From owner-freebsd-questions@FreeBSD.ORG Tue Jun 4 05:22:08 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 75F3A4D1 for ; Tue, 4 Jun 2013 05:22:08 +0000 (UTC) (envelope-from bc979@lafn.org) Received: from zoom.lafn.org (zoom.lafn.org [108.92.93.123]) by mx1.freebsd.org (Postfix) with ESMTP id 522F31BC3 for ; Tue, 4 Jun 2013 05:22:08 +0000 (UTC) Received: from mbook.westell.com ([50.123.213.115]) (authenticated bits=0) by zoom.lafn.org (8.14.3/8.14.2) with ESMTP id r545M4Tm055577 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Mon, 3 Jun 2013 22:22:06 -0700 (PDT) (envelope-from bc979@lafn.org) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 6.3 \(1503\)) Subject: Re: System Calls that do DNS From: Doug Hardie In-Reply-To: <20130604033930.GA10393@uriel.asininetech.com> Date: Mon, 3 Jun 2013 22:21:55 -0700 Content-Transfer-Encoding: quoted-printable Message-Id: References: <20130604033930.GA10393@uriel.asininetech.com> To: staticsafe X-Mailer: Apple Mail (2.1503) X-Virus-Scanned: clamav-milter 0.97 at zoom.lafn.org X-Virus-Status: Clean Cc: freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Jun 2013 05:22:08 -0000 On 3 June 2013, at 20:39, staticsafe wrote: > On Mon, Jun 03, 2013 at 07:57:07PM -0700, Doug Hardie wrote: >> I have an unusual situation. A program is doing a DNS lookup and = often the IP address has no reverse DNS entries. As a result the = program hangs for several timeouts. The call is not being made directly = in its code, but is occurring in a system call. There are no specific = calls to DNS, its something else doing it. I have been trying to track = down which system call is doing it, but without success so far. I have = tried syslog calls around each of the system calls I thought might be = the culprit, but my guessing is not very good. How can I identify the = system call that is calling DNS? If I can find it, I hopefully can find = another way to do whatever it does that does not involve a reverse DNS = lookup. >>=20 >>=20 >=20 > Use truss: > http://www.freebsd.org/cgi/man.cgi?query=3Dtruss >=20 > The truss utility traces the system calls called by the specified > process or program. > --=20 > staticsafe > O< ascii ribbon campaign - stop html mail - www.asciiribbon.org > Please don't top post - http://goo.gl/YrmAb > Don't CC me! I'm subscribed to whatever list I just posted on. >=20 Unfortunately truss does not show anything more than ktrace. I know = what is going out on the internet connection. Its a plain old reverse = DNS request. The question is what library module (probably not a system = call now that I think about it) is making that request. Interestingly = enough, adding the IP address with a dummy name in /etc/hosts causes the = reverse request to succeed and there are no time delays. So whatever = module it is, is not using bind. Bind doesn't check the hosts files as = far as I can tell.=