Re: BIND 9.6.1-P1 crashing
At Tue, 05 Jan 2010 08:24:16 +0100, Dario Miculinic dario.miculi...@t-com.hr wrote: I dont't have the same core dump, but this is from one that happend yesterday: Thanks, but unfortunately the detailed stack traces don't seem to provide a useful hint for the race. If you can help debug this further, could you apply the patch copied below, rebuild named and run it? It *may* catch the race condition at a closer point to the real cause. (note: this patch only does diagnose, so it will not fix the problem). Or, if you need any workaround that *may* work, you may want to rebuild named with disabling atomic operations. ./configure --disable-atomic [...other options] I'm not sure if this stops the problem, but I believe it's worth trying. --- JINMEI, Tatuya Internet Systems Consortium, Inc. Index: heap.c === RCS file: /proj/cvs/prod/bind9/lib/isc/heap.c,v retrieving revision 1.37 diff -u -r1.37 heap.c --- heap.c 19 Oct 2007 17:15:53 - 1.37 +++ heap.c 8 Jan 2010 08:01:19 - @@ -149,10 +149,12 @@ i 1 heap-compare(elt, heap-array[p]) ; i = p, p = heap_parent(i)) { heap-array[i] = heap-array[p]; + INSIST(heap-array[i] != NULL); if (heap-index != NULL) (heap-index)(heap-array[i], i); } heap-array[i] = elt; + INSIST(heap-array[i] != NULL); if (heap-index != NULL) (heap-index)(heap-array[i], i); @@ -173,11 +175,13 @@ if (heap-compare(elt, heap-array[j])) break; heap-array[i] = heap-array[j]; + INSIST(heap-array[i] != NULL); if (heap-index != NULL) (heap-index)(heap-array[i], i); i = j; } heap-array[i] = elt; + INSIST(heap-array[i] != NULL); if (heap-index != NULL) (heap-index)(heap-array[i], i); @@ -217,6 +221,7 @@ less = heap-compare(elt, heap-array[index]); heap-array[index] = elt; + INSIST(heap-array[index] != NULL); if (less) float_up(heap, index, heap-array[index]); else ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: BIND 9.6.1-P1 crashing
At Wed, 30 Dec 2009 10:23:17 +0100, Dario Miculinic dario.miculi...@t-com.hr wrote: I'm administrating 4 DNS servers running CentOS release 5.4 and Red Hat Enterprise Linux Server release 5.2. with BIND version 9.6.1-P1. On 3 of them BIND crashed 7 times in last 10 days. There's nothing in log files, but we have core dump file. I found this in the core dump: #0 0x080db986 in ttl_sooner (v1=0x0, v2=0x3385b628) at rbtdb.c:752 752 ttl_sooner(void *v1, void *v2) { (gdb) where #0 0x080db986 in ttl_sooner (v1=0x0, v2=0x3385b628) at rbtdb.c:752 What's the result of the following gdb command? (gdb) thread apply all bt full We've seen crash like this one, but we've not figured out how this happens. This is pretty likely an inter-thread race, and it may be tricky. According to the v1/v2 values in your stack trace, a full backtrace with information of other threads may provide more useful hint. If you need immediate workaround rather than chasing the bug, rebuilding named with --disable-atomic may help (we cannot be sure because we don't yet know how this bug happens in the first place). This will use locks in a more conservative way and may avoid the tricky race condition at the cost of lower performance (so if you want to try that you'll also need to watch the server load). --- JINMEI, Tatuya Internet Systems Consortium, Inc. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Bind 9.6.1-P1 ignoring listen-on directive
Hi, I'm testing Bind 9.6.1-P1 on Solaris 10 SPARC (64bit/Sun Studio 12.1) I noticed this in the logs: Sep 9 13:15:31 ns3a/ns3a named[23042]: [ID 873579 daemon.info] listening on IPv4 interface lo0, 127.0.0.1#53 Sep 9 13:15:31 ns3a/ns3a named[23042]: [ID 873579 daemon.info] listening on IPv4 interface bge0, 153.104.92.2#53 Sep 9 13:15:31 ns3a/ns3a named[23042]: [ID 873579 daemon.info] listening on IPv4 interface bge0:1, 153.104.92.4#53 Sep 9 13:15:31 ns3a/ns3a named[23042]: [ID 873579 daemon.info] listening on IPv4 interface bge1, 10.104.36.20#53 I only wanted named to listen on one interface + the loopback, so I added a listen-on statement in named.conf: acl testnets { 153.104.244.0/24; 153.104.248.0/24; }; options { directory /opt/isc/bind/var/db; allow-query { testnets; }; listen-on { localhost; 153.104.92.2; }; listen-on-v6 { none; }; }; zone 0.0.127.in-addr.arpa in { type master; file db.127.0.0; notify no; }; But, I still have the same log entries when I start named. I then modified named.conf to specifically exclude the other interfaces: listen-on { localhost; 153.104.92.2; !153.104.92.4; !10.104.36.20; }; But, again, I'm still seeing it state that it is listening on the excluded interfaces. I tried increasing the debug level, but I didn't see any additional info pertaining to this. I know that it is listening on the excluded interfaces because I see a queries on the 10.104.36.20 interface: Sep 9 13:09:16 ns3a/ns3a named[22867]: [ID 873579 daemon.info] client 10.104.109.0#1041: query (cache) 'ATF/A/IN' denied Sep 9 13:09:16 ns3a/ns3a named[22867]: [ID 873579 daemon.info] client 10.104.109.0#1046: query (cache) 'ATP.villanova.edu/A/IN' denied Is this a known problem? It's an issue for us because we restrict DNS queries to particular interfaces. If it isn't a known bug, I'd be glad to help troubleshoot this problem. Thanks. -John -- John Center Villanova University ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Bind 9.6.1-P1 ignoring listen-on directive
Of course, right after hitting enter on this message, I came across a message from last year about localhost mapping to all interfaces, not just 127.0.0.1. I created a loopback acl used it instead that worked. Sorry for the noise. -John On 09/09/2009 03:04 PM, John Center wrote: Hi, I'm testing Bind 9.6.1-P1 on Solaris 10 SPARC (64bit/Sun Studio 12.1) I noticed this in the logs: Sep 9 13:15:31 ns3a/ns3a named[23042]: [ID 873579 daemon.info] listening on IPv4 interface lo0, 127.0.0.1#53 Sep 9 13:15:31 ns3a/ns3a named[23042]: [ID 873579 daemon.info] listening on IPv4 interface bge0, 153.104.92.2#53 Sep 9 13:15:31 ns3a/ns3a named[23042]: [ID 873579 daemon.info] listening on IPv4 interface bge0:1, 153.104.92.4#53 Sep 9 13:15:31 ns3a/ns3a named[23042]: [ID 873579 daemon.info] listening on IPv4 interface bge1, 10.104.36.20#53 I only wanted named to listen on one interface + the loopback, so I added a listen-on statement in named.conf: acl testnets { 153.104.244.0/24; 153.104.248.0/24; }; options { directory /opt/isc/bind/var/db; allow-query { testnets; }; listen-on { localhost; 153.104.92.2; }; listen-on-v6 { none; }; }; zone 0.0.127.in-addr.arpa in { type master; file db.127.0.0; notify no; }; But, I still have the same log entries when I start named. I then modified named.conf to specifically exclude the other interfaces: listen-on { localhost; 153.104.92.2; !153.104.92.4; !10.104.36.20; }; But, again, I'm still seeing it state that it is listening on the excluded interfaces. I tried increasing the debug level, but I didn't see any additional info pertaining to this. I know that it is listening on the excluded interfaces because I see a queries on the 10.104.36.20 interface: Sep 9 13:09:16 ns3a/ns3a named[22867]: [ID 873579 daemon.info] client 10.104.109.0#1041: query (cache) 'ATF/A/IN' denied Sep 9 13:09:16 ns3a/ns3a named[22867]: [ID 873579 daemon.info] client 10.104.109.0#1046: query (cache) 'ATP.villanova.edu/A/IN' denied Is this a known problem? It's an issue for us because we restrict DNS queries to particular interfaces. If it isn't a known bug, I'd be glad to help troubleshoot this problem. Thanks. -John ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Bind 9.6.1-P1 ignoring listen-on directive
Syntax. The parser is matching on localhost before it sees the negated elements. - Kevin John Center wrote: Hi, I'm testing Bind 9.6.1-P1 on Solaris 10 SPARC (64bit/Sun Studio 12.1) I noticed this in the logs: Sep 9 13:15:31 ns3a/ns3a named[23042]: [ID 873579 daemon.info] listening on IPv4 interface lo0, 127.0.0.1#53 Sep 9 13:15:31 ns3a/ns3a named[23042]: [ID 873579 daemon.info] listening on IPv4 interface bge0, 153.104.92.2#53 Sep 9 13:15:31 ns3a/ns3a named[23042]: [ID 873579 daemon.info] listening on IPv4 interface bge0:1, 153.104.92.4#53 Sep 9 13:15:31 ns3a/ns3a named[23042]: [ID 873579 daemon.info] listening on IPv4 interface bge1, 10.104.36.20#53 I only wanted named to listen on one interface + the loopback, so I added a listen-on statement in named.conf: acl testnets { 153.104.244.0/24; 153.104.248.0/24; }; options { directory /opt/isc/bind/var/db; allow-query { testnets; }; listen-on { localhost; 153.104.92.2; }; listen-on-v6 { none; }; }; zone 0.0.127.in-addr.arpa in { type master; file db.127.0.0; notify no; }; But, I still have the same log entries when I start named. I then modified named.conf to specifically exclude the other interfaces: listen-on { localhost; 153.104.92.2; !153.104.92.4; !10.104.36.20; }; But, again, I'm still seeing it state that it is listening on the excluded interfaces. I tried increasing the debug level, but I didn't see any additional info pertaining to this. I know that it is listening on the excluded interfaces because I see a queries on the 10.104.36.20 interface: Sep 9 13:09:16 ns3a/ns3a named[22867]: [ID 873579 daemon.info] client 10.104.109.0#1041: query (cache) 'ATF/A/IN' denied Sep 9 13:09:16 ns3a/ns3a named[22867]: [ID 873579 daemon.info] client 10.104.109.0#1046: query (cache) 'ATP.villanova.edu/A/IN' denied Is this a known problem? It's an issue for us because we restrict DNS queries to particular interfaces. If it isn't a known bug, I'd be glad to help troubleshoot this problem. Thanks. -John ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
BIND 9.6.1-P1
Does anyone knows if there is any solaris .pkg distribution for BIND 9.6.1-P1? Im looking to replace old versions as per: https://www.isc.org/node/474 Thank you, Julian___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
BIND 9.6.1-P1
Does anyone knows if there is any solaris .pkg distribution for BIND 9.6.1-P1? Im looking to replace old versions as per: https://www.isc.org/node/474 Thank you, Julian___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
ISC BIND 9.6.1-P1 is now available
BIND 9.6.1-P1 is now available. BIND 9.6.1-P1 is a SECURITY PATCH for BIND 9.6.1. It addresses a denial-of-service bug in which a malformed UPDATE packet caused named to crash. Bugs should be reported to bind9-b...@isc.org. BIND 9.6.1-P1 can be downloaded from: ftp://ftp.isc.org/isc/bind9/9.6.1-P1/bind-9.6.1-P1.tar.gz PGP signatures of the distribution are at: ftp://ftp.isc.org/isc/bind9/9.6.1-P1/bind-9.6.1-P1.tar.gz.asc ftp://ftp.isc.org/isc/bind9/9.6.1-P1/bind-9.6.1-P1.tar.gz.sha256.asc ftp://ftp.isc.org/isc/bind9/9.6.1-P1/bind-9.6.1-P1.tar.gz.sha512.asc The signatures were generated with the ISC public key, which is available at https://www.isc.org/about/openpgp A binary kit for Windows XP, Windows 2003 and Windows 2008 is at: ftp://ftp.isc.org/isc/bind9/9.6.1-P1/BIND9.6.1-P1.zip ftp://ftp.isc.org/isc/bind9/9.6.1-P1/BIND9.6.1-P1.debug.zip PGP signatures of the binary kit are at: ftp://ftp.isc.org/isc/bind9/9.6.1-P1/BIND9.6.1-P1.zip.asc ftp://ftp.isc.org/isc/bind9/9.6.1-P1/BIND9.6.1-P1.zip.sha256.asc ftp://ftp.isc.org/isc/bind9/9.6.1-P1/BIND9.6.1-P1.zip.sha512.asc ftp://ftp.isc.org/isc/bind9/9.6.1-P1/BIND9.6.1-P1.debug.zip.asc ftp://ftp.isc.org/isc/bind9/9.6.1-P1/BIND9.6.1-P1.debug.zip.sha256.asc ftp://ftp.isc.org/isc/bind9/9.6.1-P1/BIND9.6.1-P1.debug.zip.sha512.asc Changes since 9.6.1: 2640. [security] A specially crafted update packet will cause named to exit. [RT #2] -- Evan Hunt -- e...@isc.org Internet Systems Consortium, Inc. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users