Is 9.5 broken
Bart Van den Broeck
Bart.VandenBroeck at icts.kuleuven.be
Fri Sep 26 12:00:08 UTC 2008
Rune Rune wrote:
> Hi, I have compiled and used 9.5 on several Linuxplatforms but we have to restart the bind-process every day since it stop ansver for some domains after some time.
> The DNS is recursive and the domain it stop answer for is always .se domains. Is there any DNSSEC issue in 9.5 that is broken maybe? The zones it dont answer for isn't signed by .SE but? When the server stop answer correct it look up other zones correct and after a restart it works ok again.
>
> Regards, Rune
Short answer: yes, probably.
We have experienced the same issue, also with .se domains. It seems to be
related to a cache management issue and JINMEI Tatuya of ISC agrees (cf. his
reply on my post "Re: Frequent SERVFAIL: "nameservers now above QDOMAIN" (BIND
9.5.0-P2)" <http://marc.info/?l=bind-users&m=122239920822324&w=2>).
Restarting the DNS server solves the problem because it also flushes the cache
(as a side-effect).
Until the problematic code is fixed in BIND 9.5 we've downgraded to 9.4. It
hasn't been running long enough to be completely sure the problem has gone away
though, but we're hopeful :-)
Kind regards
Bart Van den Broeck
-- K.U.Leuven - ICTS - ICT Infrastructuur - Netwerken (aka KULeuvenNet)-
Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm
More information about the bind-users
mailing list