BIND Stops Listening on TCP/53

[Barry Margolin]

In article <dpk712$jg3$1 at sf1.isc.org>, Tim Wilde <twilde at dyndns.com> 
wrote:

> I've just run into a very strange situation for the second time.  I'm not 
> 100% sure if it's a BIND bug or something weird with my OS, was wondering 
> if anyone else might have seen it.  I'm running BIND 9.3.1 on FreeBSD 5.4.
> 
> What I saw happening is that BIND will stop answering TCP/53 requests on 
> a single IP.  This box has multiple IPs on the same interface, all of 
> which BIND listens on.  In this circumstance, I can connect to TCP/53 on 
> all of the other IPs, but not this particular one (which happens to be the 
> public nameservice IP of the box).  UDP/53 continues working on all 
> interfaces, including the affected one.  netstat claims that the LISTEN 
> socket on TCP/53 for the affected IP still exists, but any attempts to 
> connect to it, locally or remotely, result in TCP timeouts.  tcpdump shows 
> that SYNs are going completely un-answered.
> 
> I can get things working again by removing the IP alias from the 
> interface, reloading BIND (to get the listener closed), re-adding the 
> alias, and reloading again.  (reloading == rndc reload in this case)  I 
> imagine entirely shutting down the server and re-starting it would also 
> work, but due to the number of zones on this server I prefer not to do 
> that unless absolutely necessary.
> 
> Has anyone run across this before?  Any ideas if this is a BIND thing or 
> an OS thing?

Are there any log messages from named saying that it updated its 
interface info, or couldn't bind for some reason?

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***