When running Bind 8.2.1 on Redhat 6.0 BIND locks up when recieving an invalid zone transfer. The only solution is to restart bind. An strace makes it appear that this might be a glibc bug relating to the gettimeofday function, but it could be anything. The fact is that it renders a DNS server useless. I emailed jturner a detailed message and a confirmation by another individual on this problem. -- OUTPUT FROM strace -- recvfrom(22, "\2471\1\0\0\1\0\0\0\0\0\0\00235\002"..., 513, 0, {sin_family=AF_INET, sin_port=htons(1546), sin_addr=inet_addr("195.17.98.35")}, [16]) = 43 sendto(22, "\2471\205\200\0\1\0\1\0\3\0\3\002"..., 207, 0, {sin_family=AF_INET, sin_port=htons(1546), sin_addr=inet_addr("195.17.98.35")}, 16) = 207 recvfrom(22, 0xbffff9a0, 513, 0, 0xbffffba4, 0xbffff98c) = -1 ECONNREFUSED (Connection refused) gettimeofday({934263570, 54725}, NULL) = 0 readv(7, [{"\0\"", 2}], 1) = 2 fcntl(7, F_GETFL) = 0x802 (flags O_RDWR|O_NONBLOCK) gettimeofday({934263570, 55682}, NULL) = 0 fcntl(7, F_GETFL) = 0x802 (flags O_RDWR|O_NONBLOCK) gettimeofday({934263570, 56295}, NULL) = 0 write(8, "\0\277\5[\204\200\0\1\0\1\0\3\0\3"..., 193) = 193 fcntl(8, F_GETFL) = 0x802 (flags O_RDWR|O_NONBLOCK) fcntl(8, F_GETFL) = 0x802 (flags O_RDWR|O_NONBLOCK) gettimeofday({934263570, 58175}, NULL) = 0 readv(6, [{"\0\33", 2}], 1) = 0 fcntl(6, F_GETFL) = 0x802 (flags O_RDWR|O_NONBLOCK) gettimeofday({934263570, 59138}, NULL) = 0 close(6 -- OUTPUT from strace --
Probably also the cause of BUG 4111
*** Bug 4111 has been marked as a duplicate of this bug. *** After upgrading from Redhat5.2 to Redhat6.0, bind started having some serious problems. Our nameserver, which handles DNS for about 10,000 users and 800 domains, started experiencing "brown outs", where it would just stop responding. The solution was to either wait a long time, and it would correct itself, or restart named. It is not reproducable at will, but it does happen at least a few times a day, on our system with that load. Also I would notice that on many occasions bind would peg the cpu. Moving the rawhide's bind fixed this problem. Reason is still unknown. ------- Additional Comments From jturner 07/20/99 13:36 ------- This issue has been submitted to developer for further action. I think that we might want to consider releasing bind-8.2.1-3 as an errata item, as it seems to fix a number of problems that people are seeing in bind-8.2-6.
Does the bind from rawhide and/or Lorax fixes the problem? ------- Additional Comments From 09/30/99 02:05 ------- One the topic of bind 8.2.1, There are some serious bugs (according to ISC) in BIND 8.2 and below that could allow someone access to root privledges and/or cause Denial Of Service attacks. There is not an rpm on bind 8.2.1 yet is there? And will the problem described by emoliter exist in all releases of BIND 8.2.1? I am trying to decide if I should upgrade my nameserver running 8.2 to 8.2.1 or if I should perhaps wait for 8.2.1a or something. Please help. ------- Additional Comments From 09/30/99 02:08 ------- Correction to above. I think I did not make it clear that the bugs described by ISC in Bind 8.2 only effect bind 8.2. They are fixed in 8.2.1. I am just concerned about what to do because I have not seen an rpm for bind 8.2.1. My redhat 6.0 machine came with and is currently using Bind 8.2
Shouldn't this be marked as fixed in the errata?
The rpm fropm 6.1 fixes this. Also the rpms available through errata pages.