Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 6 Jun 2013 11:00:05 -0700
From:      Doug Hardie <>
To:        " List" <>
Subject:   Re: System Calls that do DNS
Message-ID:  <>
In-Reply-To: <>
References:  <> <> <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help

On 3 June 2013, at 22:21, Doug Hardie <> wrote:

> On 3 June 2013, at 20:39, staticsafe <> wrote:
>> On Mon, Jun 03, 2013 at 07:57:07PM -0700, Doug Hardie wrote:
>>> I have an unusual situation.  A program is doing a DNS lookup and =
often the IP address has no reverse DNS entries.  As a result the =
program hangs for several timeouts.  The call is not being made directly =
in its code, but is occurring in a system call.  There are no specific =
calls to DNS, its something else doing it.  I have been trying to track =
down which system call is doing it, but without success so far.  I have =
tried syslog calls around each of the system calls I thought might be =
the culprit, but my guessing is not very good.  How can I identify the =
system call that is calling DNS?  If I can find it, I hopefully can find =
another way to do whatever it does that does not involve a reverse DNS =
>> Use truss:
>> The truss utility traces the system calls called by the specified
>> process or program.
>> --=20
>> staticsafe
>> O< ascii ribbon campaign - stop html mail -
>> Please don't top post -
>> Don't CC me! I'm subscribed to whatever list I just posted on.
> Unfortunately truss does not show anything more than ktrace.  I know =
what is going out on the internet connection.  Its a plain old reverse =
DNS request.  The question is what library module (probably not a system =
call now that I think about it) is making that request.  Interestingly =
enough, adding the IP address with a dummy name in /etc/hosts causes the =
reverse request to succeed and there are no time delays.  So whatever =
module it is, is not using bind.  Bind doesn't check the hosts files as =
far as I can tell.
> _______________________________________________

After considering all the advice I received, the method I found that =
worked was to start the process and when it entered the reverse DNS =
timeout, quickly find the process ID and do a gdb on that process.  Then =
a where command showed the entire stack which included all the module =
calls.  I had to rebuild the process with debugging first.

The IPv6 API when getting the client information will also do a reverse =
DNS lookup unless you specifically tell it not to do so.  Changing that =
eliminated the lookup and the timeouts.

Thanks to all.

-- Doug=

Want to link to this message? Use this URL: <>