refresh timeouts
CFlath at border-states.com
CFlath at border-states.com
Tue Apr 18 12:40:12 UTC 2006
Unfortunately, the zones are never able to refresh and eventually expire,
which is the real problem. I can't imagine there not being a way to
rectify this with BIND 9, at least thats what I am hoping.. hopefully
someone that may have an idea sees this message eventually.. I do have
some questions to bounce off everyone though:
Could a major time skew cause refresh issues?
Are there any known issues with BIND 9.3.2 and SUSE 9?
Are there any known issues with BIND 9.3.2 running on virtual servers?
(VMWARE ESX)
Thanks,
Corey Flath
Server Administrator
Border States Electric
Peter Dambier <peter at echnaton.serveftp.com>
Sent by: bind-users-bounce at isc.org
04/17/2006 04:45 PM
Please respond to
peter at echnaton.serveftp.com
To
bind-users at isc.org
cc
Subject
Re: refresh timeouts
Dont worry, be happy. Here is one day in the live of my late Bind 9:
named_axfr_in("Dec-21","01:35:33","192.33.4.12","arpa'").
named_axfr_in("Dec-21","12:06:20","192.33.4.12","in-addr.arpa'").
named_timeout("Dec-21","13:47:42","zone","timed").
named_timeout("Dec-21","13:48:27","zone","timed").
named_complained("refresh_callback: zone ffii.org/IN: 212.72.72.97#53:
retries exceeded","Dec-21","13:48:27").
named_timeout("Dec-21","14:39:19","zone","timed").
named_timeout("Dec-21","14:40:04","zone","timed").
named_complained("refresh_callback: zone ffii.org/IN: 212.72.72.97#53:
retries exceeded","Dec-21","14:40:04").
named_timeout("Dec-21","15:05:15","zone","timed").
named_timeout("Dec-21","15:05:30","zone","timed").
named_timeout("Dec-21","15:28:25","zone","timed").
named_complained("refresh_callback: zone ffii.org/IN: 212.72.72.97#53:
retries exceeded","Dec-21","15:29:10").
named_timeout("Dec-21","16:22:39","zone","timed").
named_timeout("Dec-21","16:23:24","zone","timed").
named_complained("refresh_callback: zone ffii.org/IN: 212.72.72.97#53:
retries exceeded","Dec-21","16:23:24").
named_timeout("Dec-21","17:17:24","zone","timed").
named_complained("refresh_callback: zone ffii.org/IN: 212.72.72.97#53:
retries exceeded","Dec-21","17:18:09").
named_axfr_in("Dec-21","18:06:50","212.72.72.97","ffii.org'").
named_axfr_in("Dec-21","20:51:42","192.33.4.12","arpa'").
named_axfr_in("Dec-21","21:34:56","212.72.72.97","ffii.org'").
named_axfr_in("Dec-21","23:24:21","212.72.72.97","ffii.org'").
named_axfr_in("Dec-21","23:53:31","192.33.4.12","in-addr.arpa'").
I used to run Bind 9 on a handful of machines. Some of them still
run Bind 9 others run dnscache (djbdns resolver) or tinydns (djbdns
server)
now.
The problem seems to be Bind 9 and older Binds too need to refresh memory
sometimes or they need to update their data from the master. IF you
happen to hit the refresh Bind is deaf. It wont answer.
I quess that special day other problems might have happened just as well.
It should not be anything to worry about as long as you get an update.
Nevertheless it is anoying.
Changeing to djbdns solved it on some machines especially on slow machines
and on long zone files. If it is a networkproblem then changeing does not
make sense.
Regards
Peter
CFlath at border-states.com wrote:
> Hello all,
> I hope everyone is well. I have been out of the BIND scene for a few
> years and have just recently got back into it, and so this is my first
> real experience with 9. Things have gone fairly smoothly.. except for
the
> refresh timeouts I have been getting. I have looked through the
archives
> and google searched for days and I just cannot find an answer to this
> problem.
> I continue to receive the following refresh error for all my zones:
> Apr 10 22:05:12.629 general: info: zone foo.bar.com/IN: refresh: failure
> trying master v.v.v.v#53: timed out
>
> Initial zone transfers have no issues at all.
> If I do an rndc refresh foo.bar.com it works just fine as well.
> I added serial-query-rate 5; to my options, but it did not seem to have
an
> effect.
> dig +norec foo.bar.com soa @ v.v.v.v works just fine.
>
> I had another admin take a look at things and he could not find the
issue
> either.. I am sure its probably something I am doing wrong with bind 9,
> but I sure
> can't find what.. any help would be greatly appreciated... I included my
> named.confs and a zone example below.
>
>
> MASTER named.conf:
> options {
> directory "/var/named";
> forwarders { x.x.x.x; y.y.y.y; };
> version "1.0 - really!";
> allow-transfer { z.z.z.z; };
> allow-recursion {any; };
> forward only;
> # listen-on port 53 { 127.0.0.1; };
> # listen-on-v6 { any; };
> query-source address * port 53;
> transfer-source * port 53;
> notify-source * port 53;
> # allow-query { 127.0.0.1; };
> notify yes;
> };
> ######################################################
> logging {
> channel debug {
> file "/tmp/bindlog.log" versions 2 size 50m;
> severity dynamic;
> print-time yes;
> print-category yes;
> print-severity yes;
> };
> category "default" { "debug"; };
> category "general" { "debug"; };
> category "database" { "debug"; };
> category "security" { "debug"; };
> category "config" { "debug"; };
> category "resolver" { "debug"; };
> category "xfer-in" { "debug"; };
> category "xfer-out" { "debug"; };
> category "notify" { "debug"; };
> category "client" { "debug"; };
> category "unmatched" { "debug"; };
> category "network" { "debug"; };
> category "update" { "debug"; };
> # category "queries" { "debug"; };
> category "dispatch" { "debug"; };
> category "dnssec" { "debug"; };
> category "lame-servers" { "debug"; };
> };
> ######################################################
> zone "localhost" in {
> type master;
> file "localhost.zone";
> };
>
> zone "0.0.127.in-addr.arpa" in {
> type master;
> file "127.0.0.zone";
> };
>
> zone "." in {
> type hint;
> file "root.hint";
> };
>
> # You can insert further zone records for your own domains below.
>
> controls {
> inet 127.0.0.1 allow {127.0.0.1; v.v.v.v; } keys {rndc_key;};
> };
>
> key "rndc_key" {
> algorithm hmac-md5;
> secret "FredFlintstone";
> };
> zone "foo.bar.com" in {
> type master;
> file "foo.bar.com.zone";
> allow-transfer {
> z.z.z.z;
> };
> };
>
>
> SLAVE named.conf:
> options {
>
> directory "/var/named";
> forwarders { x.x.x.x; y.y.y.y; };
> allow-recursion { any; };
> forward only;
> # listen-on port 53 { 127.0.0.1; };
> # listen-on-v6 { any; };
> query-source address * port 53;
> transfer-source * port 53;
> notify-source * port 53;
> #allow-query { 127.0.0.1; };
> notify no;
> };
> #############################################################
> logging {
> category "default" { "debug"; };
> category "general" { "debug"; };
> category "database" { "debug"; };
> category "security" { "debug"; };
> category "config" { "debug"; };
> category "resolver" { "debug"; };
> category "xfer-in" { "debug"; };
> category "xfer-out" { "debug"; };
> category "notify" { "debug"; };
> category "client" { "debug"; };
> category "unmatched" { "debug"; };
> category "network" { "debug"; };
> category "update" { "debug"; };
> # category "queries" { "debug"; };
> category "dispatch" { "debug"; };
> category "dnssec" { "debug"; };
> category "lame-servers" { "debug"; };
> channel "debug" {
> file "/tmp/bindlog.log" versions 2 size 50m;
> print-time yes;
> print-category yes;
> print-severity yes;
> };
> };
> #########################################################
> zone "localhost" in {
> type master;
> file "localhost.zone";
> };
>
>
> zone "0.0.127.in-addr.arpa" in {
> type master;
> file "127.0.0.zone";
> };
>
> zone "." in {
> type hint;
> file "root.hint";
> };
>
> #You can insert further zone records for your own domains below.
> key "rndc-key" {
> algorithm hmac-md5;
> secret "FredFlintstone";
> };
>
> controls {
> inet 127.0.0.1 port 953
> allow { 127.0.0.1; v.v.v.v; z.z.z.z;} keys { "rndc-k
> ey"; };
> };
>
> zone "foo.bar.com" in {
> type slave;
> file "foo.bar.com.zone";
> masters { v.v.v.v; };
> };
>
> ZONE FILE:
>
> $TTL 3600 ; 1 hour
> @ IN SOA ns3.foo.bar.com.
admin.border-stat
> es.com. (
> 2006031000 ; serial
> 900 ; refresh (15 minutes)
> 600 ; retry (10 minutes)
> 86400 ; expire (1 day)
> 3600 ; minimum (1 hour)
> )
> NS ns3.foo.bar.com.
> NS ns4.border-states.com.
>
> www A q.q.q.q
>
>
> Corey Flath
> Server Administrator
> Border States Electric
>
>
>
--
Peter and Karin Dambier
The Public-Root Consortium
Graeffstrasse 14
D-64646 Heppenheim
+49(6252)671-788 (Telekom)
+49(179)108-3978 (O2 Genion)
+49(6252)750-308 (VoIP: sipgate.de)
mail: peter at echnaton.serveftp.com
mail: peter at peter-dambier.de
http://iason.site.voila.fr/
https://sourceforge.net/projects/iason/
More information about the bind-users
mailing list