Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DoH issues when running inside Docker, works fine from a native build (Ubuntu 20.04 LTS) #92

Open
TerryOtt opened this issue May 25, 2022 · 12 comments
Open

DoH issues when running inside Docker, works fine from a native build (Ubuntu 20.04 LTS) #92

TerryOtt opened this issue May 25, 2022 · 12 comments

Comments

@TerryOtt
Copy link

Get the following when I run Flamethrower from inside Docker on Ubuntu 20.04 LTS:

$ docker run -it --network=host ns1labs/flame -c 1 -d 250 -q 1 -l 3 -r www.example.com -T AAAA -P doh -M POST 1.1.1.1/dns-query
binding to 0.0.0.0
flaming target(s) [1.1.1.1] on port 443 with 1 concurrent generators, each sending 1 queries every 250ms on protocol doh
query generator [static] contains 1 record(s)
0.998839s: send: 1, avg send: 1, recv: 1, avg recv: 1, min/avg/max resp: 0/0/0ms, in flight: 1, timeouts: 0
1.9991s: send: 0, avg send: 1, recv: 0, avg recv: 1, min/avg/max resp: 0/-nan/0ms, in flight: 1, timeouts: 0
2.99925s: send: 0, avg send: 1, recv: 0, avg recv: 1, min/avg/max resp: 0/-nan/0ms, in flight: 1, timeouts: 0
stopping, waiting up to 3s for in flight to finish...

------
run id      : 7fff46e52030
run start   : 2022-05-25T19:28:55Z
runtime     : 5.99976 s
total sent  : 1
total rcvd  : 1
min resp    : 0 ms
avg resp    : -nan ms
max resp    : 0 ms
avg r qps   : 1
avg s qps   : 1
avg pkt     : 44 bytes
tcp conn.   : 1
timeouts    : 1 (100%)
bad recv    : 0
net errors  : 0

$

When I build a brand new Ubuntu 20.04 LTS VM and install with:

$ sudo apt-get -y install g++ cmake libuv1-dev libldns-dev libgnutls28-dev libnghttp2-dev
$ git clone https://github.com/DNS-OARC/flamethrower.git
$ cd flamethrower
$ git checkout v0.11.0
$ mkdir build
$ cd build
$ cmake -DDOH_ENABLE=ON -DCMAKE_BUILD_TYPE=RelWithDebInfo ..
$ make

Suddenly, the same command works:

$ ./flame -c 1 -d 250 -q 1 -l 3 -r www.example.com -T AAAA -P doh -M POST 1.1.1.1/dns-query
binding to 0.0.0.0
flaming target(s) [1.1.1.1] on port 443 with 1 concurrent generators, each sending 1 queries every 250ms on protocol doh
query generator [static] contains 1 record(s)
0.989642s: send: 4, avg send: 4, recv: 4, avg recv: 4, min/avg/max resp: 3.42364/5.12165/9.67314ms, in flight: 1, timeouts: 0
1.99028s: send: 4, avg send: 4, recv: 4, avg recv: 4, min/avg/max resp: 2.46321/3.11916/3.69559ms, in flight: 1, timeouts: 0
2.99026s: send: 4, avg send: 4, recv: 4, avg recv: 4, min/avg/max resp: 6.76499/14.2015/29.0805ms, in flight: 1, timeouts: 0

------
run id      : 7ffd0b5ec660
run start   : 2022-05-25T19:04:52Z
runtime     : 2.99232 s
total sent  : 12
total rcvd  : 12
min resp    : 2.46321 ms
avg resp    : 7.48076 ms
max resp    : 29.0805 ms
avg r qps   : 4
avg s qps   : 4
avg pkt     : 44 bytes
tcp conn.   : 12
timeouts    : 0 (0%)
bad recv    : 0
net errors  : 0
responses   :
  NOERROR: 12

$
@weyrick
Copy link
Contributor

weyrick commented Jun 24, 2022

Hi @TerryOtt can you please try again with docker tag 0.12.0-master?

@zephyia
Copy link

zephyia commented May 18, 2023

I am seeing the same issue, however if I use the tag suggested in the comment above it still doesnt work - did you ever identify the source of this issue?

@yagikota
Copy link

@zephyia cc.@weyrick

I'm in the same situation.
Have you solved this issue since then? If so, , I'd like to know the solution.

@zephyia
Copy link

zephyia commented Oct 3, 2023 via email

@yagikota
Copy link

yagikota commented Oct 3, 2023

I gave up to use docker...
I manually installed dependancies and built, then worked on Ubuntu.

@yagikota
Copy link

yagikota commented Oct 3, 2023
edited

I don't know why but after removing -DCMAKE_BUILD_TYPE=RelWithDebInfo from Dockerfile, I could build and send query using DoH.

FROM debian:bullseye-slim AS build

ENV BUILD_DEPS "g++ cmake make libldns-dev libnghttp2-dev libuv1-dev libgnutls28-dev pkgconf"
ENV DEBIAN_FRONTEND=noninteractive

RUN \
    apt-get update && \
    apt-get install --yes --no-install-recommends ${BUILD_DEPS}

COPY . /src

RUN \
    mkdir /tmp/build && \
    cd /tmp/build && \
-     cmake -DDOH_ENABLE=ON -DCMAKE_BUILD_TYPE=RelWithDebInfo /src && \
+     cmake -DDOH_ENABLE=ON  /src && \
    make all

FROM debian:bullseye-slim AS runtime

ENV RUNTIME_DEPS "libldns3 libuv1 nghttp2"

RUN \
    apt-get update && \
    apt-get install --yes --no-install-recommends ${RUNTIME_DEPS} && \
    rm -rf /var/lib/apt

COPY --from=build /tmp/build/flame /usr/local/bin/flame

ENTRYPOINT [ "/usr/local/bin/flame" ]

execute this command on M1 Mac.

docker run -it --network=host ns1labs/flame -c 1 -d 250 -q 1 -l 3 -r www.example.com -T AAAA -P doh -M POST 1.1.1.1/dns-query
binding traffic generators to 0.0.0.0
flaming target(s) [1.1.1.1] on port 443 with 1 concurrent generators, each sending 1 queries every 250ms on protocol doh
query generator [static] contains 1 record(s)
0.996346s: send: 3, avg send: 3, recv: 3, avg recv: 3, min/avg/max resp: 18.197/73.0057/177.524ms, in flight: 1, timeouts: 0
1.99703s: send: 2, avg send: 2, recv: 1, avg recv: 2, min/avg/max resp: 28.3297/28.3297/28.3297ms, in flight: 1, timeouts: 0
2.9964s: send: 0, avg send: 2, recv: 0, avg recv: 2, min/avg/max resp: 0/nan/0ms, in flight: 1, timeouts: 0
stopping, waiting up to 3s for in flight to finish...

------
run id      : ffffdd553ae8
run start   : 2023-10-03T11:39:17Z
runtime     : 5.9967 s
total sent  : 5
total rcvd  : 4
min resp    : 18.197 ms
avg resp    : nan ms
max resp    : 177.524 ms
avg r qps   : 2
avg s qps   : 2
avg pkt     : 44 bytes
tcp conn.   : 5
timeouts    : 1 (20%)
bad recv    : 0
net errors  : 0
responses   :
  NOERROR: 4

Reference

@yagikota
Copy link

yagikota commented Oct 3, 2023
edited

I tried the following build pattern

  1. CMAKE_BUILD_TYPE=Release
  2. CMAKE_BUILD_TYPE=Debug
  3. CMAKE_BUILD_TYPE=RelWithDebInfo
  4. CMAKE_BUILD_TYPE=MinSizeRel

but when I used CMAKE_BUILD_TYPE=Debug or no build pattern like the above post, I could only build.

According to this, the meaning of these build types are like this:

  1. Release: high optimization level, no debug info, code or asserts.
  2. Debug: No optimization, asserts enabled, [custom debug (output) code enabled],
    debug info included in executable (so you can step through the code with a
    debugger and have address to source-file:line-number translation).
  3. RelWithDebInfo: optimized, with debug info, but no debug (output) code or asserts.
  4. MinSizeRel: same as Release but optimizing for size rather than speed.

So optimization maybe the reason why we can't send DoH query using Docker.

@yagikota
Copy link

yagikota commented Oct 3, 2023
edited

@weyrick
If you like, I'll make a PR about this issue.

@weyrick
Copy link
Contributor

weyrick commented Oct 3, 2023
edited

Thanks @yagikota. We wouldn't want the default build to be Debug though - it will greatly slow down traffic generation. I wonder if moving to bookworm-slim instead of bullseye-slim base image would help?

@yagikota
Copy link

yagikota commented Oct 3, 2023

OK!
I'll try it and share the result.

Do you have any reason to use bookworm-slim?

@weyrick
Copy link
Contributor

weyrick commented Oct 3, 2023

No, just that if optimization is making it fail (which is never supposed to happen) then perhaps mutating the versions of the compiler and/or dependencies will fix the mystery.

@yagikota
Copy link

yagikota commented Oct 3, 2023

I'll deal with this problem this weekend.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@weyrick @zephyia @TerryOtt @yagikota