Hi - Apologies if this is old, tried google but couldn't find something
that seemed to answer.
Recently upgraded to freebsd 10.0 and switched to unbound. Everything
seemed ok. That was about a week ago. However, I've just noticed in
my log files a significant # of sendto failed: Operation not permitted
What is quite odd is:
This happens everyday at 3AM local time
It happens with 5 IP addresses
The 5 ips all belong to Dell.
Of further note, neither the server or anything on the local net has any
Dell components or assessories.
Thoughts?
Thanks!
previously on this list donotreply@projectumbra.com contributed:
Thoughts?
I use OpenBSD and not FreeBSD but try setting a cron job to output
the route table and pf rules at that time if dynamic at all? I guess you
have looked through your logs? Do you hit connection limits due to a
3AM cron job?
I wonder if this is being triggered as a result of an ICMP error, in response to a DNS query. Maybe the DNS query happens at 3am (automated job?) which explains the timing.
Maybe try running a tcpdump ring-buffer capture and look at the traffic for that time period.
donotreply@projectumbra.com writes:
Recently upgraded to freebsd 10.0 and switched to unbound. Everything
seemed ok. That was about a week ago. However, I've just noticed in
my log files a significant # of sendto failed: Operation not permitted
There seems to be a bug somewhere in the FreeBSD network stack that
causes sendmsg() and sendto() to return an incorrect error code when the
destination address is unroutable. This is not specific to 10.0 - I get
it intermittently on my home router (soekris net5501 with 9.2). I
haven't yet had time to track it down.
DES
Hi -
THanks for the heads up. Before I got any replies I rebooted the server. Since then I have not had these errors but if/when they return I will attempt to better track what is triggering them.
Thanks again.
Quoting Dag-Erling Smørgrav <des@des.no>: