Named process suddenly down
Hello
I have very serious trouble about BIND.
And we are in a hurry, so please help us.
Enveroment:
"BIND 9.9.3-P2 (Extended Support Version)".
Here is situation:
Named process suddenly down at 23 Dec 19:58, and the core was outputted.
In addition to this, same kind of problem had occurred in several other servers.
Therefore, I guess this problem is not coming from hardware problem which is
like memory trouble
or others. Because this incident happened on sevral servers at same time.
I put some information(/var/log/message and core and some other logs) which may
indicate the problem, below.
So, please someone who could tell us about the following three questions from
our given information.
1) The cause of downed process.
2) This is an discovered issue or undiscoverd?
3) Is there workaround corresponding to this?
And any advise is welcome.
Sincerely,
AOYAGI
messages
Dec 23 19:58:13 hogedns021 kernel: named[1844]: segfault at 0 ip
0048fbb
a sp 7f6921778840 error 4 in named[40+303000]
Dec 23 19:58:15 hogedns021 abrtd: Directory 'ccpp-2013-12-23-19:58:13-1843'
crea
tion detected
Dec 23 19:58:15 hogedns021 abrt[19323]: Saved core dump of pid 1843
(/usr/local/
sbin/named) to /var/spool/abrt/ccpp-2013-12-23-19:58:13-1843 (166387712 bytes)
Dec 23 19:58:15 hogedns021 abrtd: Executable '/usr/local/sbin/named' doesn't
bel
ong to any package
Dec 23 19:58:15 hogedns021 abrtd: 'post-create' on
'/var/spool/abrt/ccpp-2013-12
-23-19:58:13-1843' exited with 1
Dec 23 19:58:15 hogedns021 abrtd: Corrupted or bad directory
/var/spool/abrt/ccp
p-2013-12-23-19:58:13-1843, deleting
core info
[root@hogedns021 log]# named -V
BIND 9.9.3-P2 (Extended Support Version) built with
'--prefix=/usr
/local/' '--disable-openssl-version-check' '--enable-filter-'
'--enable-thre
ads' '--with-gssapi=no' 'CFLAGS=-DDIG_SIGCHASE'
using OpenSSL version: OpenSSL 1.0.0 29 Mar 2010
[root@hogedns021 log]#uname -a
Linux hogedns021 2.6.32-279.19.1.el6.x86_64 #1 SMP Sat Nov 24 14:35:28 EST 2012
x86_64 x86_64 x86_64 GNU/Linux
[root@hogedns021 log]# ls -la /var/named/chroot/var/named/core.1843
-rw--- 1 dns dns 166387712 Dec 23 19:58 2013 /var/named/chroot/var/named/co
re.1843
[root@hogedns021 log]# file /var/named/chroot/var/named/core.1843
/var/named/chroot/var/named/core.1843: ELF 64-bit LSB core file x86-64, version
1 (SYSV), SVR4-style, from '/usr/local/sbin/named -u dns -c /etc/named.conf -t
/
var/named/chroot'
gdb back trace("thread apply all bt")
[root@hogedns021 tmp]# ldd /usr/local/sbin/named
linux-vdso.so.1 => (0x7fffefdff000)
libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x003a0c80)
libdl.so.2 => /lib64/libdl.so.2 (0x003a0ac0)
libcap.so.2 => /lib64/libcap.so.2 (0x003a1140)
libpthread.so.0 => /lib64/libpthread.so.0 (0x003a0b00)
libc.so.6 => /lib64/libc.so.6 (0x003a0a80)
libz.so.1 => /lib64/libz.so.1 (0x003a0b40)
/lib64/ld-linux-x86-64.so.2 (0x003a0a40)
libattr.so.1 => /lib64/libattr.so.1 (0x003a0f00)
[root@hogedns021 sue]# ls -la
合計 170176
drwxr-xr-x 2 root root 4096 Dec 24 11:36 .
drwxrwxrwt 5 root root 4096 Dec 24 11:36 ..
-rw--- 1 dns dns 166387712 Dec 23 19:58 core.1843
-rwxr-xr-x 1 root root156872 Oct 12 2012 ld-linux-x86-64.so.2
-rwxr-xr-x 1 root root 21152 Aug 8 2011 libattr.so.1
-rwxr-xr-x 1 root root 1922112 Oct 12 2012 libc.so.6
-rwxr-xr-x 1 root root 19016 Aug 23 2011 libcap.so.2
-rwxr-xr-x 1 root root 1665328 Aug 16 2012 libcrypto.so.10
-rwxr-xr-x 1 root root 22536 Oct 12 2012 libdl.so.2
-rw-r--r-- 1 root root 65928 Dec 24 11:35 libnss_files.so.2
-rwxr-xr-x 1 root root145720 Oct 12 2012 libpthread.so.0
-rwxr-xr-x 1 root root 34008 Dec 24 10:55 libthread_db-1.0.so
-rwxr-xr-x 1 root root 90952 Aug 10 2011 libz.so.1
-rwxr-xr-x 1 root root 3491405 Aug 9 00:28 named
[root@hogedns021 sue]# gdb
GNU gdb (GDB) CentOS (7.0.1-45.el5.centos)
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
Re: Named process suddenly down
BIND 9.9.3-P2 is vulnerable to CVE 2014-0591 ("A Crafted Query
Against an NSEC3-signed Zone Can Crash BIND") and CVE 2013-6320 ("A
Winsock API Bug can cause a side-effect affecting BIND ACLs")
While it doesn't look (after a very quick glance) like CVE 2014-0591 (
https://kb.isc.org/article/AA-01078 ) you should probably upgrade to
9.9.4-P2 (Extended Support Version) anyway and see if the issue goes
away. If it doesn't -- hey, at least you know...
W
On Wed, Jan 15, 2014 at 5:18 AM, AOYAGI Takashi
wrote:
> Hello
>
> I have very serious trouble about BIND.
> And we are in a hurry, so please help us.
>
> Enveroment:
> "BIND 9.9.3-P2 (Extended Support Version)".
>
>
> Here is situation:
>
> Named process suddenly down at 23 Dec 19:58, and the core was outputted.
> In addition to this, same kind of problem had occurred in several other
> servers.
> Therefore, I guess this problem is not coming from hardware problem which is
> like memory trouble
> or others. Because this incident happened on sevral servers at same time.
>
> I put some information(/var/log/message and core and some other logs) which
> may indicate the problem, below.
> So, please someone who could tell us about the following three questions from
> our given information.
>
>
> 1) The cause of downed process.
> 2) This is an discovered issue or undiscoverd?
> 3) Is there workaround corresponding to this?
>
>
> And any advise is welcome.
>
> Sincerely,
> AOYAGI
>
>
> messages
>
> Dec 23 19:58:13 hogedns021 kernel: named[1844]: segfault at 0 ip
> 0048fbb
> a sp 7f6921778840 error 4 in named[40+303000]
> Dec 23 19:58:15 hogedns021 abrtd: Directory 'ccpp-2013-12-23-19:58:13-1843'
> crea
> tion detected
> Dec 23 19:58:15 hogedns021 abrt[19323]: Saved core dump of pid 1843
> (/usr/local/
> sbin/named) to /var/spool/abrt/ccpp-2013-12-23-19:58:13-1843 (166387712 bytes)
> Dec 23 19:58:15 hogedns021 abrtd: Executable '/usr/local/sbin/named' doesn't
> bel
> ong to any package
> Dec 23 19:58:15 hogedns021 abrtd: 'post-create' on
> '/var/spool/abrt/ccpp-2013-12
> -23-19:58:13-1843' exited with 1
> Dec 23 19:58:15 hogedns021 abrtd: Corrupted or bad directory
> /var/spool/abrt/ccp
> p-2013-12-23-19:58:13-1843, deleting
>
>
> core info
>
> [root@hogedns021 log]# named -V
> BIND 9.9.3-P2 (Extended Support Version) built with
> '--prefix=/usr
> /local/' '--disable-openssl-version-check' '--enable-filter-'
> '--enable-thre
> ads' '--with-gssapi=no' 'CFLAGS=-DDIG_SIGCHASE'
> using OpenSSL version: OpenSSL 1.0.0 29 Mar 2010
> [root@hogedns021 log]#uname -a
> Linux hogedns021 2.6.32-279.19.1.el6.x86_64 #1 SMP Sat Nov 24 14:35:28 EST
> 2012
> x86_64 x86_64 x86_64 GNU/Linux
> [root@hogedns021 log]# ls -la /var/named/chroot/var/named/core.1843
> -rw--- 1 dns dns 166387712 Dec 23 19:58 2013
> /var/named/chroot/var/named/co
> re.1843
> [root@hogedns021 log]# file /var/named/chroot/var/named/core.1843
> /var/named/chroot/var/named/core.1843: ELF 64-bit LSB core file x86-64,
> version
> 1 (SYSV), SVR4-style, from '/usr/local/sbin/named -u dns -c /etc/named.conf
> -t /
> var/named/chroot'
>
>
> gdb back trace("thread apply all bt")
>
> [root@hogedns021 tmp]# ldd /usr/local/sbin/named
> linux-vdso.so.1 => (0x7fffefdff000)
> libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x003a0c80)
> libdl.so.2 => /lib64/libdl.so.2 (0x003a0ac0)
> libcap.so.2 => /lib64/libcap.so.2 (0x003a1140)
> libpthread.so.0 => /lib64/libpthread.so.0 (0x003a0b00)
> libc.so.6 => /lib64/libc.so.6 (0x003a0a80)
> libz.so.1 => /lib64/libz.so.1 (0x003a0b40)
> /lib64/ld-linux-x86-64.so.2 (0x003a0a40)
> libattr.so.1 => /lib64/libattr.so.1 (0x003a0f00)
>
> [root@hogedns021 sue]# ls -la
> 合計 170176
> drwxr-xr-x 2 root root 4096 Dec 24 11:36 .
> drwxrwxrwt 5 root root 4096 Dec 24 11:36 ..
> -rw--- 1 dns dns 166387712 Dec 23 19:58 core.1843
> -rwxr-xr-x 1 root root156872 Oct 12 2012 ld-linux-x86-64.so.2
> -rwxr-xr-x 1 root root 21152 Aug 8 2011 libattr.so.1
> -rwxr-xr-x 1 root root 1922112 Oct 12 2012 libc.so.6
> -rwxr-xr-x 1 root root 19016 Aug 23 2011 libcap.so.2
> -rwxr-xr-x 1 root root 1665328 Aug 16 2012 libcrypto.so.10
> -rwxr-xr-x 1 root root 22536 Oct 12 2012 libdl.so.2
> -rw-r--r-- 1 root root 65928 Dec 24 11:35 libnss_files.so.2
> -rwxr-xr-x 1 root root145720 Oct 12 2012 libpthread.so.0
> -rwxr-xr-x 1 root root 34008 Dec 24 10:55 libthread_db-1.0.so
> -rwxr-xr-x 1 root root 90952 Aug 10 2011
Re: Sites that points their A Record to localhost
On Tue, Jan 14, 2014 at 07:55:44PM -0500, Kevin Darcy wrote: > If the domain owner *really* feels that they have to publish *some* > address record for a particular name, but there is no available > service at that name, then the null or "unspecified" address (IPv4 = > 0.0.0.0, IPv6 = ::0) is the appropriate value to put there. > > Loopback is anti-social; an apparent attempt to make the client > waste resources connecting to itself. In legal terms, one might call > this an "attractive nuisance". You're quite right; that's why I have MX records for decades-old dead hostnames pointing to loopback, because the only queries for those names are from spammers and I'd very much like them to waste their time. But that's about the only reason I can think of to use it. . . Bill. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Can we do a sub-domain delegation with godaddy?
In article , Joseph S D Yao wrote: > On 2014-01-14 12:39, Blason R wrote: > > Hi Folks, > > > > I am not sure if this is an appropriate forum to answer since more or > > less it is pertaining to Go Daddy support but since its a huge > > community our there and I am sure many of them are already using Go > > Daddy wondering if su-domain delegation is possible in Go Daddy? > > > > I mean I have example.com [1] hosted with Go Daddy while I need > > sub-domain ftp.example.com [2] to be delegated to my internal BIND > > server. > > > > Does any one know how do I do it in Go Daddy? > ... > > > (1) the same way you do it with any other delegation using any other > name server. You put the same list of name servers that are in your > zone, in the parent zone, together with any needed "glue" records. > "Glue" records are A records for any name servers that are in the > delegated domain or any domain under the delegated domain. That's how you do it if you have control over the zone file. His question is how you do when Go Daddy controls the zone file and you have to use whatever web application they provide for managing your domain. -- Barry Margolin Arlington, MA ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Can we do a sub-domain delegation with godaddy?
On Tue, Jan 14, 2014 at 12:39 PM, Blason R wrote:
> Hi Folks,
>
> I am not sure if this is an appropriate forum to answer since more or less
> it is pertaining to Go Daddy support but since its a huge community our
> there and I am sure many of them are already using Go Daddy wondering if
> su-domain delegation is possible in Go Daddy?
Yes, yes it is...
I run my own DNS, but have a few test domains for playing with stuff
like this, and just tested it...
>
> I mean I have example.com hosted with Go Daddy while I need sub-domain
> ftp.example.com to be delegated to my internal BIND server.
So, your question is a little vague / incomplete. ftp.example.com is
*probably* a host name in example.com, and not a delegation.
If you want to just add ftp.example.com you login to the godaddy
domains manager thing, choose the domain you want to change
(example.com) then click "Edit Zone". Add an A record with the label
ftp (godaddy automatically adds the example.com bit, and gets grumpy
if you do it yourself) and IP of the FTP server. Click save and you
are done.
If you actually want to delegated a subdomain (subdomain.example.com)
to your nameservers (which is what you were asking, I think)
Same thing - choose the domain, click "Edit Zone" scroll down to the
very bottom of the list ("NS (Nameserver"), enter 'subdomain' in the
"Host" box and the name of your bind server in the "Points To" box.
I just did this for subdomain.4witter.com pointing to ns01.kumari.net.
I didn't bother actually creating the zone on ns01, but you can see it
works:
...
4witter.com. 172800 IN NS ns77.domaincontrol.com.
4witter.com. 172800 IN NS ns78.domaincontrol.com.
;; Received 134 bytes from 192.33.14.30#53(b.gtld-servers.net) in 185 ms
subdomain.4witter.com. 3600 IN NS ns01.kumari.net.
;; Received 79 bytes from 216.69.185.49#53(ns77.domaincontrol.com) in 269 ms
W
> Does any one know how do I do it in Go Daddy?
>
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: Can we do a sub-domain delegation with godaddy?
>I mean I have example.com hosted with Go Daddy while I need sub-domain >ftp.example.com to be delegated to my internal BIND server. > >Does any one know how do I do it in Go Daddy? The easiest approach in the long run is to move the DNS for the whole domain to your own DNS servers. Large cheap hosting services like Godaddy do not deal well with exceptions. Pointing the 2LD at your servers is normal, delegating a subdomain is an exception. If you have web or other hosting there, you can still point the DNS records back at them as needed. R's, John ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
New Development Versions of BIND are Available (9.9.5rc1, 9.8.7rc1, and 9.6-ESV-R11rc1)
New development versions of BIND are now available from http://www.isc.org/downloads Versions 9.9.5rc1, 9.8.7rc1, and 9.6-ESV-R11rc1 include changes based on feedback we received from users during the beta period, but we still welcome testing and feedback from our users and encourage anyone interested to put these release candidates to the test. Thank you, Michael McNally Internet Systems Consortium ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Can we do a sub-domain delegation with godaddy?
Yeah Warren you are correct. That seems to be a hack for adding subdomain. So to answer your queries what I wanted to achieve is mail.example.com will be my subdomain [again its just not gonna be my host entry] it will be a delegated sub-domain for which I'll build internal DNS server for Loadbalancing purpose as I will be implementing peplink LBs and they do offer DNS based load balancing. here is the link. So instead of moving entire zone inside I thought just create a subdomain and build BIND internally? http://www.peplink.com/knowledgebase/setting-up-inbound-load-balance-with-a-delegated-sub-domain/ http://www.peplink.com/knowledgebase/how-to-set-up-the-integrated-dns-server-for-inbound-load-balancing/ So further to that if I decide to move my entire Zone inside; I believe the only changes I would need to do on my registrar portal is add up NS records [on my new BIND servers] and A records [glue records], right? On Thu, Jan 16, 2014 at 1:52 AM, John Levine wrote: > >I mean I have example.com hosted with Go Daddy while I need sub-domain > >ftp.example.com to be delegated to my internal BIND server. > > > >Does any one know how do I do it in Go Daddy? > > The easiest approach in the long run is to move the DNS for the whole > domain to your own DNS servers. Large cheap hosting services like > Godaddy do not deal well with exceptions. Pointing the 2LD at your > servers is normal, delegating a subdomain is an exception. > > If you have web or other hosting there, you can still point the DNS > records back at them as needed. > > R's, > John > ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Can we do a sub-domain delegation with godaddy?
Hey Warren, Did you delete your subdomain? coz I dont see that is being resolved. However mine isnlab.in is set up with godaddy and have added ns2.dnsmadeeasy.com as NS record for delegated subdomain mysubdom.isnlab.in > set type=ns > isnlab.in Server: google-public-dns-a.google.com Address: 8.8.8.8 Non-authoritative answer: isnlab.in nameserver = ns43.domaincontrol.com isnlab.in nameserver = ns44.domaincontrol.com > mysubdom.isnlab.in Server: google-public-dns-a.google.com Address: 8.8.8.8 (root) primary name server = ns0.dnsmadeeasy.com responsible mail addr = dns.dnsmadeeasy.com serial = 1997022724 refresh = 28800 (8 hours) retry = 14400 (4 hours) expire = 360 (41 days 16 hours) default TTL = 86400 (1 day) Seems to be correct, right? On Thu, Jan 16, 2014 at 10:07 AM, Blason R wrote: > Yeah Warren you are correct. That seems to be a hack for adding subdomain. > So to answer your queries what I wanted to achieve is mail.example.comwill be > my subdomain [again its just not gonna be my host entry] it will be > a delegated sub-domain for which I'll build internal DNS server for > Loadbalancing purpose as I will be implementing peplink LBs and they do > offer DNS based load balancing. here is the link. > > So instead of moving entire zone inside I thought just create a subdomain > and build BIND internally? > > > http://www.peplink.com/knowledgebase/setting-up-inbound-load-balance-with-a-delegated-sub-domain/ > > http://www.peplink.com/knowledgebase/how-to-set-up-the-integrated-dns-server-for-inbound-load-balancing/ > > So further to that if I decide to move my entire Zone inside; I believe > the only changes I would need to do on my registrar portal is add up NS > records [on my new BIND servers] and A records [glue records], right? > > > > On Thu, Jan 16, 2014 at 1:52 AM, John Levine wrote: > >> >I mean I have example.com hosted with Go Daddy while I need sub-domain >> >ftp.example.com to be delegated to my internal BIND server. >> > >> >Does any one know how do I do it in Go Daddy? >> >> The easiest approach in the long run is to move the DNS for the whole >> domain to your own DNS servers. Large cheap hosting services like >> Godaddy do not deal well with exceptions. Pointing the 2LD at your >> servers is normal, delegating a subdomain is an exception. >> >> If you have web or other hosting there, you can still point the DNS >> records back at them as needed. >> >> R's, >> John >> > > ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
