problems with slave after upgrade.

Mark.Andrews at nominum.com Mark.Andrews at nominum.com
Mon Jun 4 23:42:28 UTC 2001 

> Touch worked thanks again.
> 
> Didn't think file ownership mattered since bind is running as root.

	Which means that you haven't read the documentation that comes
	with BIND 9 as it does matter under Linux.

	Why are you bothering the list without first reading the
	documentation?  Why are you bothering the list without
	first seaching the list archives?

	Mark

> Changed
> all files and folder to root.root just in case. This is the newest error
> message. No longer denied now timeouts.
> 
> Jun  4 14:34:42 ns2 /usr/local/sbin/named[29605]: refresh_callback: zone
> drpill.com/IN: failure for 216.143.228.100#53: timed out
> 
> And it still gives permission denied when updating a zone.
> 
> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On
> Behalf Of Michael Kjorling
> Sent: Monday, June 04, 2001 1:49 PM
> To: BIND-Users
> Subject: Re: problems with slave after upgrade.
> 
> 
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Jun 4 2001 13:28 -0400, Charles Bodley wrote:
> 
> > I have just upgraded to 9.1.2 from 8.2.3 Everything went smoothly but I
> was
> > getting this error message in my logs.
> >
> > Jun  1 16:56:26 ns2 modprobe: modprobe: Can't locate module net-pf-10
> >
> > Michael Kjörling was kind enough to explain what it was and how to get a
> rid
> > of it.
> >
> > "It's about IPv6 support. Just put "alias net-pf-10 off" into your
> > /etc/conf.modules (or /etc/modules.conf), and the warning should go
> > away. It did for me.
> > Michael Kjörling"
> > This relieved that error message but createed a new one.
> > Jun  4 13:18:25 ns2 modprobe: Note: /etc/conf.modules is more recent than
> > /lib/modules/2.2.14-5.0/modules.dep
> 
> This is not critical. I solved it the dirty way (`touch
> /lib/modules/2.2.18/modules.dep' in my case), but I know there's a
> better way to do it. Just can't remember the command off the top of my
> head.
> 
> Haven't had any problems because of the touch approach though.
> 
> A hint - you might want to consider upgrading the kernel. 2.2.14-5.0
> (which ships with Red Hat 6.2) seems to have rather severe problems in
> its TCP/IP stack. One of my servers was constantly freezing (no error
> output on the console nor in the logs), but since I upgraded to
> 2.2.18, I haven't had a single problem with it. I'd say it's better to
> do it the safe way, especially if the server is publicly accessible
> (which I'd assume).
> 
> 
> > And on closer inspection there were other errors that I had missed.These
> > occured on every domain.
> > Jun  1 17:10:59 ns2 /usr/local/sbin/named[24904]: refresh_callback: zone
> > ltitrucks.com/IN: isc_file_settime(db.ltitrucks_com): permission denied
> > Jun  1 17:10:59 ns2 /usr/local/sbin/named[24904]: notify failed: not
> > authoritative for notify zone (REFUSED)
> > Jun  1 17:10:59 ns2 /usr/local/sbin/named[24904]: refresh_callback: zone
> > foodstamp.com/IN: isc_file_settime(db.foodstamp_com): permission denied
> > Jun  1 17:11:00 ns2 /usr/local/sbin/named[24904]: refresh_callback: zone
> > vpnapp.com/IN: isc_file_settime(db.vpnapp_com): permission denied
> 
> Is the file permissions set correctly on both the directory containing
> the zone files *and* the zone files themselves? That is the first
> thing I would check.
> 
> 
> > And when I attempted a transfer This was the logged messages.
> > Jun  4 13:24:09 ns2 /usr/local/sbin/named[29235]: transfer of
> 'ftlogix.com'
> > from 216.143.228.100#53: receiving responses: permission denied
> > Jun  4 13:24:09 ns2 /usr/local/sbin/named[29235]: transfer of
> 'ftlogix.com'
> > from 216.143.228.100#53: end of transfer
> > Jun  4 13:24:11 ns2 named[29271]: slave zone "ftlogix.com" (IN) loaded
> > (serial 2001032901)
> 
> This seems to me at a first glance at least like a file permission
> problem - since the transfer wasn't *refused*, it could hardly be that
> 216.143.228.100 doesn't have ns2 in its allow-transfer{} clause, but I
> would check that too just to be sure. Try the file permission approach
> first, though. And restart BIND (`ndc reload' might do as well, but my
> experiences with BIND 8 is *extremely* limited to say the least.)
> 
> 
> Michael Kjörling
> 
> - --
> Michael Kjörling - michael at kjorling.com - PGP: 8A70E33E
> "We must be the change we wish to see" (Mahatma Gandhi)
> 
> ^..^     Support the wolves in Norway -- go to     ^..^
>  \/   http://home.no.net/ulvelist/protest_int.htm   \/
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.6 (GNU/Linux)
> Comment: For info see http://www.gnupg.org
> 
> iD8DBQE7G8oCKqN7/Ypw4z4RApaLAJ0UHUH1t4/csiFdjYcNerg7Ebzp/gCg9clB
> cXFkC+oW4O+UsA29wgILLIw=
> =nXLH
> -----END PGP SIGNATURE-----
> 
> 
> 
> 
> 
> 
--
Mark Andrews, Nominum Inc.
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at nominum.com

More information about the bind-users mailing list