Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mount fails when 'localhost' resolves to an external IP #221

Open
jgard opened this issue Jun 10, 2024 · 2 comments
Open

Mount fails when 'localhost' resolves to an external IP #221

jgard opened this issue Jun 10, 2024 · 2 comments

Comments

@jgard
Copy link

jgard commented Jun 10, 2024

In our network recently the stars aligned so that:

  • A misconfigured DHCP client registered the DNS name localhost.<our-internal-domain>.com
  • A new OS configuration we're testing did not properly have 127.0.0.1 localhost in its /etc/hosts

During a mount -t efs attempt, this resulted in this server sending queries for localhost.<our-internal-domain>.com to our DNS server, getting successful responses with an IP address, which caused the mount to fail:

root@<server>:~# mount -t efs -o tls,iam,accesspoint=fsap-012345 fs-67890:/ /mnt/efs
Failed to locate an available port in the range [20049, 21049], try specifying a different port range in /etc/amazon/efs/efs-utils.conf

I believe this is caused by using sock.bind(("localhost", tls_port)) in find_tls_port_in_range_and_get_bind_sock()

Is there a workaround where we can avoid sending DNS queries for localhost?
@mskanth972
Copy link
Contributor

Hi @jgard, can you update the efs-utils to latest version(v2.0.2)which has the fix for this Port issue.
#219

@jgard
Copy link
Author

jgard commented Jun 18, 2024

Hi @mskanth972 . What commit that ended up in v2.0.2 was supposed to resolve this issue? Regardless, I have reproduced on the newest version:

## Show we're on 2.0.2
# dpkg --status amazon-efs-utils
Package: amazon-efs-utils
Status: install ok installed
Priority: optional
Section: utils
Maintainer: Amazon.com, Inc. <efs-utils@amazon.com>
Architecture: all
Version: 2.0.2
Depends: python3, nfs-common, stunnel4 (>= 4.56), openssl (>= 1.0.2), util-linux
Conffiles:
 /etc/amazon/efs/efs-utils.conf 2bd2a5ebdceb1b1a6f0d46547af61d82
Description: This package provides utilities for simplifying the use of EFS file systems
Copyright: MIT License

## Show a broken hosts file that lets "localhost" resolve on the network
# cat /etc/hosts
127.0.0.1 <instance_fqdn> <instance_hostname> localhost4 localhost4.localdomain4

## Show mount fails
# mount -t efs -o tls,iam,accesspoint=<fsap-id> <fs-id>:/ /mnt/efs
Failed to locate an available port in the range [20049, 21049], try specifying a different port range in /etc/amazon/efs/efs-utils.conf

## Show fixed hosts file that resolves "localhost" properly
# cat /etc/hosts
127.0.0.1 <instance_fqdn> <instance_hostname> localhost4 localhost4.localdomain4 localhost localhost.localdomain

## Show mount succeeds
# mount -t efs -o tls,iam,accesspoint=<fsap-id> <fs-id>:/ /mnt/efs
# ls -ahl /mnt/efs
total 24K
drwxrwxr-x 2 ssm-user ssm-user 6.0K Jun 18 10:56 .
drwxr-xr-x 3 root     root     4.0K Jun 18 11:30 ..
-rw-r--r-- 1 ssm-user ssm-user 1.5K Jun 14 14:50 <file_in_efs>

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jgard @mskanth972