From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <toke@toke.dk>
Received: from mail.toke.dk (mail.toke.dk [45.145.95.4])
 (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by lists.bufferbloat.net (Postfix) with ESMTPS id ECFF83CB40;
 Fri, 22 Jan 2021 16:15:35 -0500 (EST)
From: Toke =?utf-8?Q?H=C3=B8iland-J=C3=B8rgensen?= <toke@toke.dk>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=toke.dk; s=20161023;
 t=1611350135; bh=8L4O2RVCgHn5B77l6FsNS0g/8VRIpq9Xd8GjngdRvE4=;
 h=From:To:Cc:Subject:In-Reply-To:References:Date:From;
 b=XnqTwbgmGXPanHPRScHztqPqNzslQ0Eh8A/u/dRcoH4nj5YKzweRj1JR5mfEUQ5+w
 wtfW16BzJjNTizEtJGu84EZ3b3TIHyNor5DpkLMgBA53SS/To2/Cie/fcv+6h6Hk+/
 k34XKwDCpXRZxNOGonXUhfghb1E5qmTRM9nnkJM5fpSJhB0QxovVZhBIdbReYK8Ld4
 lPrFjThr9P9OnaYaPJgAAopPNE3oK5Ofz3p1g974lRdTg0OSsiqcoyXBLQWmsKLTkP
 Ua78uN2pAtBnOqXSUEmA+oAJgFusRBTbJBJge+WiMsQ4CzmOk6TgmRsvIQu5Tmr6fj
 zAIKwrMqxaZ1Q==
To: Jonathan Foulkes <jf@jonathanfoulkes.com>
Cc: bloat@lists.bufferbloat.net, cerowrt-devel@lists.bufferbloat.net
Subject: Re: [Bloat] New OpenWrt release fixing several dnsmasq CVEs
In-Reply-To: <557C22F5-BF2E-478A-8C48-BE52F9C75256@jonathanfoulkes.com>
References: <87turceco5.fsf@toke.dk>
 <557C22F5-BF2E-478A-8C48-BE52F9C75256@jonathanfoulkes.com>
Date: Fri, 22 Jan 2021 22:15:34 +0100
X-Clacks-Overhead: GNU Terry Pratchett
Message-ID: <875z3o65c9.fsf@toke.dk>
MIME-Version: 1.0
Content-Type: text/plain
X-List-Received-Date: Fri, 22 Jan 2021 21:15:36 -0000

Jonathan Foulkes <jf@jonathanfoulkes.com> writes:

> I installed the updated package on a 19.07.4 box running cake, and QoS performance went down the tubes.
> Last night it locked up completely while attempting to stream.
>
> See the PingPlots others have posted to this forum thread, mine look similar, went from constant sub 50ms to very spiky, then some loss, loss increasing, and if high traffic, lock-up.
> https://forum.openwrt.org/t/security-advisory-2021-01-19-1-dnsmasq-multiple-vulnerabilities/85903/39
>
> load is low, sirq is low, so box does not seem stressed.
>
> Any reason Cake would be sensitive to a dnsmasq bug?

No, not really. I mean, dnsmasq could be sending some traffic that
interferes with stuff? Or it could be a kernel regression - the release
did bump the kernel version as well...

-Toke