Re: Non-responsive name servers when started during boot on OS X Mavericks 10.9
On Jan 21, 2014, at 5:32 AM, Carsten Strotmann wrote: > Hi Chris, > > Chris Buxton writes: > >> I’d bet that the package from Men & Mice includes this script or an >> equivalent workaround. When I wrote the original script I wrote about >> above, I worked at Men & Mice. > > Your script or the sleep timer is not in the package anymore, but maybe > it should be. I did some testing on our MacOS X Systems, and we also did > not receive issue reports from customers using the MacOS X installer > packages. Thanks for reminding me (us). > > However I will look into the issue and put the "sleep" back in if needed > (or find a better patch to inform BIND on changes of the network config). > > @Larry: let me know if your are using the Men & Mice compiled BIND > installer packages, and if the issue still appears. Carsten, I finally had a chance to play with the Men & Mice port and it exhibited the same issue of not listening on the external address until given a SIGHUP. It’s definitely a startup timing issue and some systems may start up fast enough to not have the issue (for instance, my newer MBP with an SSD for its system disk seems to consistently come up clean without a delay script; OTOH, my iMac (primary server) and another MBP with a hard disk do not come up clean and need the delay). One other issue with Men & Mice port is installs everything in Apple reserved directories. These days, /usr/ (except /usr/local/), /var, /etc, and /System/Library should be considered reserved to Apple. User installed files should be in the /usr/local/ equivalents (or /Library instead of /System/Library). Anything in the Apple reserved directories can be overwritten by OS X updates. Apple generally does not touch /usr/local or /System/Library. -- Larry Stone lston...@stonejongleux.com http://www.stonejongleux.com/ smime.p7s Description: S/MIME cryptographic signature ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Non-responsive name servers when started during boot on OS X Mavericks 10.9
On Jan 22, 2014, at 12:27 PM, LuKreme wrote: > > Right, but Apple did this by having their compile of bind start listening on > 127.0.0.1 and then prodding it once the network was up and the IP address was > available. Since Apple doesn't take this extra step, you'd need to tell > launchd to wait for the Network, or you'd have to duplicate Apple's solution > (probably by sending need a SIGHUP when the network is live). > Looking at the BIND code at opensource.apple.com. I can have found some (but probably not all) of the changes Apple makes. But I’m not a C programmer so trying to make the same changes to what ISC distributes is probably beyond me. Nor is it probably worth the effort. The startup delay script works and boot are few and far between. What’s another 30 seconds when you’re rebooting a SOHO server with a number of users you can count on one hand? -- Larry Stone lston...@stonejongleux.com http://www.stonejongleux.com/ smime.p7s Description: S/MIME cryptographic signature ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Non-responsive name servers when started during boot on OS X Mavericks 10.9
On Jan 21, 2014, at 11:38 PM, LuKreme wrote: > > In the launchd plist do you have something like > I finally got around to testing both of these. > > NetworkState > > > Had no effect. > or maybe > > inetdCompatibility > > Wait > > > Wouldn’t even start. Repeatedly (about 150 per second) logged: Jan 24 18:37:35 host.example.com launchproxy[518]: launch_msg(CheckIn): Operation not permitted Jan 24 18:37:35 host com.apple.launchd[1] (org.isc.named[518]): Exited with code: 1 > to tell the system not to start bind until after the network is up? > > -- Larry Stone lston...@stonejongleux.com http://www.stonejongleux.com/ smime.p7s Description: S/MIME cryptographic signature ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Non-responsive name servers when started during boot on OS X Mavericks 10.9
On Wed, 22 Jan 2014, LuKreme wrote: Right, but Apple did this by having their compile of bind start listening on 127.0.0.1 and then prodding it once the network was up and the IP address was available. Since Apple doesn't take this extra step, you'd need to tell launchd to wait for the Network, or you'd have to duplicate Apple's solution (probably by sending need a SIGHUP when the network is live). This discussion is going full circle (although part of it may have been a couple of private emails I was sent). I speculated that Apple was making undocumented patches to bind and someone said no, it's as distributed. But this is why I really like installing from source - too many packagers making undocumented changes that cause software to behave differently than the documentation says it till. But I will get to testing your ideas. In the meantime, with a startup delay script and an hourly monitoring job, I have a "comfortable" environment. -- Larry Stone lston...@stonejongleux.com ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Non-responsive name servers when started during boot on OS X Mavericks 10.9
On 22 Jan 2014, at 05:37 , Larry Stone wrote: > > On Jan 21, 2014, at 11:38 PM, LuKreme wrote: > >> >> On 18 Jan 2014, at 06:52 , Larry Stone wrote: >> >>> That is not the problem. >> >> In the launchd plist do you have something like >> >> >> NetworkState >> >> >> >> or maybe >> >> inetdCompatibility >> >> Wait >> >> >> >> to tell the system not to start bind until after the network is up? > > No, but neither does Apple. Right, but Apple did this by having their compile of bind start listening on 127.0.0.1 and then prodding it once the network was up and the IP address was available. Since Apple doesn't take this extra step, you'd need to tell launchd to wait for the Network, or you'd have to duplicate Apple's solution (probably by sending need a SIGHUP when the network is live). > My launched plist is the same as what Apple provided with OS X 10.8 Right, but bind was included with the base OS X client in 10.8. > But another good area for experimentation when I have a chance (yesterday’s > surprise announcement that Logmein is discontinuing their Free product > effective immediately shuffled the priorities :-( ). Yes, that rather pissed me off as well. It's one thing to discontinue a free service, it is something else entirely to cut it off with no warning. Oh well. -- 'Winners never talk about glorious victories. That's because they're the ones who see what the battlefield looks like afterwards. It's only the losers who have glorious victories.' --Small Gods ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Non-responsive name servers when started during boot on OS X Mavericks 10.9
On Jan 21, 2014, at 11:38 PM, LuKreme wrote: > > On 18 Jan 2014, at 06:52 , Larry Stone wrote: > >> That is not the problem. > > In the launchd plist do you have something like > > > NetworkState > > > > or maybe > > inetdCompatibility > > Wait > > > > to tell the system not to start bind until after the network is up? No, but neither does Apple. My launched plist is the same as what Apple provided with OS X 10.8 as well as being the one at http://opensource.apple.com/source/bind9/bind9-45.100/org.isc.named.plist modified only for the slightly different file specs. Note that per the launchd.plist man page, NetworkState is an option to the KeepAlive key and does not stand alone in a plist. http://www.apple.com/DTDs/PropertyList-1.0.dtd";> Disabled EnableTransactions Label org.isc.named OnDemand ProgramArguments /usr/local/sbin/named -f -c /usr/local/etc/named.conf ServiceIPC But another good area for experimentation when I have a chance (yesterday’s surprise announcement that Logmein is discontinuing their Free product effective immediately shuffled the priorities :-( ). -- Larry Stone lston...@stonejongleux.com http://www.stonejongleux.com/ smime.p7s Description: S/MIME cryptographic signature ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Non-responsive name servers when started during boot on OS X Mavericks 10.9
On 18 Jan 2014, at 06:52 , Larry Stone wrote: > That is not the problem. In the launchd plist do you have something like NetworkState or maybe inetdCompatibility Wait to tell the system not to start bind until after the network is up? -- IT IS NOT YET MIDNIGHT? 'I shouldn't think it's more than a quarter past eleven.' THEN WE HAVE THREE-QUARTERS OF AN HOUR 'How can you be sure?' BECAUSE OF DRAMA, MISS FLITWORTH.. THE KIND OF DEATH WHO POSES AGAINST THE SKYLINE AND GETS LIT UP BY LIGHTNING FLASHES, said Bill Door, disapprovingly, DOESN'T TURN UP AT FIVE-AND-TWENTY PAST ELEVEN IF HE CAN POSSIBLY TURN UP AT MIDNIGHT. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Non-responsive name servers when started during boot on OS X Mavericks 10.9
On Jan 21, 2014, at 5:32 AM, Carsten Strotmann wrote: > Hi Chris, > > Chris Buxton writes: > >> I’d bet that the package from Men & Mice includes this script or an >> equivalent workaround. When I wrote the original script I wrote about >> above, I worked at Men & Mice. > > Your script or the sleep timer is not in the package anymore, but maybe > it should be. I did some testing on our MacOS X Systems, and we also did > not receive issue reports from customers using the MacOS X installer > packages. Thanks for reminding me (us). > > However I will look into the issue and put the "sleep" back in if needed > (or find a better patch to inform BIND on changes of the network config). > > @Larry: let me know if your are using the Men & Mice compiled BIND > installer packages, and if the issue still appears. Carsten, no I am not using the Men & Mice compiled BIND (until three days ago, I had not even heard of Men & Mice). I might be able to play with it in a test environment later in the week. Is there any documentation for it or is it just the installer package? -- Larry Stone lston...@stonejongleux.com http://www.stonejongleux.com/ smime.p7s Description: S/MIME cryptographic signature ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Non-responsive name servers when started during boot on OS X Mavericks 10.9
Hi Chris, Chris Buxton writes: > I’d bet that the package from Men & Mice includes this script or an > equivalent workaround. When I wrote the original script I wrote about > above, I worked at Men & Mice. Your script or the sleep timer is not in the package anymore, but maybe it should be. I did some testing on our MacOS X Systems, and we also did not receive issue reports from customers using the MacOS X installer packages. Thanks for reminding me (us). However I will look into the issue and put the "sleep" back in if needed (or find a better patch to inform BIND on changes of the network config). @Larry: let me know if your are using the Men & Mice compiled BIND installer packages, and if the issue still appears. Best regards Carsten (now building the BIND packages @ Men & Mice) ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Non-responsive name servers when started during boot on OS X Mavericks 10.9
On Jan 20, 2014, at 1:22 PM, Chris Buxton wrote: >> Problem: This morning, by happenstance, both were rebooted a few minutes >> apart and suddenly, nobody could access anything. Finally figured out that >> named on both was not responding (queries timed out). Killed named (which >> was immediately restarted by Apple’s launchd) and all was well. Rebooted the >> secondary to see if it was repeatable and same thing. Nothing of interest in >> the log - both the initial startup at boot time and restart log identically >> (and it does log the RFC 1918 empty zones warning so it gets that far). I’m >> guessing there’s some resource not available at boot time that’s causing >> named to hang but that really just a will guess. > > I remember fixing this problem way back when Apple first switched to launchd > (10.4 or so). Basically, Apple patches (or used to patch) named to make it > register with the system to be told when a network interface is added. Their > patch allowed named to start up before the network is up, and then > essentially get a SIGHUP or something like it every time a network interface > comes up or goes down. > > The problem is that launchd starts named before the network is up. The > solution is to have it wait a few seconds before starting. The way we did it > back then was to have launchd start a script instead of starting named > directly. The script would simply sleep 3 seconds (or something like that) > before starting named. It would then stay open. Thanks Chris. As I mentioned in a follow-up, I did reach that conclusion after finding it was responsive on 127.0.0.1 but not on the machine’s external address. And I have worked around it in exactly the way you mention except I have the sleep at 30 seconds (I tried 15 and it was too short - but that machine is slow; OTOH, I tested on my new MBP with an SSD system disk and it boots so fast that named seems to come up OK. For my needs, the script delay as a work-around is “good enough”. > I’d bet that the package from Men & Mice includes this script or an > equivalent workaround. When I wrote the original script I wrote about above, > I worked at Men & Mice. The problem I have with it is there’s no documentation I can find. If they have patched it, I’d like to know about. One reason I’ve moved away from Apple provided versions (besides them suddenly removing it) and am now going with all “built from source” for my server software is Apple’s tendency to make undocumented changes to open source software. It’s been a problem in the support environments of some other software I use (not that this issue is unique to Apple). I used a package inspector to look at the Men & Mice package and there’s no launchd plist in there so it’s not clear to me how they get it started. But inspecting packages is new to me so there may be other things I’m not seeing. In any event, as I said, I have a “good enough” solution for my needs so anything further on this will be mostly of intellectual interest. -- Larry Stone lston...@stonejongleux.com http://www.stonejongleux.com/ smime.p7s Description: S/MIME cryptographic signature ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Non-responsive name servers when started during boot on OS X Mavericks 10.9
On Jan 17, 2014, at 6:45 PM, Larry Stone wrote: > Background: I have been using my Macintosh as a server… […] > Problem: This morning, by happenstance, both were rebooted a few minutes > apart and suddenly, nobody could access anything. Finally figured out that > named on both was not responding (queries timed out). Killed named (which was > immediately restarted by Apple’s launchd) and all was well. Rebooted the > secondary to see if it was repeatable and same thing. Nothing of interest in > the log - both the initial startup at boot time and restart log identically > (and it does log the RFC 1918 empty zones warning so it gets that far). I’m > guessing there’s some resource not available at boot time that’s causing > named to hang but that really just a will guess. I remember fixing this problem way back when Apple first switched to launchd (10.4 or so). Basically, Apple patches (or used to patch) named to make it register with the system to be told when a network interface is added. Their patch allowed named to start up before the network is up, and then essentially get a SIGHUP or something like it every time a network interface comes up or goes down. The problem is that launchd starts named before the network is up. The solution is to have it wait a few seconds before starting. The way we did it back then was to have launchd start a script instead of starting named directly. The script would simply sleep 3 seconds (or something like that) before starting named. It would then stay open. I’d bet that the package from Men & Mice includes this script or an equivalent workaround. When I wrote the original script I wrote about above, I worked at Men & Mice. Regards, Chris Buxton ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Non-responsive name servers when started during boot on OS X Mavericks 10.9
Larry,
Your problem is that You are mistaken where to find help for your issue. This
list is for issues related to BIND only. I still think that your problem could
be fix just by installing bind again. You think is not! Then as far as is
concerned, you already received enough information to fix the issues related to
BIND. Remember that BIND have several dependencies in the OSX system and you
should know where they are located in the directory root.
By the other hand, I have the feeling you’re asking questions that is specific
to the OSX Operating system without giving us enough information from your
logs.
But I am going to give you a hint anyway. When named enter to an “unresponsive
stage” (as you said), at least you should try to localize what process is in
that stage with the; “Apple Activity Monitor”; and get an example of the
process when the situation happens. If it is related to “launchd”, it is not
related to BIND but the OSX Operating System. For that you should send the
information to the Apple bug reporter.
--
Eduardo Bonsi
System Network Admin
BEARTCOMMUNICATIONS
beart...@pacbell.net
From: Larry Stone
To: "bind-users@lists.isc.org"
Sent: Saturday, January 18, 2014 4:15 PM
Subject: Re: Non-responsive name servers when started during boot on OS X
Mavericks 10.9
Eduardo -
You’re not really reading what the problem is. When named is started as part of
system boot, it is running but non-responsive. When started any time later, it
works fine.
BIND version is latest and greatest 9.8.6 download from ISC just a few days ago
- BIND 9.8.6-P2 (have not looked at 9.9 yet). It is not outdated. Secondary was
updated to 9.8.6-P2 tray as part of testing.
Unfortunately, it sounds like you’re just throwing out how-to’s from various
sources without any real understanding of what the problem is.
Update: Further testing shows that when first launched, named is listening on
127.0.0.1 but not the external address. Restarting it lets it listen on both.
My guess is that launchd is starting it before the external TCP/IP address is
set up. Unfortunately, launchd, as far as I know, does not let you establish
dependencies. Interim solution is to have the launchd plist run a script that
does a sleep 30 before starting named (15 seconds was too short). There might
be a way to use a Listeners clause in the launchd list but that syntax is
currently beyond me. I will search in Mac OS X forums for that.
--
Larry Stone
lston...@stonejongleux.com
http://www.stonejongleux.com/
On Jan 18, 2014, at 1:03 PM, Eduardo Bonsi wrote:
> It is possible then that when you copied the BIND files back to 10.9,
> something got broken along the way? I am suspecting that is your BIND package
> itself! Forget about your actual BIND package, it is outdated!
>
> 1. Go to support.menandmice.com
>
> (http://support.menandmice.com/download/bind/macosx/10.9-Mavericks/)
>
> and download the last package of Bind for Mavericks! Thanks to them for
> keeping up in areas where Apple is dropping the ball. I believe yours is
> ISCBIND-9.9.4-x86_64-10.9.zip 25-Oct-2013 20:15
> 18492934
>
> In case you do not use Bind with the (RRL) Responsible Rate Limit.
>
> If you decided for instance to use BIND with RRL you have to download this
> package,
> ISCBIND-9.9.4r-x86_64-10.9.zip 25-Oct-2013 20:15
> 18641078
> ...and add these line at your named.conf file,
>
> rate-limit {
> responses-per-second 5;
> log-only yes;
> };
>
> Some more info about RRL can be found here,
> https://www.isc.org/blogs/bind-9-9-4-released/
>
> 2. Make sure you have your rndc.key configuration setup accordingly.
> nano /etc/rndc.key
>
> Double check your name.conf file for the
> dnssec-lookaside . trust-anchor dlv.isc.org.;
>
> 3. Then,
> dscacheutil -flushcache
>
> To re-start!
>
>
>
>
>
>
> --
> Eduardo Bonsi
> System/Network Admin
> BEARTCOMMUNICATIONS
> beart...@pacbell.net
>
> From: Larry Stone
> To: "bind-users@lists.isc.org"
> Sent: Saturday, January 18, 2014 5:52 AM
> Subject: Re: Non-responsive name servers when started during boot on OS X
> Mavericks 10.9
>
> That is not the problem. Named does start at boot but it is non-responsive
> (with further thought, perhaps it is for some reason not listening on port
> 53). When killed and restarted, it then works fine.
>
> I am not familiar with macshadows.com but those directions are incomplete and
> and assume the existence of files that may not exist. The first command
> listed,
> launchctl load -w /System/Library/LaunchDaemons/org.isc.named.plist, loads
> org.isc.named.plist and with the -w, marks it “enabled” and to be l
Re: Non-responsive name servers when started during boot on OS X Mavericks 10.9
Eduardo -
You’re not really reading what the problem is. When named is started as part of
system boot, it is running but non-responsive. When started any time later, it
works fine.
BIND version is latest and greatest 9.8.6 download from ISC just a few days ago
- BIND 9.8.6-P2 (have not looked at 9.9 yet). It is not outdated. Secondary was
updated to 9.8.6-P2 tray as part of testing.
Unfortunately, it sounds like you’re just throwing out how-to’s from various
sources without any real understanding of what the problem is.
Update: Further testing shows that when first launched, named is listening on
127.0.0.1 but not the external address. Restarting it lets it listen on both.
My guess is that launchd is starting it before the external TCP/IP address is
set up. Unfortunately, launchd, as far as I know, does not let you establish
dependencies. Interim solution is to have the launchd plist run a script that
does a sleep 30 before starting named (15 seconds was too short). There might
be a way to use a Listeners clause in the launchd list but that syntax is
currently beyond me. I will search in Mac OS X forums for that.
--
Larry Stone
lston...@stonejongleux.com
http://www.stonejongleux.com/
On Jan 18, 2014, at 1:03 PM, Eduardo Bonsi wrote:
> It is possible then that when you copied the BIND files back to 10.9,
> something got broken along the way? I am suspecting that is your BIND package
> itself! Forget about your actual BIND package, it is outdated!
>
> 1. Go to support.menandmice.com
>
> (http://support.menandmice.com/download/bind/macosx/10.9-Mavericks/)
>
> and download the last package of Bind for Mavericks! Thanks to them for
> keeping up in areas where Apple is dropping the ball. I believe yours is
> ISCBIND-9.9.4-x86_64-10.9.zip 25-Oct-2013 20:15
> 18492934
>
> In case you do not use Bind with the (RRL) Responsible Rate Limit.
>
> If you decided for instance to use BIND with RRL you have to download this
> package,
> ISCBIND-9.9.4r-x86_64-10.9.zip 25-Oct-2013 20:15
> 18641078
> ...and add these line at your named.conf file,
>
> rate-limit {
>responses-per-second 5;
>log-only yes;
>};
>
> Some more info about RRL can be found here,
> https://www.isc.org/blogs/bind-9-9-4-released/
>
> 2. Make sure you have your rndc.key configuration setup accordingly.
> nano /etc/rndc.key
>
> Double check your name.conf file for the
> dnssec-lookaside . trust-anchor dlv.isc.org.;
>
> 3. Then,
> dscacheutil -flushcache
>
> To re-start!
>
>
>
>
>
>
> --
> Eduardo Bonsi
> System/Network Admin
> BEARTCOMMUNICATIONS
> beart...@pacbell.net
>
> From: Larry Stone
> To: "bind-users@lists.isc.org"
> Sent: Saturday, January 18, 2014 5:52 AM
> Subject: Re: Non-responsive name servers when started during boot on OS X
> Mavericks 10.9
>
> That is not the problem. Named does start at boot but it is non-responsive
> (with further thought, perhaps it is for some reason not listening on port
> 53). When killed and restarted, it then works fine.
>
> I am not familiar with macshadows.com but those directions are incomplete and
> and assume the existence of files that may not exist. The first command
> listed,
> launchctl load -w /System/Library/LaunchDaemons/org.isc.named.plist, loads
> org.isc.named.plist and with the -w, marks it “enabled” and to be loaded and
> started at boot time. It does not create org.isc.named.plist.
>
> The second line merely appends that command to /etc/launchd.conf but that is
> unneeded as anything in /System/Library/LaunchDeamons and
> /Library/LaunchDeamons that has been marked “enabled” with a previous load -w
> will start at boot. By default, there is no /etc/launchd.conf (I do not have
> or need one).
>
> BTW, /System/Library/LaunchDaemons is reserved for Apple provided launch
> daemons. User provided ones belong in /Library/LaunchDaemons. When Apple was
> providing BIND in version prior to 10.9, /System/Library/LaunchDaemons was
> the proper place for org.isc.named.plist but now that it’s user provided, it
> belongs in /Library/LaunchDaemons/.
>
> --
> Larry Stone
> lston...@stonejongleux.com
> http://www.stonejongleux.com/
>
>
> On Jan 17, 2014, at 11:10 PM, Eduardo Bonsi wrote:
>
> > Hello Larry,
> >
> > I had the same "head-ache" when I upgraded to 10.9. It seems that instead
> > going forward we all took a step behind. I guess this type of free stuff
> > does come with something attached to it. Anyways, when you upgraded to 10.9
> > the boot files were wipe clean from the /Sy
Re: Non-responsive name servers when started during boot on OS X Mavericks 10.9
It is possible then that when you copied the BIND files back to 10.9, something
got broken along the way? I am suspecting that is your BIND package itself!
Forget about your actual BIND package, it is outdated!
1. Go to support.menandmice.com
(http://support.menandmice.com/download/bind/macosx/10.9-Mavericks/)
and download the last package of Bind for Mavericks! Thanks to them for keeping
up in areas where Apple is dropping the ball. I believe yours is
ISCBIND-9.9.4-x86_64-10.9.zip 25-Oct-2013 20:15
18492934
In case you do not use Bind with the (RRL) Responsible Rate Limit.
If you decided for instance to use BIND with RRL you have to download this
package,
ISCBIND-9.9.4r-x86_64-10.9.zip 25-Oct-2013 20:15
18641078
...and add these line at your named.conf file,
rate-limit {
responses-per-second 5;
log-only yes;
};
Some more info about RRL can be found here,
https://www.isc.org/blogs/bind-9-9-4-released/
2. Make sure you have your rndc.key configuration setup accordingly.
nano /etc/rndc.key
Double check your name.conf file for the
dnssec-lookaside . trust-anchor dlv.isc.org.;
3. Then,
dscacheutil -flushcache
To re-start!
--
Eduardo Bonsi
System/Network Admin
BEARTCOMMUNICATIONS
beart...@pacbell.net
From: Larry Stone
To: "bind-users@lists.isc.org"
Sent: Saturday, January 18, 2014 5:52 AM
Subject: Re: Non-responsive name servers when started during boot on OS X
Mavericks 10.9
That is not the problem. Named does start at boot but it is non-responsive
(with further thought, perhaps it is for some reason not listening on port 53).
When killed and restarted, it then works fine.
I am not familiar with macshadows.com but those directions are incomplete and
and assume the existence of files that may not exist. The first command listed,
launchctl load -w /System/Library/LaunchDaemons/org.isc.named.plist, loads
org.isc.named.plist and with the -w, marks it “enabled” and to be loaded and
started at boot time. It does not create org.isc.named.plist.
The second line merely appends that command to /etc/launchd.conf but that is
unneeded as anything in /System/Library/LaunchDeamons and
/Library/LaunchDeamons that has been marked “enabled” with a previous load -w
will start at boot. By default, there is no /etc/launchd.conf (I do not have or
need one).
BTW, /System/Library/LaunchDaemons is reserved for Apple provided launch
daemons. User provided ones belong in /Library/LaunchDaemons. When Apple was
providing BIND in version prior to 10.9, /System/Library/LaunchDaemons was the
proper place for org.isc.named.plist but now that it’s user provided, it
belongs in /Library/LaunchDaemons/.
--
Larry Stone
lston...@stonejongleux.com
http://www.stonejongleux.com/
On Jan 17, 2014, at 11:10 PM, Eduardo Bonsi wrote:
> Hello Larry,
>
> I had the same "head-ache" when I upgraded to 10.9. It seems that instead
> going forward we all took a step behind. I guess this type of free stuff does
> come with something attached to it. Anyways, when you upgraded to 10.9 the
> boot files were wipe clean from the /System/Library/LaunchDaemons/
>
> Open the terminal and restore it by entering the comand!
> ---
> launchctl load -w /System/Library/LaunchDaemons/org.isc.named.plist
> echo "launchctl start org.isc.named" >> /etc/launchd.conf
> ---
> Then re-start BIND
> ---
> launchctl start org.isc.named
>
>---
>
> There are several places talking about this stuff but you can verify here:
> Configure BIND to Launch at Startup
> http://www.macshadows.com/kb/index.php?title=How_To:_Enable_BIND_-_Mac_OS_X's_Built-in_DNS_Server
>
> I hope that helps!
>
> --
> Eduardo Bonsi
> System Admin
> BEARTCOMMUNICATIONS
> beart...@pacbell.net
>
> From: Larry Stone
> To: bind-users@lists.isc.org
> Sent: Friday, January 17, 2014 6:45 PM
> Subject: Non-responsive name servers when started during boot on OS X
> Mavericks 10.9
>
> Background: I have been using my Macintosh as a server running the client
> version of OS X (not OS X Server) for many years. Until 10.9 (Mavericks),
> Apple provided BIND and it worked just fine. My servers were internal only
> providing behind-NAT local addresses for the local network as well as caching
> for external names. All went well.
>
> With the release of 10.9, BIND was no longer provided (I’m currently on
> 10.9.1). I initially restored the ve
Re: Non-responsive name servers when started during boot on OS X Mavericks 10.9
That is not the problem. Named does start at boot but it is non-responsive (with further thought, perhaps it is for some reason not listening on port 53). When killed and restarted, it then works fine. I am not familiar with macshadows.com but those directions are incomplete and and assume the existence of files that may not exist. The first command listed, launchctl load -w /System/Library/LaunchDaemons/org.isc.named.plist, loads org.isc.named.plist and with the -w, marks it “enabled” and to be loaded and started at boot time. It does not create org.isc.named.plist. The second line merely appends that command to /etc/launchd.conf but that is unneeded as anything in /System/Library/LaunchDeamons and /Library/LaunchDeamons that has been marked “enabled” with a previous load -w will start at boot. By default, there is no /etc/launchd.conf (I do not have or need one). BTW, /System/Library/LaunchDaemons is reserved for Apple provided launch daemons. User provided ones belong in /Library/LaunchDaemons. When Apple was providing BIND in version prior to 10.9, /System/Library/LaunchDaemons was the proper place for org.isc.named.plist but now that it’s user provided, it belongs in /Library/LaunchDaemons/. -- Larry Stone lston...@stonejongleux.com http://www.stonejongleux.com/ On Jan 17, 2014, at 11:10 PM, Eduardo Bonsi wrote: > Hello Larry, > > I had the same "head-ache" when I upgraded to 10.9. It seems that instead > going forward we all took a step behind. I guess this type of free stuff does > come with something attached to it. Anyways, when you upgraded to 10.9 the > boot files were wipe clean from the /System/Library/LaunchDaemons/ > > Open the terminal and restore it by entering the comand! > --- > launchctl load -w /System/Library/LaunchDaemons/org.isc.named.plist > echo "launchctl start org.isc.named" >> /etc/launchd.conf > --- > Then re-start BIND > --- > launchctl start org.isc.named > > --- > > There are several places talking about this stuff but you can verify here: > Configure BIND to Launch at Startup > http://www.macshadows.com/kb/index.php?title=How_To:_Enable_BIND_-_Mac_OS_X's_Built-in_DNS_Server > > I hope that helps! > > -- > Eduardo Bonsi > System Admin > BEARTCOMMUNICATIONS > beart...@pacbell.net > > From: Larry Stone > To: bind-users@lists.isc.org > Sent: Friday, January 17, 2014 6:45 PM > Subject: Non-responsive name servers when started during boot on OS X > Mavericks 10.9 > > Background: I have been using my Macintosh as a server running the client > version of OS X (not OS X Server) for many years. Until 10.9 (Mavericks), > Apple provided BIND and it worked just fine. My servers were internal only > providing behind-NAT local addresses for the local network as well as caching > for external names. All went well. > > With the release of 10.9, BIND was no longer provided (I’m currently on > 10.9.1). I initially restored the version of named from 10.8 along with my > configuration and zone files and all was well (at least as far as I could > tell). I then switched to building from source and all was still well (I > thought). The primary server was just upgraded to 9.8.6-P2 while the > secondary (not a server except as a redundant name server) is still at > 9.8.6-P1 (upgrade planned for this weekend). > > Problem: This morning, by happenstance, both were rebooted a few minutes > apart and suddenly, nobody could access anything. Finally figured out that > named on both was not responding (queries timed out). Killed named (which was > immediately restarted by Apple’s launchd) and all was well. Rebooted the > secondary to see if it was repeatable and same thing. Nothing of interest in > the log - both the initial startup at boot time and restart log identically > (and it does log the RFC 1918 empty zones warning so it gets that far). I’m > guessing there’s some resource not available at boot time that’s causing > named to hang but that really just a will guess. > > I know I’m not providing much information but there’s nothing else I can find > so any help with just figuring out why it fails when started at boot time > will be a help. > > -- > Larry Stone > lston...@stonejongleux.com > http://www.stonejongleux.com/ > > > > > ___ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsub
Re: Non-responsive name servers when started during boot on OS X Mavericks 10.9
Hello Larry, I had the same "head-ache" when I upgraded to 10.9. It seems that instead going forward we all took a step behind. I guess this type of free stuff does come with something attached to it. Anyways, when you upgraded to 10.9 the boot files were wipe clean from the /System/Library/LaunchDaemons/ Open the terminal and restore it by entering the comand! --- launchctl load -w /System/Library/LaunchDaemons/org.isc.named.plist echo "launchctl start org.isc.named" >> /etc/launchd.conf --- Then re-start BIND --- launchctl start org.isc.named --- There are several places talking about this stuff but you can verify here: Configure BIND to Launch at Startup http://www.macshadows.com/kb/index.php?title=How_To:_Enable_BIND_-_Mac_OS_X's_Built-in_DNS_Server I hope that helps! -- Eduardo Bonsi System Admin BEARTCOMMUNICATIONS beart...@pacbell.net From: Larry Stone To: bind-users@lists.isc.org Sent: Friday, January 17, 2014 6:45 PM Subject: Non-responsive name servers when started during boot on OS X Mavericks 10.9 Background: I have been using my Macintosh as a server running the client version of OS X (not OS X Server) for many years. Until 10.9 (Mavericks), Apple provided BIND and it worked just fine. My servers were internal only providing behind-NAT local addresses for the local network as well as caching for external names. All went well. With the release of 10.9, BIND was no longer provided (I’m currently on 10.9.1). I initially restored the version of named from 10.8 along with my configuration and zone files and all was well (at least as far as I could tell). I then switched to building from source and all was still well (I thought). The primary server was just upgraded to 9.8.6-P2 while the secondary (not a server except as a redundant name server) is still at 9.8.6-P1 (upgrade planned for this weekend). Problem: This morning, by happenstance, both were rebooted a few minutes apart and suddenly, nobody could access anything. Finally figured out that named on both was not responding (queries timed out). Killed named (which was immediately restarted by Apple’s launchd) and all was well. Rebooted the secondary to see if it was repeatable and same thing. Nothing of interest in the log - both the initial startup at boot time and restart log identically (and it does log the RFC 1918 empty zones warning so it gets that far). I’m guessing there’s some resource not available at boot time that’s causing named to hang but that really just a will guess. I know I’m not providing much information but there’s nothing else I can find so any help with just figuring out why it fails when started at boot time will be a help. -- Larry Stone lston...@stonejongleux.com http://www.stonejongleux.com/ ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Non-responsive name servers when started during boot on OS X Mavericks 10.9
Background: I have been using my Macintosh as a server running the client version of OS X (not OS X Server) for many years. Until 10.9 (Mavericks), Apple provided BIND and it worked just fine. My servers were internal only providing behind-NAT local addresses for the local network as well as caching for external names. All went well. With the release of 10.9, BIND was no longer provided (I’m currently on 10.9.1). I initially restored the version of named from 10.8 along with my configuration and zone files and all was well (at least as far as I could tell). I then switched to building from source and all was still well (I thought). The primary server was just upgraded to 9.8.6-P2 while the secondary (not a server except as a redundant name server) is still at 9.8.6-P1 (upgrade planned for this weekend). Problem: This morning, by happenstance, both were rebooted a few minutes apart and suddenly, nobody could access anything. Finally figured out that named on both was not responding (queries timed out). Killed named (which was immediately restarted by Apple’s launchd) and all was well. Rebooted the secondary to see if it was repeatable and same thing. Nothing of interest in the log - both the initial startup at boot time and restart log identically (and it does log the RFC 1918 empty zones warning so it gets that far). I’m guessing there’s some resource not available at boot time that’s causing named to hang but that really just a will guess. I know I’m not providing much information but there’s nothing else I can find so any help with just figuring out why it fails when started at boot time will be a help. -- Larry Stone lston...@stonejongleux.com http://www.stonejongleux.com/ smime.p7s Description: S/MIME cryptographic signature ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
