Hi,
Why not just use existing HAVE_BROKEN_RTC?CLOCK_BOOTIME is linux-specific, non-portable, absent in older (but still running) kernels and logically is the same as CLOCK_MONOTONIC except counting suspended/sleep time. In turn using CLOCK_MONOTONIC is already there in times() form when HAVE_BROKEN_RTC is enabled.

Best Regards, Vladislav Grishenko

_____________________________
From: John Knight <***@belkin.com>
Sent: четверг, Пктября 13, 2016 11:00 ПП
Subject: Re: [Dnsmasq-discuss] Dnsmasq not resolving addresses for an hour
To: Albert ARIBAUD <***@free.fr>
Cc: <dnsmasq-***@lists.thekelleys.org.uk>


Hi Albert,

That sounds like a very good idea to use CLOCK_BOOTTIME. Good suggestion.

When I did a search for difftime in the source code... there are quite a few calls... each one is a potential issue with respect to time going backwards. I only see one instance that actually considers the case if time goes backwards and that is in dnsmasq.c where it does difftime(now, daemon->last_resolv) and compares the result to both > 1.0 and < -1.0. So in general, I am somewhat concerned about possible affects of changing time on dnsmasq. We have seen some issues in the past which we suspected were probably caused by changing the time, so your suggested change could potentially fix some other issues.

Thanks!

John




-----Original Message-----
From: Albert ARIBAUD [mailto:***@free.fr]
Sent: Thursday, October 13, 2016 2:16 AM
To: John Knight
Cc: dnsmasq-***@lists.thekelleys.org.uk
Subject: Re: [Dnsmasq-discuss] Dnsmasq not resolving addresses for an hour

Hi,

Just a generic comment: from what I can see, all absolute times in dnsmasq are returned bu dnsmasq_time() which calls either times() or time(). This, IIUC, corresponds to CLOCK_REALTIME in clock_gettime(), which is indeed affected when (re)setting the time.

Maybe a fix to time jump issues would be (in Linux at least) to replace
time() with clock_gettime(CLOCK_BOOTTIME,...) which seems to have been designed to get around discontinuities caused by settimeofday().

Note: maybe dates used for logging purposes should still use time() or
clock_gettime(CLOCK_REALTIME) in order to remain comparable to other logs in the same system -- or maybe not.

Sources: man times, man time, man clock_gettime.

HTH,

Amicalement,
Albert.

Le Wed, 12 Oct 2016 23:50:11 +0000
Amicalement,
--
Albert.

__________________________________________________________________ Confidential This e-mail and any files transmitted with it are the property of Belkin International, Inc. and/or its affiliates, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipients or otherwise have reason to believe that you have received this e-mail in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing or copying of this e-mail is strictly prohibited. Pour la version française: http://www.belkin.com/email-notice/French.html FÃŒr die deutsche Übersetzung: http://www.belkin.com/email-notice/German.html __________________________________________________________________

Hi Albert,

My comments inline.

John
Albert: Actually, if dnsmasq does not receive any request from clients, it does not need to poll servers, so I would ask: does the select() include descriptors for client requests (either UDP datagrams received, or TCP connections opened)? If so, I think it will exit just when necessary and no tiemout is needed; otherwise, you are right that a timeout is required.

Albert: Also, it may be improbable that select() does not return for a whole hour; but then, is every return from select() followed by a resolv file poll, or can select() return and then be entered again without polling the resolv files? I am thinking, for instance, about cached answers which do not need servers if their TTL is long enough.

John: I have made a simple change that provides a one second timeout for select. I have found that dnsmasq is much more responsive now to changes made to /etc/resolv.conf. With code that calls poll_resolv, it rate limits the calls to once every two seconds, which I believe is fine and responsive enough.

John: Given I am testing this in a lab situation and just me on the console and one idle PC connected to the router, there is little use of DNS. In my experience since the initial failure, I believe I did see poll_resolv polled in one case at an interval of about 20 minutes. I don’t think this poll interval should be driven by how active the users are and how much they use dns; just my personal feeling about that.

John: It should be noted that if I had been doing a tftp transfer, the code would set the select timeout for 250ms. I am not sure why the tftp transfer being active would warrant the much quicker timeout? Anyhow, what I did was an else statement... if tftp transfer, set timeout to 250ms else set timeout to 1 second.

John: I don't know dnsmasq well enough to answer your other questions about select and what all of the file descriptors are associated with. Perhaps someone more knowledgeable can chime in. My change was made in response to the situation where a "retry later" situation was pending, and not getting poll_resolv was not getting polled again in a reasonable time period to do the retry.

John: I believe on our router, dhcp entries have an hour TTL and we do use dnsmasq for dhcp. On an idle PC, would it have any reason to initiate a dnsmasq query? Occasionally if the browser is up and running, I do see the browser query the address of its update server, but I haven't generally speaking had my browser running on the PC while doing my dnsmasq testing. So it seems to me that the two possible sources to cause dnsmasq activity (ie. Browser and dhcp) may be idle for at least an hour... so this seems like a possibility that poll_resolv() may not be getting called in this scenario for a long time.
Albert: Can you compare when poll_resolv() is called wrt when the select() is exited -- and for what reason?

John: What I did to see relative times between select and calls to poll_resolv was to add calls to my_syslog() before the select and at the top of poll_resolv(). The timestamp in the dnsmasq logfile was used to see how much time between calls. I don't know what the reason for exiting select is... indeed, for what I was doing, I really didn't care... I just needed to know when poll_resolv() was getting called and how often.
Albert: I would personally investigate further on a gut feeling without changing the code behavior, because my changes might have unwanted effects which can actually hide the root cause I am looking for -- but to each his/her own.

John: My boss is on my case to getting this resolved asap. Based on my trying of the select timeout, this appears to have at least solved part of the problem... poll_resolv() not getting called back in a reasonable timeframe after a "retry later" issue. I need to keep moving forward; not sure I have the time for indepth investigation. I do know other code does set select timeout, so I do know this code path is not unprecedented, so risk should be low.
Albert: Not entirely sure what you mean with "Is there ever a case where we might not get any work on the files select is monitoring for nearly an hour"; I will assume you mean "Is there a normal case where dnsmasq would not poll for changes in resolv files for an hour". If so, then I would say it depends on how much traffic dnsmasq receives and how much of it can be answered from cache.

John: Your interpretation is correct. Thanks for the info and your help Albert. I am glad I have someone listening. When I am done, I will forward the diffs for the changes I have made to dnsmasq for your review.
Amicalement,

Hi Albert,

I have finished making my changes to dnsmasq 2.55 and I have a patch file. However, I am not sure how to submit it... do I send it to the discussion list?

Thanks,

John Knight


-----Original Message-----
From: John Knight
Sent: Wednesday, October 19, 2016 12:57 PM
To: 'Albert ARIBAUD'
Cc: dnsmasq-***@lists.thekelleys.org.uk
Subject: RE: [Dnsmasq-discuss] Dnsmasq not resolving addresses for an hour

Hi Albert,

My comments inline.

John
Albert: Actually, if dnsmasq does not receive any request from clients, it does not need to poll servers, so I would ask: does the select() include descriptors for client requests (either UDP datagrams received, or TCP connections opened)? If so, I think it will exit just when necessary and no tiemout is needed; otherwise, you are right that a timeout is required.

Albert: Also, it may be improbable that select() does not return for a whole hour; but then, is every return from select() followed by a resolv file poll, or can select() return and then be entered again without polling the resolv files? I am thinking, for instance, about cached answers which do not need servers if their TTL is long enough.

John: I have made a simple change that provides a one second timeout for select. I have found that dnsmasq is much more responsive now to changes made to /etc/resolv.conf. With code that calls poll_resolv, it rate limits the calls to once every two seconds, which I believe is fine and responsive enough.

John: Given I am testing this in a lab situation and just me on the console and one idle PC connected to the router, there is little use of DNS. In my experience since the initial failure, I believe I did see poll_resolv polled in one case at an interval of about 20 minutes. I don’t think this poll interval should be driven by how active the users are and how much they use dns; just my personal feeling about that.

John: It should be noted that if I had been doing a tftp transfer, the code would set the select timeout for 250ms. I am not sure why the tftp transfer being active would warrant the much quicker timeout? Anyhow, what I did was an else statement... if tftp transfer, set timeout to 250ms else set timeout to 1 second.

John: I don't know dnsmasq well enough to answer your other questions about select and what all of the file descriptors are associated with. Perhaps someone more knowledgeable can chime in. My change was made in response to the situation where a "retry later" situation was pending, and not getting poll_resolv was not getting polled again in a reasonable time period to do the retry.

John: I believe on our router, dhcp entries have an hour TTL and we do use dnsmasq for dhcp. On an idle PC, would it have any reason to initiate a dnsmasq query? Occasionally if the browser is up and running, I do see the browser query the address of its update server, but I haven't generally speaking had my browser running on the PC while doing my dnsmasq testing. So it seems to me that the two possible sources to cause dnsmasq activity (ie. Browser and dhcp) may be idle for at least an hour... so this seems like a possibility that poll_resolv() may not be getting called in this scenario for a long time.
Albert: Can you compare when poll_resolv() is called wrt when the select() is exited -- and for what reason?

John: What I did to see relative times between select and calls to poll_resolv was to add calls to my_syslog() before the select and at the top of poll_resolv(). The timestamp in the dnsmasq logfile was used to see how much time between calls. I don't know what the reason for exiting select is... indeed, for what I was doing, I really didn't care... I just needed to know when poll_resolv() was getting called and how often.
Albert: I would personally investigate further on a gut feeling without changing the code behavior, because my changes might have unwanted effects which can actually hide the root cause I am looking for -- but to each his/her own.

John: My boss is on my case to getting this resolved asap. Based on my trying of the select timeout, this appears to have at least solved part of the problem... poll_resolv() not getting called back in a reasonable timeframe after a "retry later" issue. I need to keep moving forward; not sure I have the time for indepth investigation. I do know other code does set select timeout, so I do know this code path is not unprecedented, so risk should be low.
Albert: Not entirely sure what you mean with "Is there ever a case where we might not get any work on the files select is monitoring for nearly an hour"; I will assume you mean "Is there a normal case where dnsmasq would not poll for changes in resolv files for an hour". If so, then I would say it depends on how much traffic dnsmasq receives and how much of it can be answered from cache.

John: Your interpretation is correct. Thanks for the info and your help Albert. I am glad I have someone listening. When I am done, I will forward the diffs for the changes I have made to dnsmasq for your review.
Amicalement,