-
Notifications
You must be signed in to change notification settings - Fork 900
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Verify using IPv4 addresess when IPv6 isn't available logic for Armeria's DNS resolvers work #2463
Comments
|
Thanks for this. To add some background, the server is running on Google Cloud and the problems go away after adding |
Can we get the |
Oops, we don't have that condition here. https://github.com/line/armeria/blob/master/core/src/main/java/com/linecorp/armeria/client/endpoint/dns/DnsAddressEndpointGroup.java#L108 |
@danada What are the before and after versions of Armeria where you see the issue? |
Ah, So This is happened after upgrading Armeria, right? |
We went from 0.95.0 to 0.97.0. I will try to get |
Sorry for the delay, here's the output (don't mind the busybox aliases):
Network seems unreachable when pinging
|
The IPv6 starts with fe80 so it's link local and not a real address (similar to 169.blah on IPv4). Didn't look at the code yet but I suspect both our check in Netty and here are only checking if address is loopback, but not checking for link local / site local which aren't routable to the web Though in that case wouldn't affect the version to matter. Hrm |
Perhaps netty takes care of that but |
Also for reference, the client being referenced in that stack trace, |
@danada Is this always happening? or It differs every time the application started? (e.g It keeps throwing exceptions and it does not throw an exception at all after reboot so on.) |
It throws exceptions when trying to write spans to cloudtrace when processing a request. If no requests are processed no errors are thrown. The application has been restarted several times and produced the exception every time. |
Thanks for the information. 😉 |
Hopefully fixed via #2464. Please reopen if the problem shows up again. |
Motivation: Related line/armeria#2463 Here is an example that an NIC has only link local address for IPv6. ``` $ ipaddr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 3: eth0@if18692: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1460 qdisc noqueue link/ether 1a:5e:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff inet 10.xxx.xxx.xxx/24 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::xxxx:xxxx:xxxx:xxxx/64 scope link valid_lft forever preferred_lft forever ``` If the NICs have only local or link local addresses, We should not send IPv6 DNS queris. Modification: - Ignore link-local IPv6 addresses which may exist even on a machine without IPv6 network. Result: - `DnsNameResolver` does not send DNS queries for AAAA when IPv6 is not available.
Motivation: Related line/armeria#2463 Here is an example that an NIC has only link local address for IPv6. ``` $ ipaddr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 3: eth0@if18692: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1460 qdisc noqueue link/ether 1a:5e:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff inet 10.xxx.xxx.xxx/24 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::xxxx:xxxx:xxxx:xxxx/64 scope link valid_lft forever preferred_lft forever ``` If the NICs have only local or link local addresses, We should not send IPv6 DNS queris. Modification: - Ignore link-local IPv6 addresses which may exist even on a machine without IPv6 network. Result: - `DnsNameResolver` does not send DNS queries for AAAA when IPv6 is not available.
Motivation: Related line/armeria#2463 Here is an example that an NIC has only link local address for IPv6. ``` $ ipaddr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 3: eth0@if18692: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1460 qdisc noqueue link/ether 1a:5e:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff inet 10.xxx.xxx.xxx/24 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::xxxx:xxxx:xxxx:xxxx/64 scope link valid_lft forever preferred_lft forever ``` If the NICs have only local or link local addresses, We should not send IPv6 DNS queris. Modification: - Ignore link-local IPv6 addresses which may exist even on a machine without IPv6 network. Result: - `DnsNameResolver` does not send DNS queries for AAAA when IPv6 is not available.
…y#10170) Motivation: Related line/armeria#2463 Here is an example that an NIC has only link local address for IPv6. ``` $ ipaddr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 3: eth0@if18692: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1460 qdisc noqueue link/ether 1a:5e:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff inet 10.xxx.xxx.xxx/24 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::xxxx:xxxx:xxxx:xxxx/64 scope link valid_lft forever preferred_lft forever ``` If the NICs have only local or link local addresses, We should not send IPv6 DNS queris. Modification: - Ignore link-local IPv6 addresses which may exist even on a machine without IPv6 network. Result: - `DnsNameResolver` does not send DNS queries for AAAA when IPv6 is not available.
I had a report that after upgrading Armeria, requests started to fail with for example
com.linecorp.armeria.client.UnprocessedRequestException: io.netty.channel.AbstractChannel$AnnotatedNoRouteToHostException: null: cloudtrace.googleapis.com/2404:6800:4004:80a:0:0:0:200a:443, scheme=gproto+https, headers=[:method=UNKNOWN, :path=?, :scheme=https, :authority=?], content=DefaultRpcRequest{serviceType=GrpcLogUtil, method=google.devtools.cloudtrace.v2.TraceService/BatchWriteSpans
netty/netty#9048 was added to Netty to fix things like this but there may be a regression after Armeria forked the DNS resolver. Haven't investigated anything though.
/cc @danada
The text was updated successfully, but these errors were encountered: