Re: bind9 needs sometimes a restart after resume from suspend
- To: debian-user@lists.debian.org
- Subject: Re: bind9 needs sometimes a restart after resume from suspend
- From: "Karl E. Jorgensen" <karl@jorgensen.org.uk>
- Date: Tue, 2 Dec 2014 13:07:14 +0000
- Message-id: <[🔎] 20141202130714.GA32322@hawking>
- In-reply-to: <1449422.mBHhz0mVS4@blackbox>
- References: <1602670.kALxqqSPZ5@blackbox> <4217716.oQpynmt4IH@blackbox> <20141130115916.GA22567@hawking> <1449422.mBHhz0mVS4@blackbox>
Hi
On Sun, Nov 30, 2014 at 03:26:29PM +0100, Rainer Dorsch wrote:
> On Sunday 30 November 2014 11:59:16 Karl E. Jorgensen wrote:
> > Hi
> >
> > On Sun, Nov 30, 2014 at 12:26:36PM +0100, Rainer Dorsch wrote:
> > > Hi Pascal,
> > >
> > > On Sunday 30 November 2014 11:15:41 Pascal Hambourg wrote:
> > > > Hello,
> > > >
> > > > Rainer Dorsch a écrit :
> > > > > I run bind9 locally and noticed that bind9 sometimes needs a restart
> > > > > after
> > > > > suspend.
> > > >
> > > > Why ? Not running, not resolving, errors... ?
> > >
> > > bind9 does not respond.
> > >
> > > See e.g. the dig command from my previous post
> > >
> > > blackbox:~# dig heise.de
> > > ^Cblackbox:~#
> >
> > That was well hidden :-)
> >
> > Any related messages in /var/log/daemon.log ?
>
> Indeed there are a number of entries in there, these are the entries right
> after restart:
>
> Nov 30 10:10:49 blackbox named[24198]: clients-per-query decreased to 12
> Nov 30 10:10:50 blackbox console-kit-daemon[2055]: WARNING: Error waiting for
> native console 56 activation: Resource temporarily unavailable
> Nov 30 10:10:50 blackbox named[24198]: validating @0xb3f5c0d0: . NS: got
> insecure response; parent indicates it should be secure
> Nov 30 10:10:50 blackbox named[24198]: error (insecurity proof failed)
> resolving './NS/IN': 192.168.178.1#53
> Nov 30 10:10:50 blackbox named[24198]: error (network unreachable) resolving
> './NS/IN': 2001:503:c27::2:30#53
> Nov 30 10:10:50 blackbox named[24198]: managed-keys-zone: No DNSKEY RRSIGs
> found for '.': success
> Nov 30 10:10:50 blackbox named[24198]: validating @0xb3a00018: . NS: no valid
> signature found
[snipped more of the same]
These messages dont look abnormal - in fact they seem to indicate
proper operation.
>
> But after restart when bind9 is working, I still see similar entries:
>
> Nov 30 15:19:40 blackbox named[2322]: validating @0xb4072230: . NS: got
> insecure response; parent indicates it should be secure
> Nov 30 15:19:40 blackbox named[2322]: error (insecurity proof failed)
> resolving './NS/IN': 192.168.178.1#53
[similar messages snipped]
Going back to your original symptom: "bind not responding"... It looks
like bind is at least *alive*.
I wonder... What exactly does "bind not responding" mean? any command
that reproduces that would be handy.
As this is happening in relation to suspend/resume, this would imply
that network interfaces go down and up too. So perhaps bind is failing
to detect the re-arrival of network interfaces?
The output of a command like "sudo netstat -nlp | grep bind" while
bind is not responding would be instructive. And then compare/contrast
with the scenario of a "working" bind...
Hope this helps
--
Karl E. Jorgensen
Reply to: