My DNS sinkhole is failing to start

Blason R blason16 at gmail.com
Sun Nov 26 16:01:04 UTC 2017 

hmm..strange..How do I check can you please elaborate? Yes I m starting
with root.

On Sun, Nov 26, 2017 at 9:26 PM, Alberto Colosi <alcol at hotmail.com> wrote:

> When executed from crontab or systemd , you have missing user enviroment
> with UID , permission and enviroment variables
>
>
> check some file permission or path or a missing full path
>
>
> when executed from systemd/kernel , you have a different UID and no path
> or other vars (before daemon take -u named , you are root)
>
>
>
>
>
> ------------------------------
> *From:* bind-users <bind-users-bounces at lists.isc.org> on behalf of Blason
> R <blason16 at gmail.com>
> *Sent:* Sunday, November 26, 2017 4:48 PM
> *To:* John W. Blue
> *Cc:* bind-users
> *Subject:* Re: My DNS sinkhole is failing to start
>
> Strange...when I started with command line it started successfully even
> catering all my zones and sinkholing the requests as well
>
>  /usr/sbin/named -u named -d 10 -c /etc/named.conf
>
> [root at dnsdf.isnlab.in /cf/cleandns/sbin]# rndc status
> version: 9.9.4-RedHat-9.9.4-51.el7 (isnmaldef) <id:8f9657aa>
> CPUs found: 1
> worker threads: 1
> UDP listeners per interface: 1
> number of zones: 88589
> debug level: 10
> xfers running: 0
> xfers deferred: 0
> soa queries in progress: 0
> query logging is ON
> recursive clients: 0/0/1000
> tcp clients: 0/100
> server is up and running
>
>
> Look like OS bug? How can I find out exactly?
>
> On Sun, Nov 26, 2017 at 9:10 PM, John W. Blue <john.blue at rrcic.com> wrote:
>
> So basic troubleshooting 101 .. break your problem into chunks.  If you
> remove all of these sinkhole zones does BIND start?
>
> If it does start then start looking at the zones you are loading.  If it
> does not start then start looking at BIND and/or the OS.
>
> Good hunting!
>
> John
>
> Sent from Nine <http://www.9folders.com/>
> ------------------------------
> *From:* Blason R <blason16 at gmail.com>
> *Sent:* Nov 26, 2017 9:25 AM
> *To:* bind-users
> *Subject:* My DNS sinkhole is failing to start
>
> Hi Guys,
>
> I am setting sinkhole server and have almost around 123000 zones. The
> server is setup on CentOS 7.4.
>
> Everything seems to be proper and have created the zones. however when I
> am starting named.service its failing and not sure why.
>
> Can someone please help me?
> [root at dnsdf.isnlab.in /cf/cleandns/sbin]# systemctl status named.service
> ● named.service - Berkeley Internet Name Domain (DNS)
>    Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor
> preset: disabled)
>    Active: failed (Result: exit-code) since Sun 2017-11-26 20:52:29 IST;
> 13s ago
>   Process: 2135 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING"
> == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo
> "Checking of zone files is disabled"; fi (code=exited, status=1/FAILURE)
>  Main PID: 1709 (code=exited, status=0/SUCCESS)
>
> Nov 26 20:52:19 dnsdf.isnlab.in bash[2135]: zone
> 12aww7mdklwvh1sgd2kk1lwsr3.net/IN: loaded serial 2006060301
> Nov 26 20:52:19 dnsdf.isnlab.in bash[2135]: zone
> 12b0jv17vnwgdb6bmxf13yuq1e.net/IN: loaded serial 2006060301
> Nov 26 20:52:19 dnsdf.isnlab.in bash[2135]: zone
> 12b5sba8fsvv29jmm68o6rwk.org/IN: loaded serial 2006060301
> Nov 26 20:52:19 dnsdf.isnlab.in bash[2135]: zone
> 12b8ko6forrxv1oml8251kfizkh.com/IN: loaded serial 2006060301
> Nov 26 20:52:19 dnsdf.isnlab.in bash[2135]: zone
> 12bc8ds10wet991cms4qtnwlfzl.org/IN: loaded serial 2006060301
> Nov 26 20:52:19 dnsdf.isnlab.in bash[2135]: zone
> 12bdyz8slslfbr1dhi81x20kcq.net/IN: loaded serial 2006060301
> Nov 26 20:52:29 dnsdf.isnlab.in systemd[1]: named.service: control
> process exited, code=exited status=1
> Nov 26 20:52:29 dnsdf.isnlab.in systemd[1]: Failed to start Berkeley
> Internet Name Domain (DNS).
> Nov 26 20:52:29 dnsdf.isnlab.in systemd[1]: Unit named.service entered
> failed state.
> Nov 26 20:52:29 dnsdf.isnlab.in systemd[1]: named.service failed.
> ######################
>
>
> [root at dnsdf.isnlab.in /cf/cleandns/sbin]# journalctl -xe
> Nov 26 20:52:19 dnsdf.isnlab.in bash[2135]: zone
> 1298sxi1n08hmmr5agkr1vzcm2r.com/IN: loaded serial 2006060301
> Nov 26 20:52:19 dnsdf.isnlab.in bash[2135]: zone
> 129ax9r9558xk135lw6ueaewun.org/IN: loaded serial 2006060301
> Nov 26 20:52:19 dnsdf.isnlab.in bash[2135]: zone
> 129cbttfzmkz4x2ziijr14j5b.com/IN: loaded serial 2006060301
> Nov 26 20:52:19 dnsdf.isnlab.in bash[2135]: zone
> 129ei6z1bn458l1lcpsxg1x35586.net/IN: loaded serial 2006060301
> Nov 26 20:52:19 dnsdf.isnlab.in bash[2135]: zone
> 129jbef21rpai1s46moh8pe2yl.net/IN: loaded serial 2006060301
> Nov 26 20:52:19 dnsdf.isnlab.in bash[2135]: zone
> 12bdyz8slslfbr1dhi81x20kcq.net/IN: loaded serial 2006060301
> Nov 26 20:52:29 dnsdf.isnlab.in systemd[1]: named.service: control
> process exited, code=exited status=1
> Nov 26 20:52:29 dnsdf.isnlab.in systemd[1]: Failed to start Berkeley
> Internet Name Domain (DNS).
> -- Subject: Unit named.service has failed
> -- Defined-By: systemd
> -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
> --
> -- Unit named.service has failed.
> --
> -- The result is failed.
> Nov 26 20:52:29 dnsdf.isnlab.in systemd[1]: Unit named.service entered
> failed state.
> Nov 26 20:52:29 dnsdf.isnlab.in systemd[1]: named.service failed.
> Nov 26 20:52:29 dnsdf.isnlab.in polkitd[2124]: Unregistered
> Authentication Agent for unix-process:2119:1791615 (system bus name :1.54,
> object path /org/freedeskto
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20171126/937cd2c3/attachment-0001.html>

More information about the bind-users mailing list