sockets active 55 UDP/IPv6 sockets active 3 TCP/IPv4 sockets active 3 TCP/IPv6 sockets active 1 Raw sockets active
This issue is been raised previously in #589 (closed). However the fix didn't work for us.
BIND version used
BIND 9.14.6 (Stable Release) <id:efd3496> running on Linux x86_64 4.15.0-64-generic #73~16.04.1-Ubuntu SMP Fri Sep 13 09:56:18 UTC 2019 built by make with '--with-libxml2' compiled by GCC 5.4.0 20160609 compiled with OpenSSL version: OpenSSL 1.0.2g 1 Mar 2016 linked to OpenSSL version: OpenSSL 1.0.2g 1 Mar 2016 compiled with libxml2 version: 2.9.3 linked to libxml2 version: 20903 compiled with zlib version: 1.2.8 linked to zlib version: 1.2.8 threads support is enabled default paths: named configuration: /etc/named.conf rndc configuration: /etc/rndc.conf DNSSEC root key: /etc/bind.keys nsupdate session key: /var/run/named/session.key named PID file: /var/run/named/named.pid named lock file: /var/run/named/named.lock
Steps to reproduce
We are sending AAAA queries from 3000 devices (each running on docker containers with unique global unicast IPv6 addresses) continuously to the authoritative name server.
Name server is configured in Ubuntu 16.04.