What could have caused the following error?

Mark_Andrews at isc.org Mark_Andrews at isc.org
Wed Jun 5 23:55:37 UTC 2002 

> 	After upgrading to bind9.2.1, things were going perfectly
> until one of our name servers put the following messages in to
> the log:
> 
> Jun 05 15:56:07.315 listening on IPv4 interface fxp0, 139.78.x.x#53
> Jun 05 15:56:07.315 could not listen on UDP socket: permission denied
> Jun 05 15:56:07.315 creating IPv4 interface fxp0 failed; interface ignored
> Jun 05 16:56:07.329 listening on IPv4 interface fxp0, 139.78.x.x#53
> Jun 05 16:56:07.329 could not listen on UDP socket: permission denied
> Jun 05 16:56:07.329 creating IPv4 interface fxp0 failed; interface ignored
> 
> 	That's pretty much how the cat died so to speak.

	Well you either start named not as root or the interfaces
	went away and were re-configured and you a are running with
	"named -u uid ...".

	Named needs to have a socket on each interface/address it
	receives queries on in order to get the source address of
	the reply correct.  It will also notice if a interface goes
	away.

	Mark

> 
> 	When I got the phone call that the system was not
> answering queries, I found named to still be running but
> comatose.  I killed it and restarted it and it appeared to run
> like it had never had trouble.
> 
> 	I have never seen this behavior before at all.  
> BIND 9.2.1rc2 is running on a FreeBSD Netfinity server with 1 gig
> of RAM and FreeBSD Version 4.5.  The FreeBSD OS was upgraded to
> Version 4.5 on Saturday and ran bind9.0 until today when we
> upgraded as a result of the CERT warning.  Ironically, the
> warning is about a denial of service exploit. HMM.
> 
> 	The only unusual thing that happened today was a loss of
> access to all root name servers about 4 hours earlier, but things
> were okay after that.
> 
> Martin McCormick WB5AGZ  Stillwater, OK 
> OSU Center for Computing and Information Services Network Operations Group
> 
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at isc.org

More information about the bind-users mailing list