[Nagiosplug-devel] RFC: gethostbyname instead of getaddrinfo
Ton Voon
ton.voon at opsera.com
Wed Feb 11 00:00:50 CET 2009
On 10 Feb 2009, at 16:57, Holger Weiss wrote:
> You might be right that the difference is somehow related to
> getaddrinfo
> vs. gethostbyname (dunno), but at least on Linux systems which use the
> getaddrinfo implementation from glibc, getaddrinfo usually queries
> nscd
> (if it's running) just as gethostbyname does, so it shouldn't really
> make a difference with regard to caching.
Here's some debugging:
On a Debian Etch system. Running tcpdump -p -i eth4 host 192.168.24.2
and port domain. nscd not running.
/etc/resolv.conf has:
search localdomain
nameserver 192.168.24.2
$ ./check_tcp -H unknown.opsera.com -p 80
TCP CRITICAL - Invalid hostname, address or socket: unknown.opsera.com
06:02:06.731707 IP 192.168.24.134.4903 > 192.168.24.2.domain: 47794+
AAAA? unknown.opsera.com. (36)
06:02:06.770626 IP 192.168.24.2.domain > 192.168.24.134.4903: 47794
NXDomain* 0/1/0 (81)
06:02:06.771237 IP 192.168.24.134.4903 > 192.168.24.2.domain: 9183+
AAAA? unknown.opsera.com.localdomain. (48)
06:02:06.885944 IP 192.168.24.2.domain > 192.168.24.134.4903: 9183
NXDomain 0/1/0 (123)
06:02:06.887095 IP 192.168.24.134.4903 > 192.168.24.2.domain: 46148+
A? unknown.opsera.com. (36)
06:02:06.945637 IP 192.168.24.2.domain > 192.168.24.134.4903: 46148
NXDomain* 0/1/0 (81)
06:02:06.945884 IP 192.168.24.134.4903 > 192.168.24.2.domain: 20546+
A? unknown.opsera.com.localdomain. (48)
06:02:06.982439 IP 192.168.24.2.domain > 192.168.24.134.4903: 20546
NXDomain 0/1/0 (123)
(4 lookups)
$ ./check_tcp -H unknown.opsera.com. -p 80
TCP CRITICAL - Invalid hostname, address or socket: unknown.opsera.com.
06:03:40.511098 IP 192.168.24.134.4903 > 192.168.24.2.domain: 23215+
AAAA? unknown.opsera.com. (36)
06:03:40.540078 IP 192.168.24.2.domain > 192.168.24.134.4903: 23215
NXDomain* 0/1/0 (81)
06:03:40.540623 IP 192.168.24.134.4903 > 192.168.24.2.domain: 31011+
A? unknown.opsera.com. (36)
06:03:40.642049 IP 192.168.24.2.domain > 192.168.24.134.4903: 31011
NXDomain* 0/1/0 (81)
(2 lookups - use period to stop domain searching)
./check_tcp -4 -H unknown.opsera.com. -p 80
TCP CRITICAL - Invalid hostname, address or socket: unknown.opsera.com.
06:19:50.239827 IP 192.168.24.134.4903 > 192.168.24.2.domain: 15398+
A? unknown.opsera.com. (36)
06:19:50.268181 IP 192.168.24.2.domain > 192.168.24.134.4903: 15398
NXDomain* 0/1/0 (81)
06:19:50.268571 IP 192.168.24.134.4903 > 192.168.24.2.domain: 58971+
A? unknown.opsera.com. (36)
06:19:50.322355 IP 192.168.24.2.domain > 192.168.24.134.4903: 58971
NXDomain* 0/1/0 (81)
(2 lookups - would have expected only 1)
$ ./check_tcp -H www.opsera.com -p 80
TCP OK - 0.120 second response time on port 80|time=0.119810s;;;
0.000000;10.000000
06:02:59.952896 IP 192.168.24.134.4903 > 192.168.24.2.domain: 6846+
AAAA? www.opsera.com. (32)
06:02:59.992078 IP 192.168.24.2.domain > 192.168.24.134.4903: 6846*
1/1/0 CNAME[|domain]
06:02:59.992695 IP 192.168.24.134.4903 > 192.168.24.2.domain: 2265+
A? www.opsera.com. (32)
06:03:00.084890 IP 192.168.24.2.domain > 192.168.24.134.4903: 2265*
2/1/0 CNAME[|domain]
06:03:00.087557 IP 192.168.24.134.4903 > 192.168.24.2.domain: 61796+
AAAA? www.opsera.com. (32)
06:03:00.135503 IP 192.168.24.2.domain > 192.168.24.134.4903: 61796*
1/1/0 CNAME[|domain]
06:03:00.135780 IP 192.168.24.134.4903 > 192.168.24.2.domain: 55503+
A? www.opsera.com. (32)
06:03:00.168262 IP 192.168.24.2.domain > 192.168.24.134.4903: 55503*
2/1/0 CNAME[|domain]
(4 lookups - should only have 2)
$ ./check_tcp -4 -H www.opsera.com. -p 80
TCP OK - 0.175 second response time on port 80|time=0.175172s;;;
0.000000;10.000000
06:27:10.974406 IP 192.168.24.134.4903 > 192.168.24.2.domain: 3335+
A? www.opsera.com. (32)
06:27:11.051922 IP 192.168.24.2.domain > 192.168.24.134.4903: 3335*
2/1/0 CNAME[|domain]
06:27:11.053219 IP 192.168.24.134.4903 > 192.168.24.2.domain: 6049+
A? www.opsera.com. (32)
06:27:11.187309 IP 192.168.24.2.domain > 192.168.24.134.4903: 6049*
2/1/0 CNAME[|domain]
(2 lookups - should only need 1)
$ ./check_icmp -H unknown.opsera.com
check_icmp: Failed to resolve unknown.opsera.com
06:05:44.357165 IP 192.168.24.134.4903 > 192.168.24.2.domain: 51656+
A? unknown.opsera.com. (36)
06:05:44.520553 IP 192.168.24.2.domain > 192.168.24.134.4903: 51656
NXDomain* 0/1/0 (81)
06:05:44.521194 IP 192.168.24.134.4903 > 192.168.24.2.domain: 60828+
A? unknown.opsera.com.localdomain. (48)
06:05:44.560297 IP 192.168.24.2.domain > 192.168.24.134.4903: 60828
NXDomain 0/1/0 (123)
(2 lookups)
$ ./check_icmp -H unknown.opsera.com.
check_icmp: Failed to resolve unknown.opsera.com.
06:06:07.744863 IP 192.168.24.134.4903 > 192.168.24.2.domain: 52311+
A? unknown.opsera.com. (36)
06:06:07.788173 IP 192.168.24.2.domain > 192.168.24.134.4903: 52311
NXDomain* 0/1/0 (81)
(1 lookup - optimal)
$ ./check_icmp -H www.opsera.com
OK - www.opsera.com: rta 48.374ms, lost 0%|rta=48.374ms;
200.000;500.000;0; pl=0%;40;80;;
06:06:40.584761 IP 192.168.24.134.4903 > 192.168.24.2.domain: 32395+
A? www.opsera.com. (32)
06:06:40.622979 IP 192.168.24.2.domain > 192.168.24.134.4903: 32395*
2/1/0 CNAME[|domain]
(1 lookup - optimal)
$ dig +short -t AAAA -6 ipv6.whatismyv6.com
2001:4810::110
06:56:23.653750 IP 192.168.24.134.4911 > 192.168.24.2.domain: 51567+
AAAA? ipv6.whatismyv6.com. (37)
06:56:23.712492 IP 192.168.24.2.domain > 192.168.24.134.4911: 51567
1/13/12 AAAA[|domain]
(1 lookup)
With nscd running:
$ ./check_tcp -H unknown6.opsera.com -p 80
TCP CRITICAL - Invalid hostname, address or socket: unknown6.opsera.com
06:10:20.738078 IP 192.168.24.134.4903 > 192.168.24.2.domain: 41386+
AAAA? unknown6.opsera.com. (37)
06:10:20.809164 IP 192.168.24.2.domain > 192.168.24.134.4903: 41386
NXDomain* 0/1/0 (82)
06:10:20.811389 IP 192.168.24.134.4903 > 192.168.24.2.domain: 40461+
AAAA? unknown6.opsera.com.localdomain. (49)
06:10:20.904468 IP 192.168.24.2.domain > 192.168.24.134.4903: 40461
NXDomain 0/1/0 (124)
06:10:20.904986 IP 192.168.24.134.4903 > 192.168.24.2.domain: 32605+
A? unknown6.opsera.com. (37)
06:10:20.941123 IP 192.168.24.2.domain > 192.168.24.134.4903: 32605
NXDomain* 0/1/0 (82)
06:10:20.941607 IP 192.168.24.134.4903 > 192.168.24.2.domain: 27988+
A? unknown6.opsera.com.localdomain. (49)
06:10:21.006650 IP 192.168.24.2.domain > 192.168.24.134.4903: 27988
NXDomain 0/1/0 (124)
06:10:21.009329 IP 192.168.24.134.4903 > 192.168.24.2.domain: 34372+
AAAA? unknown6.opsera.com. (37)
06:10:21.048122 IP 192.168.24.2.domain > 192.168.24.134.4903: 34372
NXDomain* 0/1/0 (82)
06:10:21.048527 IP 192.168.24.134.4903 > 192.168.24.2.domain: 48561+
AAAA? unknown6.opsera.com.localdomain. (49)
06:10:21.149498 IP 192.168.24.2.domain > 192.168.24.134.4903: 48561
NXDomain 0/1/0 (124)
06:10:21.149745 IP 192.168.24.134.4903 > 192.168.24.2.domain: 28714+
A? unknown6.opsera.com. (37)
06:10:21.216563 IP 192.168.24.2.domain > 192.168.24.134.4903: 28714
NXDomain* 0/1/0 (82)
06:10:21.216858 IP 192.168.24.134.4903 > 192.168.24.2.domain: 963+ A?
unknown6.opsera.com.localdomain. (49)
06:10:21.303793 IP 192.168.24.2.domain > 192.168.24.134.4903: 963
NXDomain 0/1/0 (124)
(8 lookups. Sometimes 4. Should only have 2)
$ ./check_tcp -H unknown7.opsera.com. -p 80
TCP CRITICAL - Invalid hostname, address or socket: unknown7.opsera.com.
06:11:38.385293 IP 192.168.24.134.4903 > 192.168.24.2.domain: 20985+
AAAA? unknown7.opsera.com. (37)
06:11:38.447443 IP 192.168.24.2.domain > 192.168.24.134.4903: 20985
NXDomain* 0/1/0 (82)
06:11:38.447637 IP 192.168.24.134.4903 > 192.168.24.2.domain: 2305+
A? unknown7.opsera.com. (37)
06:11:38.517352 IP 192.168.24.2.domain > 192.168.24.134.4903: 2305
NXDomain* 0/1/0 (82)
06:11:38.522049 IP 192.168.24.134.4903 > 192.168.24.2.domain: 32239+
AAAA? unknown7.opsera.com. (37)
06:11:38.582623 IP 192.168.24.2.domain > 192.168.24.134.4903: 32239
NXDomain* 0/1/0 (82)
06:11:38.582904 IP 192.168.24.134.4903 > 192.168.24.2.domain: 45557+
A? unknown7.opsera.com. (37)
06:11:38.629169 IP 192.168.24.2.domain > 192.168.24.134.4903: 45557
NXDomain* 0/1/0 (82)
(4 lookups - should only have 2)
$ ./check_tcp -H www.opsera.com. -p 80
TCP OK - 0.032 second response time on port 80|time=0.032437s;;;
0.000000;10.000000
06:13:03.543908 IP 192.168.24.134.4903 > 192.168.24.2.domain: 53455+
AAAA? www.opsera.com. (32)
06:13:03.581654 IP 192.168.24.2.domain > 192.168.24.134.4903: 53455*
1/1/0 CNAME[|domain]
06:13:03.582241 IP 192.168.24.134.4903 > 192.168.24.2.domain: 19718+
A? www.opsera.com. (32)
06:13:03.617672 IP 192.168.24.2.domain > 192.168.24.134.4903: 19718*
2/1/0 CNAME[|domain]
(2 lookups)
$ ./check_tcp -H www.opsera.com. -p 80
TCP OK - 0.036 second response time on port 80|time=0.036289s;;;
0.000000;10.000000
No entries - used cache
$ ./check_icmp -H unknown11.opsera.com
check_icmp: Failed to resolve unknown11.opsera.com
06:13:50.621161 IP 192.168.24.134.4903 > 192.168.24.2.domain: 51168+
A? unknown11.opsera.com. (38)
06:13:50.952406 IP 192.168.24.2.domain > 192.168.24.134.4903: 51168
NXDomain* 0/1/0 (83)
06:13:50.952942 IP 192.168.24.134.4903 > 192.168.24.2.domain: 63433+
A? unknown11.opsera.com.localdomain. (50)
06:13:51.025156 IP 192.168.24.2.domain > 192.168.24.134.4903: 63433
NXDomain 0/1/0 (125)
(2 lookups - optimal)
$ ./check_icmp -H www.opsera.com
OK - www.opsera.com: rta 49.531ms, lost 0%|rta=49.531ms;
200.000;500.000;0; pl=0%;40;80;;
06:15:25.003246 IP 192.168.24.134.4903 > 192.168.24.2.domain: 30329+
A? www.opsera.com. (32)
06:15:25.040782 IP 192.168.24.2.domain > 192.168.24.134.4903: 30329*
2/1/0 CNAME[|domain]
(1 lookup - optimal. I guess it didn't use the earlier www.opsera.com
lookup because this is using gethostbyname() and thus different
parameters)
$ ./check_icmp -H www.opsera.com
OK - www.opsera.com: rta 39.112ms, lost 0%|rta=39.112ms;
200.000;500.000;0; pl=0%;40;80;;
No entries - used cache.
Conclusions:
- nscd caches both gethostbyname() and getaddinfo()
- use -4 if you want to avoid AAAA lookups (or compile without ipv6
support)
- reduce the number of lookups by using fully qualified domain
names with a period at the end
- use dig +short -t AAAA ipv6.whatismyv6.com to check IPv6 lookups
against a nameserver
- check_tcp does an additional lookup above check_icmp. I think
this is part of the is_host function
Given that IPv6 support is desireable, you've convinced me that
getaddrinfo() is the right call to use (NRPE and check_icmp do not
support IPv6).
So I think the only thing that needs to be done in the plugins code is
to reduce the use of is_host.
Ton
More information about the Devel
mailing list