CLOSE_WAIT not closing in Bind 9.2.0
D.M.
hmprimerib at hotmail.com
Tue Jan 22 00:41:46 UTC 2002
> >Yes, netstat says port 53. It's all TCP stuff.
<snip>
> >Any thoughts?
>
> Interesting. I assume none of those are your slave servers. My guess was
> going to be that you were being port-scanned, but some of those addresses
> reverse-resolve to names that look like ISP servers (216.37.1.19 =
> ns1.onecall.net).
>
> Do you have any large entries in your DNS that would cause DNS queries to
> switch from UDP to TCP? Like a name with several dozen A records, or an
> address with lots of PTR records.
Nope, those aren't our slavers.
Yeah, we have quite a few records with data that would exceed UDP
packet size which explains the use of TCP.
I can't figure out why named isn't closing those connections. Why
would it sit in CLOSE_WAIT ? The following doc says I should truss
and snoop to find the answer.
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=finfodoc%2F19137&zone_32=closing%20tcp%20connections
Guess that's my only path of action at this point.
Thanks.
More information about the bind-users
mailing list