ISC BIND 9.3.5-P2 is now available
JINMEI Tatuya / 神明達哉
Jinmei_Tatuya at isc.org
Sun Aug 3 07:24:28 UTC 2008
At Sat, 2 Aug 2008 11:21:47 -0600,
The Doctor <doctor at doctor.nl2k.ab.ca> wrote:
>
> Bug!!
>
> I do not see this in the P1, but is plaguing the P2s:
> Aug 2 11:15:25 doctor named[14742]: starting BIND 9.3.5-P2
> Aug 2 11:15:25 doctor named[14742]: found 1 CPU, using 1 worker thread
> Aug 2 11:15:25 doctor named[14742]: loading configuration from '/etc/named.conf'
> Aug 2 11:15:25 doctor named[14742]: listening on IPv4 interface em0, 204.209.81.1#53
> Aug 2 11:15:25 doctor named[14742]: socket.c:485: unexpected error:
> Aug 2 11:15:25 doctor named[14742]: fcntl(512, F_SETFL, -1): Bad file descriptor
Try specifying a small value such as 32 for the reserved-sockets
option:
options {
reserved-sockets 32;
...
};
But, even if this seemingly solves this error, I suspect the above
error indicates that your OS has a fundamental limitation on the
number of file descriptors and will soon trigger a different type of
trouble. If you've not done this yet, I'd suggest you check the OS
capability with the tool I posted a few days ago, which is available
at http://www.jinmei.org/selecttest.tgz
One more thing: as already pointed out, if you specify a specific port
using query-source:
> Aug 2 11:15:25 doctor named[14742]: /etc/named.conf:60: using specific query-source port suppresses port randomization and can be insecure.
you effectively disable any security feature of P1 or P2 or recent
beta versions. Using these versions with a specific port doesn't
provide anything new and is meaningless.
---
JINMEI, Tatuya
Internet Systems Consortium, Inc.
More information about the bind-users
mailing list