Zone file got updated via named process unexpected

[liudonghua]

Hi, I have a bind9 service running on the server, and some views configured, 
but I found a zone file got updated unexpected when I made some resolve changes.

Here is parts of the original contents of the updated zone file.

$TTL 86400  ; 1 day@   IN  SOA pridns.ynu.edu.cn. 
root.pridns.ynu.edu.cn. (2019091901;   
serial number10800   ;   Refresh interval, 
every 3 hours3600;   Retry interval, every 
30 minutes 604800  ;   Expire after 1 week  
  86400 ) ;Minimum TTL of 1 day$INCLUDE 
/etc/named.data/db.ynu.edu.cn.common; RR of type A; lb-http-jz  
IN  A   113.55.14.52; vpn110800   IN  A   
192.168.208.3ynucdn  600 IN  A   202.203.208.4..

And this is the auto updated parts of that file.

$ORIGIN .$TTL 86400 ; 1 dayynu.edu.cn   IN SOA  
pridns.ynu.edu.cn. root.pridns.ynu.edu.cn. ( 2019091903 ; serial 10800  ; 
refresh (3 hours) 3600   ; retry (1 hour) 604800 ; expire (1 week) 
86400  ; minimum (1 day) )$ORIGIN ynu.edu.cn.100   CNAME   
lb-http65031141 CNAME   www.itc$ORIGIN 65031141.ynu.edu.cn.ip-watcher   
A   113.55.13.114kibana CNAME   
lb-http.ynu.edu.cn.portainerCNAME   lb-http.ynu.edu.cn.$ORIGIN 
ynu.edu.cn._cdnauth  TXT 
"2023060823081361d03c617f075ac05df69f6309bd9aa6"access  A   
113.55.0.80..

The update contents contain some $ORIGIN seems to produced via named process.

The related pieces of named.conf configurations is:

..view "INTRANET"{match-clients { INTRANET_ACL;};recursion 
yes;include "/etc/named.common.zones.conf";zone "ynu.edu.cn" in 
{type master;file "db.ynu.edu.cn.intranet"; 
   };};..

And I found some general logs maybe provide some clues.

14-Dec-2023 14:39:25.460 general: debug 1: zone_timer: zone 
ynu.edu.cn/IN/INTRANET: enter14-Dec-2023 14:39:25.460 general: debug 1: 
zone_maintenance: zone ynu.edu.cn/IN/INTRANET: enter14-Dec-2023 14:39:25.460 
general: debug 1: zone_dump: zone ynu.edu.cn/IN/INTRANET: enter14-Dec-2023 
14:39:25.460 general: debug 1: zone_settimer: zone ynu.edu.cn/IN/INTRANET: 
enter14-Dec-2023 14:39:25.460 general: debug 1: zone_gotwritehandle: zone 
ynu.edu.cn/IN/INTRANET: enter14-Dec-2023 14:39:25.460 general: debug 1: 
dumptostreaminc(0x7efe0d938010) new nodes -> 21214-Dec-2023 14:39:25.461 
general: debug 1: dumptostreaminc(0x7efe0d938010) new nodes -> 31014-Dec-2023 
14:39:25.464 general: debug 1: dump_done: zone ynu.edu.cn/IN/INTRANET: enter

I can confirm that I did not use or configure master/slave mode of bind9.

I found this zone file got updated in about 15 minutes when I made changes or 
restarted named, and this behavior seems match the docs 
bind9.readthedocs.io/en/latest/chapter6.html#dynamic-update, but I can confirm 
I DO NOT configure allow-update or update-policy. I even add "allow-update 
{none;}; // no DDNS by default" in the zone block of the problematic view. Is 
there any chances this configuration comes from other config file or named 
build options?


I also have posted on stackoverflow, but without any response. -- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

zone not loaded in one of view

[liudonghua]

Hi, I have a bind9 authoritative name server running, but I found a strange 
problem. One of zone in a specific view not loaded when I view the 
cache_dump.db after I execute `rndc dumpdb -all`.


The zone data file is almost the same for difference views execpted some few 
domain resolution.


[root@pridns data]# head -n 20 /etc/named.data/db.ynu.edu.cn.cernet
$TTL 86400  ; 1 day
@   IN  SOA pridns.ynu.edu.cn. root.pridns.ynu.edu.cn. (
2023121601;   serial number
10800   ;   Refresh interval, every 3 hours
3600;   Retry interval, every 30 minutes 
604800  ;   Expire after 1 week
86400 ) ;Minimum TTL of 1 day


$INCLUDE /etc/named.data/db.ynu.edu.cn.common




; RR of type A
; 
vpn110800   IN  A   113.55.110.251
; 
lb-http-jz  IN  A   113.55.14.52
ynucdn  600 IN  A   202.203.208.4
; 
vpn2IN  A   202.203.208.9


[root@pridns data]# head -n 20 /etc/named.data/db.ynu.edu.cn.intranet
$TTL 86400  ; 1 day
@   IN  SOA pridns.ynu.edu.cn. root.pridns.ynu.edu.cn. (
2023121601;   serial number
10800   ;   Refresh interval, every 3 hours
3600;   Retry interval, every 30 minutes 
604800  ;   Expire after 1 week
86400 ) ;Minimum TTL of 1 day


$INCLUDE /etc/named.data/db.ynu.edu.cn.common




; RR of type A
; 
lb-http-jz  IN  A   113.55.14.52
; 
vpn110800   IN  A   192.168.208.3
ynucdn  600 IN  A   202.203.208.4
; 
vpn2IN  A   202.203.208.9


[root@pridns data]#
[root@pridns data]# named-checkconf /etc/named.conf
[root@pridns data]# echo $?
0
[root@pridns data]# 
[root@pridns data]# rndc zonestatus ynu.edu.cn in CERNET
name: ynu.edu.cn
type: primary
files: db.ynu.edu.cn.cernet, /etc/named.data/db.ynu.edu.cn.common
serial: 2023121601
nodes: 576
last loaded: Sat, 16 Dec 2023 08:00:49 GMT
secure: no
dynamic: no
reconfigurable via modzone: no
[root@pridns data]#
[root@pridns data]# rndc zonestatus ynu.edu.cn in INTRANET
rndc: 'zonestatus' failed: zone not loaded
[root@pridns data]#
[root@pridns data]# named-checkzone ynu.edu.cn 
/etc/named.data/db.ynu.edu.cn.intranet
zone ynu.edu.cn/IN: loaded serial 2023121601
OK
[root@pridns data]# 
[root@pridns data]# ll /etc/named.data/db.ynu.edu.cn.cernet 
/etc/named.data/db.ynu.edu.cn.intranet
-rw-r--r-- 1 root root 1.3K Dec 16 16:00 /etc/named.data/db.ynu.edu.cn.cernet
-rw-r--r-- 1 root root 1.3K Dec 16 16:00 /etc/named.data/db.ynu.edu.cn.intranet
[root@pridns data]# 


And here is parts of content in /var/named/data/cache_dump.db


; Zone dump of 'ynu.edu.cn/IN/INTRANET'
;
; zone not loaded
;
; Zone dump of 'rpz/IN/INTRANET'




-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Zone file got updated via named process unexpected

[liudonghua]

Sorry for the mixed format. I updated the post here.




Hi, I have a bind9 service running on the server, and some views configured, 
but I found a zone file got updated unexpected when I made some resolve changes.


Here is parts of the original contents of the updated zone file.


$TTL 86400  ; 1 day
@   IN  SOA pridns.ynu.edu.cn. root.pridns.ynu.edu.cn. (
2019091901;   serial number
10800   ;   Refresh interval, every 3 hours
3600;   Retry interval, every 30 minutes 
604800  ;   Expire after 1 week
86400 ) ;Minimum TTL of 1 day


$INCLUDE /etc/named.data/db.ynu.edu.cn.common




; RR of type A
; 
lb-http-jz  IN  A   113.55.14.52
; 
vpn110800   IN  A   192.168.208.3
ynucdn  600 IN  A   202.203.208.4
..


And this is the auto updated parts of that file.


$ORIGIN .
$TTL 86400  ; 1 day
ynu.edu.cn  IN SOA  pridns.ynu.edu.cn. root.pridns.ynu.edu.cn. (
2019091903 ; serial
10800  ; refresh (3 hours)
3600   ; retry (1 hour)
604800 ; expire (1 week)
86400  ; minimum (1 day)
)


$ORIGIN ynu.edu.cn.
100 CNAME   lb-http
65031141CNAME   www.itc
$ORIGIN 65031141.ynu.edu.cn.
ip-watcher  A   113.55.13.114
kibana  CNAME   lb-http.ynu.edu.cn.
portainer   CNAME   lb-http.ynu.edu.cn.
$ORIGIN ynu.edu.cn.
_cdnauthTXT "2023060823081361d03c617f075ac05df69f6309bd9aa6"
access  A   113.55.0.80
..
The update contents contain some $ORIGIN seems to produced via named process.


The related pieces of named.conf configurations is:


..
view "INTRANET"{
match-clients { INTRANET_ACL;};
recursion yes;
include "/etc/named.common.zones.conf";
zone "ynu.edu.cn" in {
type master;
file "db.ynu.edu.cn.intranet";
};
};
..


And I found some general logs maybe provide some clues.

14-Dec-2023 14:39:25.460 general: debug 1: zone_timer: zone 
ynu.edu.cn/IN/INTRANET: enter
14-Dec-2023 14:39:25.460 general: debug 1: zone_maintenance: zone 
ynu.edu.cn/IN/INTRANET: enter
14-Dec-2023 14:39:25.460 general: debug 1: zone_dump: zone 
ynu.edu.cn/IN/INTRANET: enter
14-Dec-2023 14:39:25.460 general: debug 1: zone_settimer: zone 
ynu.edu.cn/IN/INTRANET: enter
14-Dec-2023 14:39:25.460 general: debug 1: zone_gotwritehandle: zone 
ynu.edu.cn/IN/INTRANET: enter
14-Dec-2023 14:39:25.460 general: debug 1: dumptostreaminc(0x7efe0d938010) new 
nodes -> 212
14-Dec-2023 14:39:25.461 general: debug 1: dumptostreaminc(0x7efe0d938010) new 
nodes -> 310
14-Dec-2023 14:39:25.464 general: debug 1: dump_done: zone 
ynu.edu.cn/IN/INTRANET: enter
I did not configure master/slave mode of bind9. And I serached the sources of 
bind9, but failed to find some keywords like zone_timer or zone_gotwritehandle.


I have stucked on this strange problem for a few days.


I found this zone file got updated in about 15 minutes when I made changes or 
restarted named, and this behavior seems match the docs 
bind9.readthedocs.io/en/latest/chapter6.html#dynamic-update, but I can confirm 
I DO NOT configure allow-update or update-policy. I even add "allow-update 
{none;}; // no DDNS by default" in the zone block of the problematic view. Is 
there any chances this configuration comes from other config file or named 
build options?


I have also posted on stackoverflow, but without any response. 




2023-12-17 12:04:18 "刘东华"  写道：

Hi, I have a bind9 service running on the server, and some views configured, 
but I found a zone file got updated unexpected when I made some resolve changes.

Here is parts of the original contents of the updated zone file.

$TTL 86400  ; 1 day@   IN  SOA pridns.ynu.edu.cn. 
root.pridns.ynu.edu.cn. (2019091901;   
serial number10800   ;   Refresh interval, 
every 3 hours3600;   Retry interval, every 
30 minutes 604800  ;   Expire after 1 week  
  86400 ) ;Minimum TTL of 1 day$INCLUDE 
/etc/named.data/db.ynu.edu.cn.common; RR of type A; lb-http-jz  
IN  A   113.55.14.52; vpn110800   IN  A   
192.168.208.3ynucdn  600 IN  A   202.203.208.4..

And this is the auto updated parts of that file.

$ORIGIN .$TTL 86400 ; 1 dayynu.edu.cn   IN SOA  
pridns.ynu.edu.cn. root.pridns.ynu.edu.cn. ( 2019091903 ; serial 10800  ; 
refresh (3 hours) 3600   ; retry (1 hour) 604800 ; expire (1 week) 
86400  ; minimum (1 day) )$ORIGIN ynu.edu.cn.100   CNAME   
lb-http65031141 CNA

unable-resolve-bank=domain

[MEjaz via bind-users]

 

 

 

Hi  all. 

 

One of the banking domain www.services.online-banking.gslb.sabbnet.com
  unable to  resolve
with  our primary namservers 212.119.64.2 whearas as my another server
212.119.64.3 is ok

 

In addition to that when I dig with +trace the query is responded. Without
the +trace. Connection timed out errro. 

 

Any hint would be highly appreciated.. 

 

[root@ns10 ~]# dig www.services.online-banking.gslb.sabbnet.com +trace, it
responded well.. 

 

 

; <<>> DiG 9.18.11 <<>> www.services.online-banking.gslb.sabbnet.com +trace

;; global options: +cmd

.   25332   IN  NS  b.root-servers.net.

.   25332   IN  NS  k.root-servers.net.

.   25332   IN  NS  c.root-servers.net.

.   25332   IN  NS  a.root-servers.net.

.   25332   IN  NS  e.root-servers.net.

.   25332   IN  NS  d.root-servers.net.

.   25332   IN  NS  j.root-servers.net.

.   25332   IN  NS  f.root-servers.net.

.   25332   IN  NS  h.root-servers.net.

.   25332   IN  NS  i.root-servers.net.

.   25332   IN  NS  g.root-servers.net.

.   25332   IN  NS  m.root-servers.net.

.   25332   IN  NS  l.root-servers.net.

.   85610   IN  RRSIG   NS 8 0 518400 2023122917
2023121616 46780 .
sDK0f7lk1v5XmWFCmt1oQkncqDxynmGxDCCC4PQLqabdE7B1HessWY8V
xQ8sZiUXjSN/XsgX6QBvx2c/raBu/am0EjRxmOB/cRl7Bz+gjyi21H1h
aUVZGTRFRmCYR9a51jSumpcmjRpPA6gXKynOUvXajB8v7K9zGB+dHoH9
UP6cv9O27h69MGFaIBdDBdLmnu7gMmafogy9ZiWMHzgLPTzL2DEY33bU
rGWLlVBC/7Ji1s1VNBlEo1Mn/gDinsH81ZX4/mNtOAXP0WO3GmAye+ZG
QbPX+C0ZA6JOD9GbKXsLbc/h85aqqEqJVma8TJBFifqdvy31wvShWeXv eMhGIg==

;; Received 1137 bytes from 212.119.64.2#53(212.119.64.2) in 0 ms

 

;; UDP setup with 2001:503:c27::2:30#53(2001:503:c27::2:30) for
www.services.online-banking.gslb.sabbnet.com failed: network unreachable.

;; UDP setup with 2001:503:c27::2:30#53(2001:503:c27::2:30) for
www.services.online-banking.gslb.sabbnet.com failed: network unreachable.

;; UDP setup with 2001:503:c27::2:30#53(2001:503:c27::2:30) for
www.services.online-banking.gslb.sabbnet.com failed: network unreachable.

com.172800  IN  NS  a.gtld-servers.net.

com.172800  IN  NS  i.gtld-servers.net.

com.172800  IN  NS  k.gtld-servers.net.

com.172800  IN  NS  e.gtld-servers.net.

com.172800  IN  NS  l.gtld-servers.net.

com.172800  IN  NS  b.gtld-servers.net.

com.172800  IN  NS  c.gtld-servers.net.

com.172800  IN  NS  f.gtld-servers.net.

com.172800  IN  NS  j.gtld-servers.net.

com.172800  IN  NS  m.gtld-servers.net.

com.172800  IN  NS  d.gtld-servers.net.

com.172800  IN  NS  h.gtld-servers.net.

com.172800  IN  NS  g.gtld-servers.net.

com.86400   IN  DS  19718 13 2
8ACBB0CD28F41250A80A491389424D341522D946B0DA0C0291F2D3D7 71D7805A

com.86400   IN  RRSIG   DS 8 1 86400 2023123005
2023121704 46780 .
oCKMOzci0SxP0NtxcQoWPw8xKZJy5R7XvSEB6cFiF/uZd/gUXieoQZHt
RqhjdA9pgAfyOm3iuxQMeuok9UPiHnKbR0Tbx4D3mZRFu0ojtb1QzIEm
7yT6+EauW19eMo1saBKJfpsbeppp4BhTaDVfiQYbayOWb4x43Rdq8mwY
iD9gzBsh7cBNk4yFNPlKDLq5SBAiEJhrwjV5VBpgB6/LoQN16XzE8HkJ
Fq9Imw1OOSxcHe+7dpQzjv5ggKEcQnkT0WxvZDoxhjEQJWFgcCZYTgNd
fPf54e4ZXnsZMclhaRgjceqTeKD+VJfsIucKxBASjhq2ftelB47kJ43e xNqgww==

;; Received 1207 bytes from 202.12.27.33#53(m.root-servers.net) in 106 ms

 

sabbnet.com.172800  IN  NS  ns3.hsbc.com.

sabbnet.com.172800  IN  NS  ns6.hsbc.com.

sabbnet.com.172800  IN  NS  ns21.hsbc.uk.

sabbnet.com.172800  IN  NS  ns20.hsbc.uk.

sabbnet.com.172800  IN  NS  ns20.hsbc.net.

sabbnet.com.172800  IN  NS  ns21.hsbc.net.

CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 -
CK0Q2D6NI4I7EQH8NA30NS61O48UL8G5 NS SOA RRSIG DNSKEY NSEC3PARAM

CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 13 2 86400
20231224052607 20231217041607 46171 com.
pB279Lr3otMIFr2Xg+Kc4udD7htN99HAy2HzV2ona5Pho39yTNWyGE4a
hFT/PxA1hG5/cwNqncihQQPu62RdBg==

9LU5MRDONGV541FC71Q8HQEVDFI4PJDD.com. 86400 IN NSEC3 1 1 0 -
9LU615KEV2MT87CB7NJIFLF0T3L95JVI NS DS RRSIG

9LU5MRDONGV541FC71Q8HQEVDFI4PJDD.com. 86400 IN RRSIG NSEC3 13 2 86400
20231224063953 20231217052953 46171 com.
NshEyD2V0OpP08Ex/y5VoO5JYv8OpyIcR7GmK1NhQtYQZXqPMmcFS6We

Re: zone not loaded in one of view

[Mark Andrews]

Read your logs and/or use named-checkzone and/or tell name-checkconf to load 
the zones. 

-- 
Mark Andrews

> On 17 Dec 2023, at 15:22, liudong...@ynu.edu.cn wrote:
> 
> 
> Hi, I have a bind9 authoritative name server running, but I found a strange 
> problem. One of zone in a specific view not loaded when I view the 
> cache_dump.db after I execute `rndc dumpdb -all`.
> 
> 
> The zone data file is almost the same for difference views execpted some few 
> domain resolution.
> 
> 
> [root@pridns data]# head -n 20 /etc/named.data/db.ynu.edu.cn.cernet
> $TTL 86400  ; 1 day
> @   IN  SOA pridns.ynu.edu.cn. root.pridns.ynu.edu.cn. (
> 2023121601;   serial number
> 10800   ;   Refresh interval, every 3 hours
> 3600;   Retry interval, every 30 minutes 
> 604800  ;   Expire after 1 week
> 86400 ) ;Minimum TTL of 1 day
> 
> 
> $INCLUDE /etc/named.data/db.ynu.edu.cn.common
> 
> 
> 
> 
> ; RR of type A
> ; 
> vpn110800   IN  A   113.55.110.251
> ; 
> lb-http-jz  IN  A   113.55.14.52
> ynucdn  600 IN  A   202.203.208.4
> ; 
> vpn2IN  A   202.203.208.9
> 
> 
> [root@pridns data]# head -n 20 /etc/named.data/db.ynu.edu.cn.intranet
> $TTL 86400  ; 1 day
> @   IN  SOA pridns.ynu.edu.cn. root.pridns.ynu.edu.cn. (
> 2023121601;   serial number
> 10800   ;   Refresh interval, every 3 hours
> 3600;   Retry interval, every 30 minutes 
> 604800  ;   Expire after 1 week
> 86400 ) ;Minimum TTL of 1 day
> 
> 
> $INCLUDE /etc/named.data/db.ynu.edu.cn.common
> 
> 
> 
> 
> ; RR of type A
> ; 
> lb-http-jz  IN  A   113.55.14.52
> ; 
> vpn110800   IN  A   192.168.208.3
> ynucdn  600 IN  A   202.203.208.4
> ; 
> vpn2IN  A   202.203.208.9
> 
> 
> [root@pridns data]#
> [root@pridns data]# named-checkconf /etc/named.conf
> [root@pridns data]# echo $?
> 0
> [root@pridns data]# 
> [root@pridns data]# rndc zonestatus ynu.edu.cn in CERNET
> name: ynu.edu.cn
> type: primary
> files: db.ynu.edu.cn.cernet, /etc/named.data/db.ynu.edu.cn.common
> serial: 2023121601
> nodes: 576
> last loaded: Sat, 16 Dec 2023 08:00:49 GMT
> secure: no
> dynamic: no
> reconfigurable via modzone: no
> [root@pridns data]#
> [root@pridns data]# rndc zonestatus ynu.edu.cn in INTRANET
> rndc: 'zonestatus' failed: zone not loaded
> [root@pridns data]#
> [root@pridns data]# named-checkzone ynu.edu.cn 
> /etc/named.data/db.ynu.edu.cn.intranet
> zone ynu.edu.cn/IN: loaded serial 2023121601
> OK
> [root@pridns data]# 
> [root@pridns data]# ll /etc/named.data/db.ynu.edu.cn.cernet 
> /etc/named.data/db.ynu.edu.cn.intranet
> -rw-r--r-- 1 root root 1.3K Dec 16 16:00 /etc/named.data/db.ynu.edu.cn.cernet
> -rw-r--r-- 1 root root 1.3K Dec 16 16:00 
> /etc/named.data/db.ynu.edu.cn.intranet
> [root@pridns data]# 
> 
> 
> And here is parts of content in /var/named/data/cache_dump.db
> 
> 
> ; Zone dump of 'ynu.edu.cn/IN/INTRANET'
> ;
> ; zone not loaded
> ;
> ; Zone dump of 'rpz/IN/INTRANET'
> 
> 
> 
> 
> -- 
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
> this list
> 
> ISC funds the development of this software with paid support subscriptions. 
> Contact us at https://www.isc.org/contact/ for more information.
> 
> 
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users