bind 9.10.3-P4 listener exits unceremoniously - bug?

[Mark Boolootian]

We're in the process of standing up new anycast
name  servers.  They are running BIND 9.10.3-P4
on FreeBSD 10.2-RELEASE-p9.

We've only got one in service so far, but we've
run into a very difficult issue.  We are episodically
seeing the BIND port 53 listener that is bound to the
loopback (anycast) address exit.  Sometimes both
TCP and UDP listeners quit, in other instances just
the TCP listener quits.  Note that this is a recursive
server.

Here's an example of what I find in the BIND logs:

29-Apr-2016 12:38:06.849 network: no longer listening on 192.168.1.1#53
29-Apr-2016 12:38:06.861 network: listening on IPv4 interface lo1,
192.168.1.1#53
29-Apr-2016 12:38:06.863 network: binding TCP socket: permission denied

lo1 is the anycast address for this box.  BIND is still happily
listening for TCP:53 on the interface address.  The permission
denied complaint is because BIND is running chroot.  We could
fix that, but it won't do anything to help explain why BIND stops
listening on the loopback interface.

No sign of trouble in the system logs.  No evidence that there is
an issue with the loopback interface disappearing.

I've got lots of logging enabled in BIND, and the best I
can tell is that it appears the unbind might be happening
around the time when a zone transfer from the RPZ master
occurs, but there is nothing helpful in the logs beyond the
above announcement of 'no longer listening' (that message doesn't
get written into the debug log file, so it is hard to correlate
time between debug messages and the unbind).  No obvious
evidence of malfeasance is present.

We've seen this happen three times over the past seven days.
Twice it was just the TCP listener that dropped, once it was
both TCP and UDP.

Any thoughts on what rocks to turn over to find some clue
on what might be causing this would be greatly appreciated.
I can't tell if this has the smell of a bug or not at this point.

thank you,
mark
---
Mark Boolootian
UC Santa Cruz