Troubleshooting scripted named startup
Philip Prindeville
philipp_subx at redfish-solutions.com
Wed Dec 28 00:50:54 UTC 2022
Hi,
I notice that went Bind 9.18.7 comes up on OpenWRT, and I'm running it as a local resolver, resolution initially doesn't work and I get a lot of noise in /var/log/messages like:
Dec 27 17:27:12 OpenWrt named[13171]: validating org/DS: no valid signature found
Dec 27 17:27:12 OpenWrt named[13171]: no valid RRSIG resolving 'org/DS/IN': 193.0.14.129#53
Dec 27 17:27:12 OpenWrt named[13171]: validating org/DS: no valid signature found
Dec 27 17:27:12 OpenWrt named[13171]: no valid RRSIG resolving 'org/DS/IN': 198.97.190.53#53
Dec 27 17:27:12 OpenWrt named[13171]: validating org/DS: no valid signature found
Dec 27 17:27:12 OpenWrt named[13171]: no valid RRSIG resolving 'org/DS/IN': 202.12.27.33#53
Dec 27 17:27:12 OpenWrt named[13171]: broken trust chain resolving '_.linksys.pool.ntp.org/A/IN': 185.209.85.151#53
Dec 27 17:27:12 OpenWrt named[13171]: validating 0.linksys.pool.ntp.org/A: bad cache hit (org/DS)
Dec 27 17:27:12 OpenWrt named[13171]: broken trust chain resolving '0.linksys.pool.ntp.org/A/IN': 45.127.112.23#53
Dec 27 17:27:13 OpenWrt named[13171]: validating tabletcaptiveportal.com/A: bad cache hit (com/DS)
Dec 27 17:27:13 OpenWrt named[13171]: broken trust chain resolving 'tabletcaptiveportal.com/A/IN': 205.251.195.137#53
Dec 27 17:27:13 OpenWrt named[13171]: validating syringanetworks.net/SOA: bad cache hit (net/DS)
Dec 27 17:27:13 OpenWrt named[13171]: broken trust chain resolving '_.voip.syringanetworks.net/A/IN': 66.232.66.3#53
Dec 27 17:27:13 OpenWrt named[13171]: validating syringanetworks.net/SOA: bad cache hit (net/DS)
Dec 27 17:27:13 OpenWrt named[13171]: broken trust chain resolving '_._udp.voip.syringanetworks.net/A/IN': 66.232.66.3#53
Dec 27 17:27:13 OpenWrt named[13171]: validating syringanetworks.net/SOA: bad cache hit (net/DS)
Dec 27 17:27:13 OpenWrt named[13171]: broken trust chain resolving '_sip._udp.voip.syringanetworks.net/SRV/IN': 66.232.66.3#53
Until I run a script that contains:
#!/bin/sh
rm -f /tmp/managed-keys.bind* /tmp/*.jnl
rndc managed-keys refresh
rndc managed-keys sync
/etc/init.d/named restart
And the "restart" command basically kills the old instance of the server, then restarts it. Then the errors go away and everything works.
What does this point to as being wrong in the startup scripts so I can fix it?
Thanks,
-Philip
More information about the bind-users
mailing list