Skip to content

fix: add timeout for DNS failures #6972

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
stringhandler merged 7 commits into from
Apr 22, 2025
Merged

fix: add timeout for DNS failures #6972

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
0daa96d
fix: add timeout for DNS failures
stringhandler Apr 21, 2025
5db0dc9
Update base_layer/p2p/src/initialization.rs
SWvheerden Apr 22, 2025
fdfaf17
remove test
stringhandler Apr 22, 2025
b88e746
add in seeds from dns
stringhandler Apr 22, 2025
f77f6f0
remove async from dns connect
stringhandler Apr 22, 2025
d932ce9
fix compile and add error
stringhandler Apr 22, 2025
0ec06ab
remove test and revert config
stringhandler Apr 22, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

7 changes: 6 additions & 1 deletion base_layer/p2p/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,12 @@ tokio-stream = { version = "0.1.9", default-features = false, features = [
"time",
] }
tower = "0.4.11"
hickory-resolver = { version = "=0.25.0-alpha.4", features = ["tokio-runtime", "dns-over-tls", "dns-over-rustls"] }
hickory-resolver = { version = "=0.25.0-alpha.4", features = [
"tokio-runtime",
"dns-over-tls",
"dns-over-rustls",
"native-certs",
] }
hickory-proto = { version = "=0.25.0-alpha.4" }

[dev-dependencies]
Expand Down
20 changes: 15 additions & 5 deletions base_layer/p2p/src/config.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,16 +74,26 @@ impl Default for PeerSeedsConfig {
Self {
override_from: None,
peer_seeds: StringList::default(),
dns_seeds: vec![format!(
"seeds.{}.tari.com",
Network::get_current_or_user_setting_or_default().as_key_str()
)]
dns_seeds: vec![
format!(
"seeds.{}.tari.com",
Network::get_current_or_user_setting_or_default().as_key_str()
),
format!(
"ip4.seeds.{}.tari.com",
Network::get_current_or_user_setting_or_default().as_key_str()
),
format!(
"ip6.seeds.{}.tari.com",
Network::get_current_or_user_setting_or_default().as_key_str()
Copy link
Copy Markdown
Contributor

@leet4tari leet4tari Apr 22, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we can also add tor.seeds.{}.tari.com, if we want to pull as many nodes?

),
]
.into(),
dns_seed_name_servers: DnsNameServerList::from_str(
"system, 1.1.1.1:853/cloudflare-dns.com, 8.8.8.8:853/dns.google, 9.9.9.9:853/dns.quad9.net",
)
.expect("string is valid"),
dns_seeds_use_dnssec: false,
dns_seeds_use_dnssec: true,
Copy link
Copy Markdown
Contributor

@leet4tari leet4tari Apr 22, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

DNSSec is not enabled on tari.com, is it worth enabling by default?

}
}
}
Expand Down
2 changes: 2 additions & 0 deletions base_layer/p2p/src/dns/client.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,9 +76,11 @@ impl DnsClient {
bind_addr: None,
tls_config: None,
});

let mut opts = ResolverOpts::default();
opts.edns0 = true;
opts.try_tcp_on_error = true;
opts.timeout = std::time::Duration::from_secs(1);
TokioResolver::tokio(conf, opts)
}

Expand Down
60 changes: 44 additions & 16 deletions base_layer/p2p/src/initialization.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,10 @@ use tari_storage::{
LMDBWrapper,
};
use thiserror::Error;
use tokio::sync::{broadcast, mpsc};
use tokio::{
sync::{broadcast, mpsc},
time::timeout,
};
use tower::ServiceBuilder;

use crate::{
Expand Down Expand Up @@ -508,7 +511,20 @@ impl P2pInitializer {
P2pInitializer::get_dns_seed_resolver(config.dns_seeds_use_dnssec, &config.dns_seed_name_servers).await?;
let resolving = config.dns_seeds.iter().map(|addr| {
let mut resolver = resolver.clone();
async move { (resolver.resolve(addr).await, addr) }
async move {
let timer = Instant::now();
let seeds_res = match timeout(Duration::from_secs(5), resolver.resolve(addr)).await {
Ok(res) => res,
Err(_) => {
warn!(target: LOG_TARGET, "Timeout resolving DNS seed `{}`", addr);
Err(DnsClientError::Timeout)
},
};
// let res = (resolver.resolve(addr).await, addr);
let res = (seeds_res, addr.clone());
info!(target: LOG_TARGET, "Resolved DNS seed `{}` in {:.0?}", addr, timer.elapsed());
res
}
});

let peers = future::join_all(resolving)
Expand Down Expand Up @@ -549,26 +565,38 @@ impl P2pInitializer {
}
let mut dns_errors = Vec::new();
for dns in dns_seed_name_servers {
info!(target: LOG_TARGET, "Connecting to DNS name server: {}", dns);
let res = match (dns_seeds_use_dnssec, dns == &DnsNameServer::System) {
(true, false) => DnsSeedResolver::connect_secure(dns.clone()).await,
(_, _) => DnsSeedResolver::connect(dns.clone()).await,
(true, false) => timeout(Duration::from_secs(5), DnsSeedResolver::connect_secure(dns.clone())).await,
Copy link
Copy Markdown
Member

@sdbondi sdbondi Apr 21, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

connect and connect_secure are mistakenly marked as async functions and don't do IO, so they could be simplified

(_, _) => timeout(Duration::from_secs(5), DnsSeedResolver::connect(dns.clone())).await,
};
match res {
Ok(val) => {
trace!(target: LOG_TARGET, "Found DNS client at '{}'", dns);
return Ok(val);
},
Err(err) => {
warn!(
target: LOG_TARGET,
"DNS entry '{}' did not respond, trying the next one. You can edit 'dns_seed_name_servers' in \
the config file. (Error: {})",
dns,
err.to_string(),
);
Ok(Ok(resolver)) => return Ok(resolver),
Ok(Err(err)) => {
warn!(target: LOG_TARGET, "Failed to connect to DNS name server: {}", err);
dns_errors.push(err.to_string())
},
Err(_) => {
warn!(target: LOG_TARGET, "Timed out connecting to DNS name server: {}", dns);
dns_errors.push("Timeout".to_string())
},
}
// match res {
// Ok(val) => {
// trace!(target: LOG_TARGET, "Found DNS client at '{}'", dns);
// return Ok(val);
// },
// Err(err) => {
// warn!(
// target: LOG_TARGET,
// "DNS entry '{}' did not respond, trying the next one. You can edit 'dns_seed_name_servers' in
// \ the config file. (Error: {})",
// dns,
// err.to_string(),
// );
// dns_errors.push(err.to_string())
// },
// }
}
Err(ServiceInitializationError::from(DnsClientError::Connection(format!(
"{:?}",
Expand Down
16 changes: 7 additions & 9 deletions base_layer/p2p/src/peer_seeds.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ impl DnsSeedResolver {
.into_iter()
.filter_map(|txt| {
txt.parse()
.inspect(|err| {
.inspect_err(|err| {
warn!(
target: LOG_TARGET,
"Failed to parse DNS seed peer string: {}. Error: {}", txt, err
Expand Down Expand Up @@ -124,15 +124,13 @@ impl FromStr for SeedPeer {
type Err = anyhow::Error;

fn from_str(s: &str) -> Result<Self, Self::Err> {
let mut parts = s.split("::").map(|s| s.trim());
let public_key = parts
.next()
.and_then(|s| UncompressedCommsPublicKey::from_hex(s).ok())
let (mut part_a, mut part_b) = s
.split_once("::")
.ok_or_else(|| anyhow!("Invalid seed peer string, missing '::' delimiter"))?;
let public_key = UncompressedCommsPublicKey::from_hex(part_a)
.ok()
.ok_or_else(|| anyhow!("Invalid public key string"))?;
let addresses = parts.map(Multiaddr::from_str).collect::<Result<Vec<_>, _>>()?;
if addresses.is_empty() || addresses.iter().any(|a| a.is_empty()) {
return Err(anyhow!("Empty or invalid address in seed peer string"));
}
let addresses = vec![Multiaddr::from_str(part_b).map_err(|e| anyhow!("Invalid address string:{}", e))?];
Ok(SeedPeer {
public_key: CommsPublicKey::new_from_pk(public_key),
addresses,
Expand Down
Loading