RRL active by default?
Lawrence K. Chen, P.Eng.
lkchen at ksu.edu
Wed May 7 23:42:21 UTC 2014
Can't seem to figure out how to work something like that into my configuration.
It doesn't like that I have "allow-recursion { k-state; };" set in
options....then something about "when using 'view' statements, all zones must
be in views.
So, I uncommented the view "ksu" { lines in my config (there used to be a
separate view for a "JOIN K-STATE" SSID, which basically sent you to a special
website regardless of what you wanted to connect to.....it was scrapped,
because users using computers running an OS that starts with W....would still
be stuck going to the site when they switched to normal wireless. (even
though the TTL for the zone was only 5 seconds...)
And, then it finally crashed complain that there was no root hints for the
view "_ksu_bind", and making class IN view "_ksu_bind" with all the same
zones, including the hint zone....it still complained that there was no root
hints for view "_ksu_bind" and crashed.
> daemon.notice] starting BIND 9.9.4-P2 -c /var/chroot/named/etc/named/named.conf -4
> daemon.notice] built with '--prefix=/usr/local' '--sysconfdir=/etc/named'
> '--localstatedir=/var' '--with-openssl' '--enable-threads' '--enable-largefile'
> '--with-libtool' '--enable-ipv6' '--enable-newstats' '--enable-filter-aaaa'
> '--enable-rrl' 'CFLAGS=-m64 -O2' 'LDFLAGS=-Wl,-R/usr/local/ssl/lib/64
> -L/usr/local/ssl/lib/64 -Wl,-R/usr/local/lib/amd64 -L/usr/local/lib/amd64
> -Wl,-R/usr/local/lib -L/usr/local/lib'
> daemon.notice] ----------------------------------------------------
> daemon.notice] BIND 9 is maintained by Internet Systems Consortium,
> daemon.notice] Inc. (ISC), a non-profit 501(c)(3) public-benefit
> daemon.notice] corporation. Support and training for BIND 9 are
> daemon.notice] available at https://www.isc.org/support
> daemon.notice] ----------------------------------------------------
> daemon.warning] no root hints for view '_ksu_bind'
> daemon.notice] command channel listening on 127.0.0.1#953
> daemon.crit] db.c:795: REQUIRE(rdataset->rdclass == db->rdclass) failed, back trace
> daemon.crit] #0 4307e3 in ??
> daemon.crit] #1 fffffd7ffeef92ca in ??
> daemon.crit] #2 fffffd7fff1d8467 in ??
> daemon.crit] #3 fffffd7fff1dafc6 in ??
> daemon.crit] #4 fffffd7fff1ef91e in ??
> daemon.crit] #5 fffffd7fff2f1f39 in ??
> daemon.crit] #6 fffffd7fff2f4b29 in ??
> daemon.crit] #7 45a851 in ??
> daemon.crit] #8 45bc3e in ??
> daemon.crit] #9 fffffd7ffef1a49f in ??
> daemon.crit] #10 fffffd7ffeacbfbb in ??
> daemon.crit] exiting (due to assertion failure)
On 05/02/14 23:34, Jeremy C. Reed wrote:
>
>> On 05/02/14 09:23, Jeremy C. Reed wrote:
>>> Only for the built-in Chaos "_bind" view (for id.server, authors.bind,
>>> hostname.bind, and version.bind).
>
> On Fri, 2 May 2014, Lawrence K. Chen, P.Eng. wrote:
>> Awww...I found messages about version.bind.
>
> My workaround I use is like:
>
> # for builtin tests do not rate-limit
> # redefine chaos builtin zones
> # can't redefine builtin view '_bind'
> view "_dnsbench_bind" chaos {
> recursion no;
> notify no;
> allow-new-zones no;
>
> rate-limit {
> responses-per-second 0;
> };
> zone "version.bind" chaos {
> type master;
> database "_builtin version";
> };
>
> zone "hostname.bind" chaos {
> type master;
> database "_builtin hostname";
> };
>
> zone "authors.bind" chaos {
> type master;
> database "_builtin authors";
> };
>
> zone "id.server" chaos {
> type master;
> database "_builtin id";
> };
>
> };
>
> Or edit bin/named/config.c (you will quickly find the configuration) and
> make and install.
>
--
Who: Lawrence K. Chen, P.Eng. - W0LKC - Sr. Unix Systems Administrator
For: Enterprise Server Technologies (EST) -- & SafeZone Ally
More information about the bind-users
mailing list