Bind 4.9.11 under Solaris 8

Kevin Darcy kcd at daimlerchrysler.com
Wed Oct 29 00:01:12 UTC 2003 

Gavin Hurlbut wrote:

>Hello all.
>
>I'm in the process of performing a series of upgrades to take some BIND 4.9.11
>servers and upgrade them to BIND 9.2.x.  The first stage is to do a "forklift
>upgrade" by replacing the ix86 Solaris 2.6 boxes with Sparc Solaris 8 boxes,
>while still running BIND 4.9.11.  This is being done to maintain the current
>service level while planning a smooth transition to BIND 9.2.x.
>
>I have compiled it, and have it starting up from a script in /etc/rc2.d,
>however it seems to have troubles starting.  The system runs out of swap
>resources, even with 4G of swap.  It seems to spawn several hundred forked
>children, causing named to run out of memory, along with the rest of the 
>system.  However, if I run it from a shell, or start it from an at job, it 
>starts up just fine.  Once it is started, it seems to be operational.
>
>Has anyone out there got any idea what might be causing this behaviour?  It 
>seems to happen during the initial zone loading, however, I don't understand
>why as I don't see any loops with fork() or variants in it in my quick scan
>through the code.
>
>While I realize that not many people are still running 4.9.x, I'd really like
>to get these servers running so I can retire the old machines that are getting
>rather aged.
>
Well, what script are you using to start named? Is it the standard, 
unmodified /etc/rc2.d/S72inetsvc, or something else? What exact 
command-line parameters are being used to start named from that script? 
Obviously there's something different in the invocation environment; you 
need to find out what. You could try running S72inetsvc with "sh -x" to 
see exactly what it's doing (but beware, multiple invocations of 
S72inetsvc can easily hose your networking configuration, so do this 
while the box is not being used for anything, and from the console so 
you don't risk closing your own network connection).

FWIW, I have BIND 9 starting fine from an unmodified 
/etc/rc2.d/S72inetsvc on dozens of my Solaris 8 boxes. On other, more 
security-sensitive boxes, I have modified S72inetsvc to run named 
choot'ed and unprivileged, and that works fine too.

- Kevin


- Kevin

More information about the bind-users mailing list