Unexpected error occured while sending response in IPv6 environment
Summary
BIND logs the following error message frequently while sending response in IPv6 environment.
26-Sep-2019 13:47:47.217 socket.c:1739: unexpected error:
26-Sep-2019 13:47:47.217 internal_send: 2405:8a00:4001:17:cf69::ce#43084: Invalid argument
26-Sep-2019 13:47:47.217 client @0x7f03ac352da0 2405:8a00:4001:17:cf69::ce#43084 (7e60e9fc93458393e43e0c23985203bfd0d6627420289a8f9c863771.iith.ipv6.ernet.in): error sending response: invalid file
Output logged in the rndc shows that there were 704326 UDP/IPv6 send errors
++ Name Server Statistics ++
2520563 IPv6 requests received
2520563 responses sent
2520563 queries resulted in successful answer
2520563 queries resulted in authoritative answer
2520563 UDP queries received
++ Socket I/O Statistics ++
157 UDP/IPv4 sockets opened
97 UDP/IPv6 sockets opened
2 TCP/IPv4 sockets opened
38 TCP/IPv6 sockets opened
1 Raw sockets opened
102 UDP/IPv4 sockets closed
42 UDP/IPv6 sockets closed
137 TCP/IPv6 sockets closed
102 UDP/IPv4 socket connect failures
41 UDP/IPv6 connections established
35 TCP/IPv6 connections established
1 TCP/IPv4 connections accepted
102 TCP/IPv6 connections accepted
102 UDP/IPv4 send errors
704326 UDP/IPv6 send errors
46 TCP/IPv6 send errors
1 TCP/IPv6 recv errors
55 UDP/IPv4 sockets active
55 UDP/IPv6 sockets active
3 TCP/IPv4 sockets active
3 TCP/IPv6 sockets active
1 Raw sockets active
This issue is been raised previously in #589 (closed). However the fix didn't work for us.
BIND version used
BIND 9.14.6 (Stable Release) <id:efd3496>
running on Linux x86_64 4.15.0-64-generic #73~16.04.1-Ubuntu SMP Fri Sep 13 09:56:18 UTC 2019
built by make with '--with-libxml2'
compiled by GCC 5.4.0 20160609
compiled with OpenSSL version: OpenSSL 1.0.2g 1 Mar 2016
linked to OpenSSL version: OpenSSL 1.0.2g 1 Mar 2016
compiled with libxml2 version: 2.9.3
linked to libxml2 version: 20903
compiled with zlib version: 1.2.8
linked to zlib version: 1.2.8
threads support is enabled
default paths:
named configuration: /etc/named.conf
rndc configuration: /etc/rndc.conf
DNSSEC root key: /etc/bind.keys
nsupdate session key: /var/run/named/session.key
named PID file: /var/run/named/named.pid
named lock file: /var/run/named/named.lock
Steps to reproduce
-
We are sending AAAA queries from 3000 devices (each running on docker containers with unique global unicast IPv6 addresses) continuously to the authoritative name server.
-
Name server is configured in Ubuntu 16.04.