Troubleshooting scripted named startup

Philip Prindeville philipp_subx at redfish-solutions.com
Wed Dec 28 08:44:31 UTC 2022 

That must have been it.  I spun a new package and installed in on my firewall, rebooted, and I'm not seeing the issue.


> On Dec 28, 2022, at 12:24 AM, Ondřej Surý <ondrej at isc.org> wrote:
> 
> Hi,
> 
> running latest upstream version first might save you some time, it’s this:
> 
> https://gitlab.isc.org/isc-projects/bind9/-/issues/2895
> 
> 
> Ondrej
> --
> Ondřej Surý — ISC (He/Him)
> 
> My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.
> 
>> On 28. 12. 2022, at 1:51, Philip Prindeville <philipp_subx at redfish-solutions.com> wrote:
>> 
>> Hi,
>> 
>> I notice that went Bind 9.18.7 comes up on OpenWRT, and I'm running it as a local resolver, resolution initially doesn't work and I get a lot of noise in /var/log/messages like:
>> 
>> Dec 27 17:27:12 OpenWrt named[13171]: validating org/DS: no valid signature found
>> Dec 27 17:27:12 OpenWrt named[13171]: no valid RRSIG resolving 'org/DS/IN': 193.0.14.129#53
>> Dec 27 17:27:12 OpenWrt named[13171]: validating org/DS: no valid signature found
>> Dec 27 17:27:12 OpenWrt named[13171]: no valid RRSIG resolving 'org/DS/IN': 198.97.190.53#53
>> Dec 27 17:27:12 OpenWrt named[13171]: validating org/DS: no valid signature found
>> Dec 27 17:27:12 OpenWrt named[13171]: no valid RRSIG resolving 'org/DS/IN': 202.12.27.33#53
>> Dec 27 17:27:12 OpenWrt named[13171]: broken trust chain resolving '_.linksys.pool.ntp.org/A/IN': 185.209.85.151#53
>> Dec 27 17:27:12 OpenWrt named[13171]: validating 0.linksys.pool.ntp.org/A: bad cache hit (org/DS)
>> Dec 27 17:27:12 OpenWrt named[13171]: broken trust chain resolving '0.linksys.pool.ntp.org/A/IN': 45.127.112.23#53
>> Dec 27 17:27:13 OpenWrt named[13171]: validating tabletcaptiveportal.com/A: bad cache hit (com/DS)
>> Dec 27 17:27:13 OpenWrt named[13171]: broken trust chain resolving 'tabletcaptiveportal.com/A/IN': 205.251.195.137#53
>> Dec 27 17:27:13 OpenWrt named[13171]:   validating syringanetworks.net/SOA: bad cache hit (net/DS)
>> Dec 27 17:27:13 OpenWrt named[13171]: broken trust chain resolving '_.voip.syringanetworks.net/A/IN': 66.232.66.3#53
>> Dec 27 17:27:13 OpenWrt named[13171]:   validating syringanetworks.net/SOA: bad cache hit (net/DS)
>> Dec 27 17:27:13 OpenWrt named[13171]: broken trust chain resolving '_._udp.voip.syringanetworks.net/A/IN': 66.232.66.3#53
>> Dec 27 17:27:13 OpenWrt named[13171]:   validating syringanetworks.net/SOA: bad cache hit (net/DS)
>> Dec 27 17:27:13 OpenWrt named[13171]: broken trust chain resolving '_sip._udp.voip.syringanetworks.net/SRV/IN': 66.232.66.3#53
>> 
>> Until I run a script that contains:
>> 
>> #!/bin/sh
>> 
>> rm -f /tmp/managed-keys.bind* /tmp/*.jnl
>> 
>> rndc managed-keys refresh
>> rndc managed-keys sync
>> 
>> /etc/init.d/named restart
>> 
>> And the "restart" command basically kills the old instance of the server, then restarts it.  Then the errors go away and everything works.
>> 
>> What does this point to as being wrong in the startup scripts so I can fix it?
>> 
>> Thanks,
>> 
>> -Philip
>> 
>> 
>> 
>> 
>> -- 
>> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>> 
>> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
>> 
>> 
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users

More information about the bind-users mailing list