Every 3 secs in log: kresd hard limit for number of file-descriptors ? any help?

datapool · June 27, 2021, 6:22pm

I have continuos entries in my system log after upgrading to 5.2.2:

[…]
Jun 27 18:18:10 turris kresd[23986]: [ta_update] next refresh for . in 1 hours
Jun 27 18:18:10 turris kresd[24133]: [system] warning: hard limit for number of file-descriptors is only 4096 but recommended value is 524288
Jun 27 18:18:11 turris kresd[24133]: [ta_update] refreshing TA for .
Jun 27 18:18:11 turris kresd[24133]: [ta_update] next refresh for . in 1 hours
Jun 27 18:18:13 turris hotplug: Reload resolver because of interface address update
Jun 27 18:18:14 turris kresd[24314]: [system] warning: hard limit for number of file-descriptors is only 4096 but recommended value is 524288
Jun 27 18:18:14 turris kresd[24314]: [ta_update] refreshing TA for .
Jun 27 18:18:14 turris kresd[24314]: [ta_update] next refresh for . in 1 hours
Jun 27 18:18:15 turris kresd[24469]: [system] warning: hard limit for number of file-descriptors is only 4096 but recommended value is 524288
Jun 27 18:18:15 turris kresd[24469]: [ta_update] refreshing TA for .
Jun 27 18:18:15 turris kresd[24469]: [ta_update] next refresh for . in 1 hours
Jun 27 18:18:18 turris hotplug: Reload resolver because of interface address update
Jun 27 18:18:18 turris kresd[24650]: [system] warning: hard limit for number of file-descriptors is only 4096 but recommended value is 524288
Jun 27 18:18:18 turris kresd[24650]: [ta_update] refreshing TA for .
Jun 27 18:18:18 turris kresd[24650]: [ta_update] next refresh for . in 1 hours
Jun 27 18:18:19 turris kresd[24798]: [system] warning: hard limit for number of file-descriptors is only 4096 but recommended value is 524288
Jun 27 18:18:19 turris kresd[24798]: [ta_update] refreshing TA for .
Jun 27 18:18:20 turris kresd[24798]: [ta_update] next refresh for . in 1 hours
Jun 27 18:19:01 turris crond[25008]: (root) CMD (/usr/bin/rainbow_button_sync.sh)
[…]

vcunat · June 27, 2021, 6:55pm

This one is the cause. The resolver is being restarted all the time due to network getting reconfigured.

EDIT: but I’m not a good person to help with the cause of those reconfigurations.

datapool · June 27, 2021, 6:59pm

Thanks. Any idea why the network is getting reconfigured? For what reason?

datapool · June 28, 2021, 5:50pm

For information, I tracked down the root cause:

it is based on a prefix change in the ipv6 network wan6 interface. I dont know why this is happening so often, but if is just because of the IFUPDATE_PREFIXES firering for the WAN6 interface.

Maybe disable the hotplug resolver restart for WAN6 prefix changes in the script 40-ip-resolver-reload without $IFUPDATE_PREFIXES for WAN6/ipv6?

Or does anyone know why a prefix update is fired every seconds on ipv6 wan6?

Regards,
Lars

datapool · June 28, 2021, 6:04pm

I changed the file to ignore resolver reload for wan6 prefix changes. Not sure if this makes sense or if I miss something critical?

#!/bin/sh

source /lib/functions/network.sh

if [ "$ACTION" = "ifupdate" -o "$ACTION" = "ifup" ]; then
	if [ "$IFUPDATE_ADDRESSES" = "1" -o "$IFUPDATE_PREFIXES" = "1" ]; then
		if [[ "$INTERFACE" = "wan6" && "$IFUPDATE_PREFIXES" = "1" ]]; 
		then
			logger -t hotplug "Skipped reload resolver because of wan6/prefix update"
		else
			logger -t hotplug "Reload resolver because of interface address update"
			logger -t hotplug $ACTION " addr=" $IFUPDATE_ADDRESSES " pref=" $IFUPDATE_PREFIXES " - I:" $INTERFACE " - D:" $DEVICE
			/etc/init.d/resolver reload
		fi
	fi
fi

Maybe related to the “Fix Me” comment in the OpenWRT docs?

Turris path/file:
/etc/hotplug.d/iface/40-resolver-reload

vcunat · June 28, 2021, 7:14pm

Yes, that approach sounds good to me. WAN could be ignored here, as the current code only listens on addresses belonging to lo(calhost) and (br-)lan interfaces anyway.

I have no idea why the prefix might change so often, not even whose mistake it is (ISP, OpenWrt, Turris changes). I had noticed the hotplug docs a bit lacking; makes it hard to confidently write more complex conditions like your suggestion.

datapool · June 28, 2021, 7:29pm

thanks. any idea how to make this fix permanent to survive the next update?

loom · September 1, 2021, 2:01am

i’m also struggling with ipv6 and the hotplug system. i think this is the default design of openwrt to also trigger updates even when only prefered and valid until values on the temporary adresses are changed. i wrote an issue in the turris gitlab: