Opened 5 years ago

Closed 5 years ago

#1790 closed defect (invalid)

syslog to localhost failure (potential IPv6 confusion)

Reported by: mbherf@… Owned by:
Priority: minor Milestone:
Component: other Version: 1.15.x
Keywords: Cc:
uname -a: Linux X 4.15.18-9-pve #1 SMP PVE 4.15.18-30 (Thu, 15 Nov 2018 13:32:46 +0100) x86_64 x86_64 x86_64 GNU/Linux
nginx -V: nginx version: nginx/1.17.0
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-23) (GCC)
built with OpenSSL 1.0.1e-fips 11 Feb 2013
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -pie'

Description

I have been logging to a rsyslogd forwarder via "syslog=server:localhost" for several years.

Recently my /etc/hosts was updated to include an IPv6 "::1 localhost" entry and nginx stopped logging with errors. I was able to fix by changing to "syslog=server:127.0.0.1" but several days of logs were lost.

Suspect that nginx was trying to contact a non-existent rsyslogd on IPv6 ::1.

Could this case be flagged (as a warning) in the config, or could nginx try to fallback to IPv4 localhost when this happens?

Change History (1)

comment:1 by Maxim Dounin, 5 years ago

Resolution: invalid
Status: newclosed

Quoting docs:

If a domain name resolves to several IP addresses, the first resolved address is used.

If you are using a domain name, it's up to you to configure appropriate resolution of the name in question. Consult your OS docs to find out how to control name resolution, and, in particular, how to control IPv6 vs. IPv4 preference. Alternatively, use IP addresses and/or UNIX domain sockets instead.

Note well that if logging to syslog socket fails, nginx will log corresponding error to the file-based error log as specified at the main level. But, given that syslog uses UDP, which does not guarantee packet delivery, it is unlikely that a configuration problem like you've described will be detectable on nginx side and will produce any errors.

Note: See TracTickets for help on using tickets.