named daemon hangs
Nelson Vale
nelsonduvall at gmail.com
Sat May 2 20:48:37 UTC 2009
On Sat, May 2, 2009 at 9:39 PM, Jonathan Petersson <jpetersson at garnser.se>wrote:
> Could you please provide a copy of your config, I'm guessing that you
> have a general forwarder in place or haven't turned on recursion.
The options and the forward zone are as follows:
acl internal {
127.0.0.1/8;
192.168.9.0/24;
}
options {
directory "/etc/namedb";
pid-file "/var/run/named.pid";
statistics-file "/var/run/named.stats";
forwarders {
x.x.x.x; (ISP DNS server)
x.x.x.x; (ISP DNS server)
};
forward first;
max-transfer-time-in 120;
max-transfer-time-out 120;
transfer-format many-answers;
};
zone "mylan.loc" {
type forward;
forwarders {
192.168.90.254;
};
};
zone "anothernet.no-ip.org" {
type master;
file "anothernet.no-ip.org";
allow-query {
internal;
};
allow-transfer {
none;
};
allow-update {
none;
};
};
zone "9.168.192.IN-ADDR.ARPA" {
type master;
file "another.no-ip.org.rev";
allow-query {
internal;
};
allow-transfer {
none;
};
allow-update {
none;
};
};
..."
>
>
> /Jonathan
>
> On Sat, May 2, 2009 at 8:06 AM, Nelson Vale <nelsonduvall at gmail.com>
> wrote:
> > Hi all,
> >
> >
> > I've been facing a problem in my private network which I was not able to
> fix
> > yet.
> >
> > In my gateway (linux debian alike) I have bind 9.5 installed and running,
> > and I have one IPSec tunnel to another gateway over the internet. It also
> > has configured a forward zone with the name server being the other
> gateway
> > internal address (accessibly through the IPSec tunnel only).
> >
> > Recently the other IPSec endpoint was shutdown and, of course, my queries
> to
> > the forward domain started failling. Nothing strange here...
> >
> > The real problem is that I suddendly were not able to resolve any other
> DNS
> > queries, like www.google.com, from inside my network:
> >
> > "host www.google.com
> > ;; connection timed out; no servers could be reached"
> >
> > I took a look at the named daemon and I see that it does not respond to
> > anything as long as the IPSec tunnel is down, but only if it's the other
> > endpoint that is down. I've tried stopping my endpoint and this problem
> do
> > not occur as long as I restart named. I think this happens because as
> long
> > as my endpoint is up the routes to the other endpoint are set, and named
> > trys to querie the forward domain name server. The problem is that the
> > queries do not timeout and named hangs there:
> >
> > The configuration I have is:
> >
> > Bind: BIND 9.5.0-P2
> > IP Address (private): 192.168.9.254
> > Forwarders: ADSL provider (2 forwarders)
> > Forward Zone: mylan.loc
> > Name Server:192.168.90.254
> >
> >
> > After it starts if I try to querie one of the forward zone record
> > (box.mylan.loc) it displays:
> >
> > "...
> > 02-May-2009 14:22:21.843 socket 0xb7bd5548: dispatch_recv: event
> 0xb7be3d28
> > -> task 0xb7b74d18
> > 02-May-2009 14:22:21.844 socket 0xb7bd5548: internal_recv: task
> 0xb7b74d18
> > got event 0xb7bd559c
> > 02-May-2009 14:22:21.844 socket 0xb7bd5548 192.168.9.2#47869: packet
> > received correctly
> > 02-May-2009 14:22:21.844 socket 0xb7bd5548: processing cmsg 0xb7bb2120
> > 02-May-2009 14:22:21.844 client 192.168.9.2#47869: UDP request
> > 02-May-2009 14:22:21.844 client 192.168.9.2#47869: using view '_default'
> > 02-May-2009 14:22:21.845 client 192.168.9.2#47869: request is not signed
> > 02-May-2009 14:22:21.845 client 192.168.9.2#47869: recursion available
> > 02-May-2009 14:22:21.845 client 192.168.9.2#47869: query
> > 02-May-2009 14:22:21.845 client 192.168.9.2#47869: ns_client_attach: ref
> = 1
> > 02-May-2009 14:22:21.845 client 192.168.9.2#47869: query (cache)
> > 'box.mylan.loc/A/IN' approved
> > 02-May-2009 14:22:21.845 client 192.168.9.2#47869: replace
> > 02-May-2009 14:22:21.845 clientmgr @0xb7baa608: createclients
> > 02-May-2009 14:22:21.846 clientmgr @0xb7baa608: recycle
> > 02-May-2009 14:22:21.846 createfetch: box.mylan.loc A
> > 02-May-2009 14:22:21.846 fctx 0xb7bae408(box.mylan.loc/A'): create
> > 02-May-2009 14:22:21.846 fctx 0xb7bae408(box.mylan.loc/A'): join
> > 02-May-2009 14:22:21.846 fetch 0xb7bb4148 (fctx
> > 0xb7bae408(box.mylan.loc/A)): created
> > 02-May-2009 14:22:21.846 client @0xb7bda008: udprecv
> > 02-May-2009 14:22:21.846 socket 0xb7bd5548: socket_recv: event 0xb7bd4b48
> ->
> > task 0xb7bb1690
> > 02-May-2009 14:22:21.847 fctx 0xb7bae408(box.mylan.loc/A'): start
> > 02-May-2009 14:22:21.847 fctx 0xb7bae408(box.mylan.loc/A'): try
> > 02-May-2009 14:22:21.847 fctx 0xb7bae408(box.mylan.loc/A'): cancelqueries
> > 02-May-2009 14:22:21.847 fctx 0xb7bae408(box.mylan.loc/A'): getaddresses
> > 02-May-2009 14:22:21.847 findaddrinfo: new entry 0xb7aec4a0
> > 02-May-2009 14:22:21.847 fctx 0xb7bae408(box.mylan.loc/A'): query
> > 02-May-2009 14:22:21.848 socket 0xb7b79938: created
> > 02-May-2009 14:22:21.848 socket 0xb7b79938 0.0.0.0#43841: bound
> > 02-May-2009 14:22:21.848 dispatchmgr 0xb7bbb168: created UDP dispatcher
> > 0xb7b6d378
> > 02-May-2009 14:22:21.848 dispatch 0xb7b6d378: created task 0xb7b74d70
> > 02-May-2009 14:22:21.848 dispatch 0xb7b6d378: created socket 0xb7b79938
> > 02-May-2009 14:22:21.848 resquery 0xb7b80008 (fctx
> > 0xb7bae408(box.mylan.loc/A)): send
> > 02-May-2009 14:22:21.849 dispatch 0xb7b6d378 response 0xb7ba7848
> > 192.168.90.254#53: attached to task 0xb7b6f2c8
> > 02-May-2009 14:22:21.849 socket 0xb7b79938: socket_recv: event 0xb7b81698
> ->
> > task 0xb7b74d70
> >
> >
> > and it hangs here forever. Even if I restart the named server it does not
> > respond to any of my queries. If I stop the named server with Ctrl + C it
> > displays:
> >
> > "...
> > ^C02-May-2009 14:23:46.773 socket.c:1226: unexpected error:
> > 02-May-2009 14:23:46.773 internal_send: 192.168.90.254#53: Interrupted
> > system call should be restarted
> > 02-May-2009 14:23:46.774 errno2result.c:111: unexpected error:
> > 02-May-2009 14:23:46.774 unable to convert errno to isc_result: 85:
> > Interrupted system call should be restarted
> > 02-May-2009 14:23:46.774 resquery 0xb7b80008 (fctx
> > 0xb7bae408(box.mylan.loc/A)): sent
> > 02-May-2009 14:23:46.774 resquery 0xb7b80008 (fctx
> > 0xb7bae408(box.mylan.loct/A)): senddone
> > 02-May-2009 14:23:46.774 fctx 0xb7bae408(ebox.voiplan.pt/A'<http://ebox.voiplan.pt/A%27>):
> cancelquery
> > 02-May-2009 14:23:46.774 dispatch 0xb7b6d378 response 0xb7ba7848
> > 192.168.90.254#53: detaching from task 0xb7b6f2c8
> > 02-May-2009 14:23:46.774 dispatch 0xb7b6d378: detach: refcount 0
> > 02-May-2009 14:23:46.774 dispatch 0xb7b6d378: got packet: requests 0,
> > buffers 1, recvs 1
> > 02-May-2009 14:23:46.775 dispatch 0xb7b6d378: shutting down; detaching
> from
> > sock 0xb7b79938, task 0xb7b74d70
> > 02-May-2009 14:23:46.775 socket 0xb7b79938: destroying
> > 02-May-2009 14:23:46.775 dispatchmgr 0xb7bbb168: destroy_mgr_ok:
> > shuttingdown=0, listnonempty=1, epool=10, rpool=0, dpool=10
> > 02-May-2009 14:23:46.775 shutting down
> > 02-May-2009 14:23:46.775 stopping command channel on 127.0.0.1#953
> > 02-May-2009 14:23:46.776 res 0xb7bbe200: shutdown
> > 02-May-2009 14:23:46.776 res 0xb7bbe200: exiting
> > 02-May-2009 14:23:46.776 dns_requestmgr_shutdown: 0xb7b75008
> > 02-May-2009 14:23:46.776 send_shutdown_events: 0xb7b75008
> > 02-May-2009 14:23:46.777 no longer listening on 127.0.0.1#53
> > 02-May-2009 14:23:46.777 clientmgr @0xb7baa3f8: destroy
> > 02-May-2009 14:23:46.777 no longer listening on 192.167.200.254#53
> > 02-May-2009 14:23:46.777 clientmgr @0xb7baa548: destroy
> > ..."
> >
> >
> > If anybody could give me a hand on this I surelly would appreciate it.
> >
> >
> > Nelson Vale
> >
> > _______________________________________________
> > bind-users mailing list
> > bind-users at lists.isc.org
> > https://lists.isc.org/mailman/listinfo/bind-users
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20090502/46aa5546/attachment.html>
More information about the bind-users
mailing list