On Thu, Oct 30, 2025 at 6:27 AM Bernd Leibing wrote: > > Hi, > > after the recent security upgrade to BIND 9.18.41-1~deb12u1-Debian, my > resolver > failed to resolve for example ns7.zainternet.net/A
works for me: $ dig ns7.zainternet.net a ; <<>> DiG 9.18.41-1~deb12u1-Debian <<>> ns7.zainternet.net a ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40341 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1472 ; COOKIE: a2ba6fab5f8492cd0100000069034e1df51484d48a6cc472 (good) ;; QUESTION SECTION: ;ns7.zainternet.net. IN A ;; ANSWER SECTION: ns7.zainternet.net. 86368 IN A 193.7.168.51 ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Thu Oct 30 07:38:05 EDT 2025 ;; MSG SIZE rcvd: 91 Maybe they fixed something on the zainternet.net side? Regards Lee > > This is easy to reproduce with the default configuration. Not much in the > log, even > with max debug level. > > # rndc status > version: BIND 9.18.41-1~deb12u1-Debian (Extended Support Version) <id:> > running on localhost: Linux x86_64 6.1.0-40-amd64 #1 SMP PREEMPT_DYNAMIC > Debian > 6.1.153-1 (2025-09-20) > boot time: Wed, 29 Oct 2025 22:51:58 GMT > last configured: Wed, 29 Oct 2025 22:51:58 GMT > configuration file: /etc/bind/named.conf > CPUs found: 4 > worker threads: 4 > UDP listeners per interface: 4 > number of zones: 103 (98 automatic) > debug level: 99 > ... > > # host ns7.zainternet.net 127.0.0.1 > ;; communications error to 127.0.0.1#53: timed out > ;; communications error to 127.0.0.1#53: timed out > ;; no servers could be reached > > > #### slightly redacted > # journalctl -n 30 -t named > Oct 30 named[]: shut down hung fetch while resolving 'ns7.zainternet.net/AAAA' > Oct 30 named[]: shut down hung fetch while resolving 'ns7.zainternet.net/A' > Oct 30 named[]: shut down hung fetch while resolving 'ns8.za-internet.net/A' > Oct 30 named[]: shut down hung fetch while resolving 'ns7.zainternet.net/AAAA' > Oct 30 named[]: shut down hung fetch while resolving > 'ns8.za-internet.net/AAAA' > Oct 30 named[]: shut down hung fetch while resolving > 'ns11.zainternet.net/AAAA' > Oct 30 named[]: shut down hung fetch while resolving 'ns11.zainternet.net/A' > Oct 30 named[]: shut down hung fetch while resolving 'ns7.za-internet.de/A' > Oct 30 named[]: shut down hung fetch while resolving 'ns7.za-internet.de/AAAA' > Oct 30 named[]: shut down hung fetch while resolving 'ns11.za-internet.de/A' > Oct 30 named[]: shut down hung fetch while resolving > 'ns11.za-internet.de/AAAA' > Oct 30 named[]: shut down hung fetch while resolving 'ns8.za-domain.de/A' > Oct 30 named[]: shut down hung fetch while resolving 'ns8.za-domain.de/AAAA' > Oct 30 named[]: shut down hung fetch while resolving > 'ns7.za-internet.net/AAAA' > Oct 30 named[]: shut down hung fetch while resolving 'ns7.za-internet.net/A' > > Any hints? > Thanks & Regards, > > Bernd > > -- > Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from > this list. -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list.
