Troubleshooting scripted named startup
Philip Prindeville
philipp_subx at redfish-solutions.com
Wed Dec 28 08:44:31 UTC 2022
That must have been it. I spun a new package and installed in on my firewall, rebooted, and I'm not seeing the issue.
> On Dec 28, 2022, at 12:24 AM, Ondřej Surý <ondrej at isc.org> wrote:
>
> Hi,
>
> running latest upstream version first might save you some time, it’s this:
>
> https://gitlab.isc.org/isc-projects/bind9/-/issues/2895
>
>
> Ondrej
> --
> Ondřej Surý — ISC (He/Him)
>
> My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.
>
>> On 28. 12. 2022, at 1:51, Philip Prindeville <philipp_subx at redfish-solutions.com> wrote:
>>
>> Hi,
>>
>> I notice that went Bind 9.18.7 comes up on OpenWRT, and I'm running it as a local resolver, resolution initially doesn't work and I get a lot of noise in /var/log/messages like:
>>
>> Dec 27 17:27:12 OpenWrt named[13171]: validating org/DS: no valid signature found
>> Dec 27 17:27:12 OpenWrt named[13171]: no valid RRSIG resolving 'org/DS/IN': 193.0.14.129#53
>> Dec 27 17:27:12 OpenWrt named[13171]: validating org/DS: no valid signature found
>> Dec 27 17:27:12 OpenWrt named[13171]: no valid RRSIG resolving 'org/DS/IN': 198.97.190.53#53
>> Dec 27 17:27:12 OpenWrt named[13171]: validating org/DS: no valid signature found
>> Dec 27 17:27:12 OpenWrt named[13171]: no valid RRSIG resolving 'org/DS/IN': 202.12.27.33#53
>> Dec 27 17:27:12 OpenWrt named[13171]: broken trust chain resolving '_.linksys.pool.ntp.org/A/IN': 185.209.85.151#53
>> Dec 27 17:27:12 OpenWrt named[13171]: validating 0.linksys.pool.ntp.org/A: bad cache hit (org/DS)
>> Dec 27 17:27:12 OpenWrt named[13171]: broken trust chain resolving '0.linksys.pool.ntp.org/A/IN': 45.127.112.23#53
>> Dec 27 17:27:13 OpenWrt named[13171]: validating tabletcaptiveportal.com/A: bad cache hit (com/DS)
>> Dec 27 17:27:13 OpenWrt named[13171]: broken trust chain resolving 'tabletcaptiveportal.com/A/IN': 205.251.195.137#53
>> Dec 27 17:27:13 OpenWrt named[13171]: validating syringanetworks.net/SOA: bad cache hit (net/DS)
>> Dec 27 17:27:13 OpenWrt named[13171]: broken trust chain resolving '_.voip.syringanetworks.net/A/IN': 66.232.66.3#53
>> Dec 27 17:27:13 OpenWrt named[13171]: validating syringanetworks.net/SOA: bad cache hit (net/DS)
>> Dec 27 17:27:13 OpenWrt named[13171]: broken trust chain resolving '_._udp.voip.syringanetworks.net/A/IN': 66.232.66.3#53
>> Dec 27 17:27:13 OpenWrt named[13171]: validating syringanetworks.net/SOA: bad cache hit (net/DS)
>> Dec 27 17:27:13 OpenWrt named[13171]: broken trust chain resolving '_sip._udp.voip.syringanetworks.net/SRV/IN': 66.232.66.3#53
>>
>> Until I run a script that contains:
>>
>> #!/bin/sh
>>
>> rm -f /tmp/managed-keys.bind* /tmp/*.jnl
>>
>> rndc managed-keys refresh
>> rndc managed-keys sync
>>
>> /etc/init.d/named restart
>>
>> And the "restart" command basically kills the old instance of the server, then restarts it. Then the errors go away and everything works.
>>
>> What does this point to as being wrong in the startup scripts so I can fix it?
>>
>> Thanks,
>>
>> -Philip
>>
>>
>>
>>
>> --
>> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>>
>> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
>>
>>
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
More information about the bind-users
mailing list