Bind 9.3.4-P1 Crashing?
David Nolan
vitroth+ at cmu.edu
Tue Oct 16 16:53:07 UTC 2007
--On October 16, 2007 6:43:58 AM +0200 Tony Earnshaw <tonni at hetnet.nl>
wrote:
>
> Looks like this could be Debian etch; FWIW Bind 9.4.1-P1 running on
> Fedora FC6 and RHEL5 x86_32 and 64, built from Adam Tkac's srpm, has
> been running stably with extended uptimes.
>
> Your problem could, perhaps, better be directed to your OS vendor.
Nope, this isn't Debian, its a locally built image. Our systems team
builds the OS image, I built Bind myself.
We've been using the same kernel for months prior to the 9.3.4-P1 upgrade
(7/24 when the vulnerability announcement happened). FWIW, these servers
are processing 2-400 queries per second typically, and we've only seen this
crash three times since the upgrade.
Simultaneous crashes on 2 machines providing the same virtual IP, on three
separate occasions, really makes me suspicious of a new packet-of-death
exploit, but unless it happens again and I get packet traces we can't prove
that.
Thanks for the thought though, its definitely on my possibilities list.
-David Nolan
Network Software Designer
Computing Services
Carnegie Mellon University
More information about the bind-users
mailing list