| Summary: | ASTERISK-26113: res_pjsip: Lots of DNS lookups of local hostname | ||
| Reporter: | Ross Beer (rossbeer) | Labels: | |
| Date Opened: | 2016-06-13 11:36:50 | Date Closed: | 2016-12-28 10:29:59.000-0600 |
| Priority: | Minor | Regression? | |
| Status: | Closed/Complete | Components: | Resources/res_pjsip |
| Versions: | SVN | Frequency of Occurrence | Constant |
| Related Issues: | |||
| Environment: | CentOS 6.5 and Fedora 23. | Attachments: | ( 0) pjsip_inbound.conf ( 1) pjsip.conf |
| Description: | Asterisk is performing thousands of DNS lookups per minute.
The lookups are for its own host name for A and AAAA records. These are milliseconds apart and produce a DoS attack on the name servers. This can be confirmed by having incoming calls and performing a wireshark. | ||
| Comments: | By: Asterisk Team (asteriskteam) 2016-06-13 11:36:51.111-0500 Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution. A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report. Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process]. By: Joshua C. Colp (jcolp) 2016-06-13 11:56:07.902-0500 Can you provide the configuration in use and console output? [~gjoseph] attempted to reproduce this quickly in a similar scenario but was unable to. By: Joshua C. Colp (jcolp) 2016-06-13 12:16:35.733-0500 And an endpoint dump? By: Ross Beer (rossbeer) 2016-06-13 12:23:25.316-0500 From a different server running same build but with fixed endpoints defined. By: Ross Beer (rossbeer) 2016-06-13 15:54:24.768-0500 This is also happening in 13.7.2 By: Ross Beer (rossbeer) 2016-06-14 10:27:05.400-0500 To re-produce make sure that you do not have your hostname and IP in the /etc/hosts file. By: Marek Cervenka (cervajs) 2016-12-28 02:58:12.889-0600 it can be solved by ASTERISK-26280 can you verify it? By: Mark Michelson (mmichelson) 2016-12-28 10:25:11.250-0600 I agree with Marek. The linked issue was one where we found that RTCP packet generation/reception resulted in DNS lookups of the hostname if the host was not defined in {{/etc/hosts}} With that issue in mind, here are your list of options: * Place the hostname in {{/etc/hosts}} * Set {{bind_rtp_to_media_address=yes}} and then set a {{media_address}} for your endpoints. ({{bind_rtp_to_media_address}} was added in version 13.8.0) * Upgrade to 13.12.0 (or newer), where Asterisk only looks up the hostname once for each new RTP session, rather than on every RTCP send/receive. The first two suggestions will eliminate DNS lookups of the hostname entirely. The final option will significantly reduce the number of DNS lookups of the hostname, but will not eliminate them entirely. By: Ross Beer (rossbeer) 2016-12-28 10:29:59.341-0600 ASTERISK-26280 | ||