On Sun, 28 May 2023 10:50:20 +0000
Juan Orti
------- Original Message ------- El domingo, 28 de mayo de 2023 a las 12:12, Juan Orti
escribió: I don't understand why it's not working, as the service listens on the :: address. Maybe it's using a socket option that it's causing this? I need to investigate this further.
# netstat -putan Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 :::3003 :::* LISTEN 2/AdGuardHome tcp 0 0 :::54 :::* LISTEN 2/AdGuardHome udp 0 0 :::54 :::* 2/AdGuardHome
# cat /proc/net/udp6 sl local_address remote_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode ref pointer drops
4718: 00000000000000000000000000000000:0036 00000000000000000000000000000000:0000 07 00000000:00000000 00:00000000 00000000 0 0 38510801 2 0000000073476783 0
After stracing the AdGuardHome process, I can see that the UDP packet is indeed reaching the service but it's the reply that fails to be sent:
11 10:25:04.445902 recvmsg(25UDPv6:[38993134],
11 10:25:04.446238 <... recvmsg resumed>{msg_name={sa_family=AF_INET6, sin6_port=htons(33308), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "fddc:f797:78ef:10::b46", &sin6_addr), sin6_scope_id=0}, msg_namelen=112 => 28, msg_iov=[{iov_base="\246\245\1 \0\1\0\0\0\0\0\1\3www\6google\3com\0\0\1\0\1\0\0)\4\320\0\0\0\0\0\f\0\n\0\10\207a\315\224\245\253\v\37", iov_len=65535}], msg_iovlen=1, msg_control=[{cmsg_len=36, cmsg_level=SOL_IPV6, cmsg_type=0x32}], msg_controllen=40, msg_flags=0}, 0) = 55 <0.000059> 11 10:25:04.446371 futex(0xc000064548, FUTEX_WAKE_PRIVATE, 1 11 10:25:04.446415 <... futex resumed>) = 1 <0.000032> 11 10:25:04.446461 recvmsg(25UDPv6:[38993134], 11 10:25:04.446658 <... recvmsg resumed>{msg_namelen=112}, 0) = -1 EAGAIN (Resource temporarily unavailable) <0.000097> 11 10:25:04.447130 sendmsg(25UDPv6:[38993134], {msg_name={sa_family=AF_INET6, sin6_port=htons(33308), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "fddc:f797:78ef:10::b46", &sin6_addr), sin6_scope_id=0}, msg_namelen=28, msg_iov=[{iov_base="\246\245\201\200\0\1\0\1\0\0\0\0\3www\6google\3com\0\0\1\0\1\300\f\0\1\0\1\0\0\0\n\0\4\330\357&x", iov_len=48}], msg_iovlen=1, msg_control=[{cmsg_len=36, cmsg_level=SOL_IPV6, cmsg_type=0x32}], msg_controllen=40, msg_flags=0}, 0) = -1 EINVAL (Invalid argument) <0.000020> It's not clear to me what's wrong with the sendmsg syscall. Any ideas?
I guess that might come from the IPV6_PKTINFO ancillary data (cmsg_type 0x32) -- I'm not sure how and why it's used here as strace doesn't dump the CMSG_DATA content, but, having a look at ip6_datagram_send_ctl() (net/ipv6/datagram.c), EINVAL might come from: 1. a link-local address being passed along... I doubt that's the case 2. a non-local address (or one we can't bind to anyway) being used. To check if we're in this case, it would be helpful if you could share the addressing information from the container (ip -6 address show), and if you could try 'sysctl -w net.ipv6.ip_nonlocal_bind = 1', again from the container. -- Stefano