Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SystemD service: ensure service starts after DNS queries (e.g. ipv4only.arpa) can be resolved. #45

Merged
merged 1 commit into from
Feb 9, 2025
Merged

SystemD service: ensure service starts after DNS queries (e.g. ipv4only.arpa) can be resolved. #45

merged 1 commit into from
Feb 9, 2025

Conversation

jivanpal
Copy link
Contributor

@jivanpal jivanpal commented Jan 9, 2025

Following on from #42 (comment):

You may like to add the following Before and Wants lines to the default SystemD unit file:

[Unit]
Description=464XLAT CLAT daemon
Documentation=man:clatd(8)
After=network-online.target
Before=nss-lookup.target
Wants=network-online.target nss-lookup.target
StartLimitIntervalSec=0

This should ensure that clatd only starts if a DNS server is reachable; it has been working reliably for me. Otherwise, if clatd is enabled to start on boot, then if/when it tries to determine the PLAT prefix by querying ipv4only.arpa, the following is likely to happen:

20:08:57 clatd-test clatd[485]: Performing DNS64-based PLAT prefix discovery (cf. RFC 7050)
20:10:12 clatd-test clatd[485]: No PLAT prefix could be discovered. Your ISP probably doesn't provide NAT64/DNS64 PLAT service. Exiting.
20:10:12 clatd-test systemd[1]: clatd.service: Deactivated successfully.

Manually restarting the service after this timeout gets things working again, but we'd rather start the service at the right time. Alternatively/additionally, we might consider having an extra configuration option to treat lack of discovery of a PLAT prefix not as "NAT64 is not available", but as an error, and then the SystemD unit could use Restart=on-failure. This would be useful for servers and other fixed-location machines that are known to be in IPv6-only networks where NAT64 should always be available.

toreanderson
toreanderson reviewed Jan 9, 2025
View reviewed changes
scripts/clatd.systemd Outdated
@@ -12,6 +12,8 @@
Description=464XLAT CLAT daemon
Documentation=man:clatd(8)
After=network-online.target
Before=nss-lookup.target
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't this be After=?

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jivanpal Would appreciate it if you could explain why you are using Before= here. It seems to me that After= would be the appropriate dependency to use - considering the PR is titled «ensure service starts after DNS queries can be resolved».

@z0rb z0rb mentioned this pull request Jan 27, 2025
Closed
toreanderson
toreanderson reviewed Feb 9, 2025
View reviewed changes
scripts/clatd.systemd Outdated
@@ -12,6 +12,8 @@
Description=464XLAT CLAT daemon
Documentation=man:clatd(8)
After=network-online.target
Before=nss-lookup.target
Wants=network-online.target nss-lookup.target
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

According to the systemd.special(7) manual page:

All services for which the availability of full host/network name resolution is essential should be ordered after this target, but not pull it in. (emphasis mine)

Therefore, I think it is wrong to add it to Wants.

@toreanderson toreanderson merged commit f763915 into toreanderson:master Feb 9, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@toreanderson toreanderson toreanderson left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jivanpal @toreanderson