bind 9.10.3-P4 listener exits unceremoniously - bug?

Mark Andrews marka at isc.org
Sat Apr 30 02:11:55 UTC 2016 

In message <CAMCLrkHffDnf2gPtS35NhFmn7w6XkKw=f4vw-HyYfLPQfHrzkg at mail.gmail.com>
, Mark Boolootian writes:
> We're in the process of standing up new anycast
> name  servers.  They are running BIND 9.10.3-P4
> on FreeBSD 10.2-RELEASE-p9.
> 
> We've only got one in service so far, but we've
> run into a very difficult issue.  We are episodically
> seeing the BIND port 53 listener that is bound to the
> loopback (anycast) address exit.  Sometimes both
> TCP and UDP listeners quit, in other instances just
> the TCP listener quits.  Note that this is a recursive
> server.
> 
> Here's an example of what I find in the BIND logs:
> 
> 29-Apr-2016 12:38:06.849 network: no longer listening on 192.168.1.1#53
> 29-Apr-2016 12:38:06.861 network: listening on IPv4 interface lo1,
> 192.168.1.1#53
> 29-Apr-2016 12:38:06.863 network: binding TCP socket: permission denied
> 
> lo1 is the anycast address for this box.  BIND is still happily
> listening for TCP:53 on the interface address.  The permission
> denied complaint is because BIND is running chroot.

Chroot has zero impact on this.  running with -u will but you can
configure FreeBSD to allow the user named is running as to bind to
port 53.

https://deepthought.isc.org/article/AA-00621/50/How-to-bind-to-port-53-when-using-named-u-bind-with-FreeBSD.html

> We could
> fix that, but it won't do anything to help explain why BIND stops
> listening on the loopback interface.

It's because the interface goes away.  named listens to the routing
socket and rescans the interfaces on changes.  The interface is
going away and returning.

> No sign of trouble in the system logs.  No evidence that there is
> an issue with the loopback interface disappearing.
> 
> I've got lots of logging enabled in BIND, and the best I
> can tell is that it appears the unbind might be happening
> around the time when a zone transfer from the RPZ master
> occurs, but there is nothing helpful in the logs beyond the
> above announcement of 'no longer listening' (that message doesn't
> get written into the debug log file, so it is hard to correlate
> time between debug messages and the unbind).  No obvious
> evidence of malfeasance is present.
> 
> We've seen this happen three times over the past seven days.
> Twice it was just the TCP listener that dropped, once it was
> both TCP and UDP.
> 
> Any thoughts on what rocks to turn over to find some clue
> on what might be causing this would be greatly appreciated.
> I can't tell if this has the smell of a bug or not at this point.
> 
> thank you,
> mark
> ---
> Mark Boolootian
> UC Santa Cruz
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
>  from this list
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the bind-users mailing list