How to Trace "TCP Receive Error"
Barry Finkel
b19141 at achilles.ctd.anl.gov
Sun Jan 6 16:05:58 UTC 2008
I am seeing lots of messages like this one from BIND-9.4.1-P1:
[ID 873579 daemon.info] dispatch b090ef8:
shutting down due to TCP receive error: 69.59.189.68#53:
connection reset
I tried a Solaris snoop trace of all traffic between the DNS server
(which has three IP addresses) to the IP address in the message:
snoop -v -s3000 -o /tmp/snoop.trace 69.59.189.68
but I did not get any packets captured. I ran the trace for one hour,
and after not capturing anything, I looked in /var/adm/messages.
There were about 300 such messages logged. What snoop trace parameters
do I have to specify to trace this activity? I am assuming (maybe
incorrectly) that snoop is tracing activity on all three IP addresses.
I have BIND query logging on, and I do not see this address in the
query.log file. Thanks.
----------------------------------------------------------------------
Barry S. Finkel
Computing and Information Systems Division
Argonne National Laboratory Phone: +1 (630) 252-7277
9700 South Cass Avenue Facsimile:+1 (630) 252-4601
Building 222, Room D209 Internet: BSFinkel at anl.gov
Argonne, IL 60439-4828 IBMMAIL: I1004994
More information about the bind-users
mailing list