AXFR Problems sind Upgrade to 9.16.12

Ondřej Surý ondrej at isc.org
Thu Mar 11 22:52:24 UTC 2021 

Here’s the thought - could you be hit by issue [#2505](https://gitlab.isc.org/isc-projects/bind9/-/issues/2505)?

Check you logs for errors about journal when loading the zone.

Ondrej
--
Ondřej Surý (He/Him)
ondrej at isc.org

> On 11. 3. 2021, at 23:46, Ondřej Surý <ondrej at isc.org> wrote:
> 
> Unfortunately, we don’t, the PPA doesn’t keep old binaries when replaced with
> newer once. I would not recommend running anything older than 9.16.11 as
> the TCP code earlier than that is prone to data races.
> 
> Ondrej
> --
> Ondřej Surý (He/Him)
> ondrej at isc.org
> 
>> On 11. 3. 2021, at 22:05, Klaus Darilion <klaus.darilion at nic.at> wrote:
>> 
>> I will - in the meantime: do you have older ppa packages somewhere on archive?
>> 
>> Thanks
>> Klaus
>> 
>>> -----Ursprüngliche Nachricht-----
>>> Von: Ondřej Surý <ondrej at isc.org>
>>> Gesendet: Donnerstag, 11. März 2021 21:49
>>> An: Klaus Darilion <klaus.darilion at nic.at>
>>> Cc: bind-users at lists.isc.org
>>> Betreff: Re: AXFR Problems sind Upgrade to 9.16.12
>>> 
>>> Hi Klaus,
>>> 
>>> can you please fill a proper issue in the gitlab.isc.org?  We are going to need
>>> more details and anonymizing the logs isn’t a good way to go forward. In the
>>> GitLab you can make the issue confidential and we will sanitize any user data
>>> before making it public.
>>> 
>>> Thanks,
>>> Ondrej
>>> --
>>> Ondřej Surý (He/Him)
>>> ondrej at isc.org
>>> 
>>>> On 11. 3. 2021, at 21:24, Klaus Darilion <klaus.darilion at nic.at> wrote:
>>>> 
>>>> Hello!
>>>> 
>>>> Our setup: Customer Primary --> bind-1 --> bind-2 --> public secondaries
>>> (NSD/bind)
>>>> 
>>>> Today we upgraded bind-1 and bind-2 from:
>>>> 9.16.6-3+ubuntu18.04.1+isc+3   --->   9.16.12-2+ubuntu18.04.1+isc+1
>>>> 
>>>> AXFR from customer to bind-1 still works. But since the upgrade, bind-2 can
>>> not transfer the zone from bind-1 anymore:
>>>> 
>>>> bind-1[3591]: client @0x7f6090274c78 xx.xx.xx.20#42767/key rcode0-
>>> internal (example): transfer of 'example/IN': send: operation canceled
>>>> bind2[4699]: transfer of 'example/IN' from xx.xx.xx.22#53: failed while
>>> receiving responses: end of file
>>>> bind2[4699]: transfer of 'example/IN' from xx.xx.xx.22#53: Transfer status:
>>> end of file
>>>> bind2[4699]: transfer of 'example/IN' from xx.xx.xx.22#53: Transfer
>>> completed: 25079 messages, 9787583 records, 334058940 bytes, 30.171 secs
>>> (11072186 bytes/sec) (serial 1069865757)
>>>> 
>>>> I tried "dig axfr @bind-1 ..." which also fails:
>>>> ;; communications error to xx.xx.xx.22#53: end of file
>>>> 
>>>> Same with kdig:
>>>> ;; WARNING: can't connect to 83.136.34.24 at 53(TCP)
>>>> ;; ERROR: failed to query server 83.136.34.24 at 53(TCP)
>>>> 
>>>> The AXFR fails after receiving ~ 400MB. The full zone would be ~600MB.
>>>> 
>>>> Of course also AXFR from bind-2 to our public secondaries fail to. So I
>>> suspect this is problem on the "sending" side of bind9. As it worked without
>>> problem until the upgrade I think this is a regression.
>>>> 
>>>> Are there any known issues with 9.16.12?
>>>> Do you provide old PPA packages so that we can downgrade?
>>>> 
>>>> Thanks
>>>> Klaus
>>>> 
>>>> _______________________________________________
>>>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
>>> from this list
>>>> 
>>>> ISC funds the development of this software with paid support
>>> subscriptions. Contact us at https://www.isc.org/contact/ for more
>>> information.
>>>> 
>>>> 
>>>> bind-users mailing list
>>>> bind-users at lists.isc.org
>>>> https://lists.isc.org/mailman/listinfo/bind-users
>> 
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20210311/00931edb/attachment.bin>

More information about the bind-users mailing list