Hi, I had to change of server because the previous was getting old, and I had to do it very fast because of a mis-communication of my host...
I'm on Ubuntu 12.04 server, x86_64. root@ns0:/etc/bind# aptitude show bind9 Package: bind9 New: yes State: installed Automatically installed: no Version: 1:9.8.1.dfsg.P1-4ubuntu0.3 since then I've some trouble : * I've a RNDC error on stopping the service : root@ns0:/etc/bind# service bind9 start * Starting domain name service... bind9 ...done. root@ns0:/etc/bind# service bind9 status * bind9 is running root@ns0:/etc/bind# service bind9 stop * Stopping domain name service... bind9 rndc: connect failed: 127.0.0.1#953: connection refused waiting for pid 28560 to die ...done. and it appears that nothing listen on port 953 : root@ns0:/etc/bind# netstat -a | grep 953 unix 2 [ ACC ] STREAM LISTENING 9853953 private/anvil root@ns0:/etc/bind# When I perform a zonecheck on one of my domain, I get an error saying that the server do not listen : The server do not listen or answer on the port TCP 53: (translated from french) - Réf: *IETF RFC1035 (p.32 4.2. Transport)<ftp://ftp.ietf.org/rfc/rfc1035.txt> * The DNS assumes that messages will be transmitted as datagrams or in a byte stream carried by a virtual circuit. While virtual circuits can be used for any DNS activity, datagrams are preferred for queries due to their lower overhead and better performance. while the port is open, checked from another machine : thomas@home:/home/special/www$ sudo nmap 88.190.17.222 -sS -p 53 Starting Nmap 5.21 ( http://nmap.org ) at 2012-10-04 14:55 CEST Nmap scan report for ns0.ordiworld.fr (88.190.17.222) Host is up (0.023s latency). PORT STATE SERVICE 53/tcp open domain Nmap done: 1 IP address (1 host up) scanned in 0.18 seconds thomas@home:/home/special/www$ thomas@home:/home/special/www$ thomas@home:/home/special/www$ thomas@home:/home/special/www$ telnet ns0.ordiworld.fr 53 Trying 88.190.17.222... Connected to ns0.ordiworld.fr. Escape character is '^]'. coucou Connection closed by foreign host. One time, after adding a log cagtegory, the zonecheck was performed with success, without the port 53 errors, but after a restart, the error appears again ! I've 474 domain names... Bind is running with the root account. I've increased the max open file (soft and hard limit) to 65535, (by editing /etc/security/limits.conf and running ulimit -n 65535 from root prompt and restart bind) I would appreciate any help, I'm really lost here... I've set some logging option but don't see errors in the produced files : ##########################################################"" //include "/etc/bind/zones.rfc1918"; logging { channel security_file { file "/var/log/named/security.log" versions 3 size 30m; severity dynamic; print-time yes; }; category security { security_file; }; channel query.log { file "/var/log/named/query.log"; severity debug 3; }; category queries { query.log; }; channel config.log { file "/var/log/named/config.log"; severity debug 3; }; category config { config.log; }; channel general.log { file "/var/log/named/general.log"; severity debug 3; }; category general { general.log; }; channel default.log { file "/var/log/named/default.log"; severity debug 3; }; category default { default.log; }; channel resolver.log { file "/var/log/named/resolver.log"; severity debug 3; }; category resolver { resolver.log; }; channel network.log { file "/var/log/named/network.log"; severity debug 3; }; category network { network.log; }; }; ##########################################################"" /etc/resolv.conf : # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 127.0.0.1 nameserver 88.191.254.60 nameserver 88.191.254.70 my /etc/hosts file (for the netstat error) : root@ns0:/etc/bind# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain 88.190.17.222 ns0.ordiworld.fr ns0 sd-28447.dedibox.frsd-28447 2a01:e0b:1000:17:be30:5bff:fed0:2bd ns0.ordiworld.fr ns0 sd-28447.dedibox.frsd-28447 # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters ff02::3 ip6-allhosts
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
