zone not loaded in one of view
liudonghua at ynu.edu.cn
liudonghua at ynu.edu.cn
Wed Dec 20 02:31:21 UTC 2023
Hi,
I do have two `named`, one is original /usr/sbin/named installed via `yum install bind bind-utils` a few years ago, and another /usr/local/sbin/named which I build from source.
I did not remember when the jnl file generated, maybe in the first run of new named, I never saw jnl file in the past. When I using the older named, /etc/named.data/db.ynu.edu.cn.intranet always got updated unexpected, detailed information is on Zone file got updated via named process unexpected (isc.org), so I update the named, but this problem still exists. After I make some changes to named.conf like disable DNSSEC or DLV or something else manually or explicitly. The file not changed anymore, but resulted in `zone not loaded`.
Now I removed the jnl file and it worked well now.
[root at pridns ~]# /usr/sbin/named -v
BIND 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.15 (Extended Support Version) <id:7107deb>
[root at pridns ~]# /usr/local/sbin/named -v
BIND 9.18.20 (Extended Support Version) <id:396c2b4>
[root at pridns ~]#
[root at pridns ~]# ll ~/db.ynu.edu.cn.intranet.jnl /etc/named.data/db.ynu.edu.cn.intranet
-rw-r--r-- 1 root root 1.3K Dec 16 16:00 /etc/named.data/db.ynu.edu.cn.intranet
-rw-r--r-- 1 named named 1.1K Dec 15 17:48 /root/db.ynu.edu.cn.intranet.jnl
[root at pridns ~]#
2023-12-19 16:43:36 "Greg Choules" <gregchoules+bindusers at googlemail.com> 写道:
Hi.
The existence of a `.jnl` file for the zone means that, at some point in the past anyway, you *did* allow dynamic updates to this zone and some updates were made, which were stored in the journal file.
I would like to ask a couple of questions:
1) What is the timeline of your investigation? Map out file creation and modification dates and times along with log messages and times you made changes to see if you can build a picture of what actually happened when.
2) How many instances of 'named' are running on this server? I have seen in the past people have two or more 'named' processes running that they were not aware of, which *might* cause problems if they are trying to use the same data files.
Cheers, Greg
On Tue, 19 Dec 2023 at 08:26, <liudonghua at ynu.edu.cn> wrote:
I found there was a db.ynu.edu.cn.intranet.jnl beside db.ynu.edu.cn.intranet, I tried to remove it, then restarted and checked the new cache_dump.db, no `zone not loaded` anymore.
For the original problem, because I modified serial of SOA and updated bind9 to the latest version, it could not reproduce. Maybe it's also the similar issue, but in the older bind 9.11, no jnl file generated via named.
2023-12-17 15:47:43 "Mark Andrews" <marka at isc.org> 写道:
Read your logs and/or use named-checkzone and/or tell name-checkconf to load the zones.
--
Mark Andrews
On 17 Dec 2023, at 15:22, liudonghua at ynu.edu.cn wrote:
Hi, I have a bind9 authoritative name server running, but I found a strange problem. One of zone in a specific view not loaded when I view the cache_dump.db after I execute `rndc dumpdb -all`.
The zone data file is almost the same for difference views execpted some few domain resolution.
[root at pridns data]# head -n 20 /etc/named.data/db.ynu.edu.cn.cernet
$TTL 86400 ; 1 day
@ IN SOA pridns.ynu.edu.cn. root.pridns.ynu.edu.cn. (
2023121601 ; serial number
10800 ; Refresh interval, every 3 hours
3600 ; Retry interval, every 30 minutes
604800 ; Expire after 1 week
86400 ) ; Minimum TTL of 1 day
$INCLUDE /etc/named.data/db.ynu.edu.cn.common
; RR of type A
;
vpn1 10800 IN A 113.55.110.251
;
lb-http-jz IN A 113.55.14.52
ynucdn 600 IN A 202.203.208.4
;
vpn2 IN A 202.203.208.9
[root at pridns data]# head -n 20 /etc/named.data/db.ynu.edu.cn.intranet
$TTL 86400 ; 1 day
@ IN SOA pridns.ynu.edu.cn. root.pridns.ynu.edu.cn. (
2023121601 ; serial number
10800 ; Refresh interval, every 3 hours
3600 ; Retry interval, every 30 minutes
604800 ; Expire after 1 week
86400 ) ; Minimum TTL of 1 day
$INCLUDE /etc/named.data/db.ynu.edu.cn.common
; RR of type A
;
lb-http-jz IN A 113.55.14.52
;
vpn1 10800 IN A 192.168.208.3
ynucdn 600 IN A 202.203.208.4
;
vpn2 IN A 202.203.208.9
[root at pridns data]#
[root at pridns data]# named-checkconf /etc/named.conf
[root at pridns data]# echo $?
0
[root at pridns data]#
[root at pridns data]# rndc zonestatus ynu.edu.cn in CERNET
name: ynu.edu.cn
type: primary
files: db.ynu.edu.cn.cernet, /etc/named.data/db.ynu.edu.cn.common
serial: 2023121601
nodes: 576
last loaded: Sat, 16 Dec 2023 08:00:49 GMT
secure: no
dynamic: no
reconfigurable via modzone: no
[root at pridns data]#
[root at pridns data]# rndc zonestatus ynu.edu.cn in INTRANET
rndc: 'zonestatus' failed: zone not loaded
[root at pridns data]#
[root at pridns data]# named-checkzone ynu.edu.cn /etc/named.data/db.ynu.edu.cn.intranet
zone ynu.edu.cn/IN: loaded serial 2023121601
OK
[root at pridns data]#
[root at pridns data]# ll /etc/named.data/db.ynu.edu.cn.cernet /etc/named.data/db.ynu.edu.cn.intranet
-rw-r--r-- 1 root root 1.3K Dec 16 16:00 /etc/named.data/db.ynu.edu.cn.cernet
-rw-r--r-- 1 root root 1.3K Dec 16 16:00 /etc/named.data/db.ynu.edu.cn.intranet
[root at pridns data]#
And here is parts of content in /var/named/data/cache_dump.db
; Zone dump of 'ynu.edu.cn/IN/INTRANET'
;
; zone not loaded
;
; Zone dump of 'rpz/IN/INTRANET'
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20231220/1a4bd24c/attachment-0001.htm>
More information about the bind-users
mailing list