Help Center/ Cloud Container Engine/ FAQs/ Node/ OSs/ What Should I Do If a DNS Resolution Failure Occurs Due to a Defect in IPVS?
Updated on 2024-07-04 GMT+08:00

What Should I Do If a DNS Resolution Failure Occurs Due to a Defect in IPVS?

Symptom

In IPVS forwarding mode used in a CCE cluster, packet loss may occur after CoreDNS is upgraded on the node. This results in a Domain Name System (DNS) resolution failure.

Possible Causes

This problem is caused by a defect in IPVS. The community has fixed it in IPVS v5.9-rc1. For details, see ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1

Nodes running Ubuntu 22.04 or Huawei Cloud EulerOS 2.0 are not affected by this problem. Nodes running CentOS, Ubuntu18.04, EulerOS 2.5, EulerOS 2.9 (with earlier kernel version), or Huawei Cloud EulerOS 1.1 are affected by this problem.

Solution

  • The impact of the IPVS packet loss can be reduced by using NodeLocal DNSCache. For details, see .
  • Use unaffected OSs, such as Huawei Cloud EulerOS 2.0 and Ubuntu 22.04.
  • If the OS of your node is EulerOS 2.9, check whether the kernel version of the node meets the following requirements (If the kernel version of the node is too early, reset the node to rectify the fault. If the kernel version of the node meets the requirements, the node is not affected by this issue and no further action is required):
    • x86 node: The kernel version is 4.18.0-147.5.1.6.h998.eulerosv2r9.x86_64 or later.
    • Arm node: The kernel version is 4.19.90-vhulk2103.1.0.h990.eulerosv2r9.aarch64 or later.