On Feb 14, 2011, at 6:31 AM, Chris Thompson wrote: > We are running BIND 9.7.2-P3, and update our zones with nsupdate calls > that look like this: > > nsupdate -v -k keys/update-key <[input] >/dev/null 2>[errors] > > This is run from a Solaris 10_x86 non-global "zone" (container). > > On a couple of occasions it has generated the error > > dns_dispatch_getudp (v4): permission denied > > This seems to strike at random, and goes away on retrying the same > nsupdate call. What's really strange here is that nsupdate is being > told to use TCP (the -v option), so why is it messing around with UDP? > > Has anyone else seen this?
I haven't seen it specifically, but: - nsupdate might be sending a query (over UDP) to fill in missing info, such as the zone or server to update. - Your Solaris container might be the problem. I've heard of problems running named in a container, typically performance problems but this type of behavior might explain a performance issue. Regards, Chris Buxton BlueCat Networks _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
