Recent upgrade

Andrew Baker a.baker at salaminternational.com
Wed Feb 23 05:30:59 UTC 2022 

Ok, so it’s not the OS upgrade causing this as I’m now seeing it on both my slaves. I was only seeing it on ns2 yesterday afternoon when I posted this but it’s now on ns3 this morning as well. The master ns1 is not showing this issue in the logs!

I will compare the config between the master and the slaves to see if I can see what’s different between them apart from the obvious!

Andy Baker

IT Technical Lead | SIIL Corporate IT
Tel: +974-44838733, Direct: +974-44485711| Fax: +974-44838732
Salam International Investments Ltd.
Maysaloun Street - West Bay | Salam Plaza Tower, 3rd Floor | PO Box: 15224, Doha – Qatar
E-mail: a.baker at salaminternational.com| Website: www.salaminternational.com<http://www.salaminternational.com/>

From: Felipe Agnelli Barbosa <no.molas at gmail.com>
Sent: Tuesday, February 22, 2022 8:46 PM
To: Andrew Baker <a.baker at salaminternational.com>
Cc: bind-users at lists.isc.org
Subject: Re: Recent upgrade

Could you confirm that you didn't have any connectivity problems before and now?

[]s

Em ter., 22 de fev. de 2022 às 10:08, Andrew Baker via bind-users <bind-users at lists.isc.org<mailto:bind-users at lists.isc.org>> escreveu:
I’ve just upgraded the first of my redundant slave DNS servers from Debian 10.11 (bind 9.11) to Debian 11.2 (bind 9.16). Upgrade seemed to go smoothly but I’m now seeing the below in the bind logs

22-Feb-2022 14:54:59.745 lame-servers: info: timed out resolving 'ns4.he.net/AAAA/IN<http://ns4.he.net/AAAA/IN>': 1.1.1.1#53
22-Feb-2022 14:54:59.745 lame-servers: info: network unreachable resolving 'ns4.he.net/AAAA/IN<http://ns4.he.net/AAAA/IN>': 2001:500:200::b#53
22-Feb-2022 14:54:59.745 lame-servers: info: network unreachable resolving 'ns4.he.net/AAAA/IN<http://ns4.he.net/AAAA/IN>': 2001:500:9f::42#53
22-Feb-2022 14:54:59.745 lame-servers: info: network unreachable resolving 'ns4.he.net/AAAA/IN<http://ns4.he.net/AAAA/IN>': 2001:500:2d::d#53
22-Feb-2022 14:55:07.155 dnssec: warning: managed-keys-zone: Unable to fetch DNSKEY set '.': timed out

If I run a nslookup against any of the time out’s in the logs, it works and delivers both the ipv4 and ipv6 address
I’ve done some reading on the issue and so far, found that I can add a couple of lines to /etc/sysctl.conf and named.conf to disable ipv6 but I’d much rather get the system to handle ipv6 properly and am looking for your advice on this.

Thanks in advance

Andy Baker


--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users at lists.isc.org<mailto:bind-users at lists.isc.org>
https://lists.isc.org/mailman/listinfo/bind-users


--
" A dúvida é o principio da sabedoria "
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20220223/4930b15c/attachment-0001.htm>

More information about the bind-users mailing list