named SUDDENLY stopped working
G. Roderick Singleton
gerry at pathtech.org
Thu Mar 2 21:43:28 UTC 2006
On Thu, 2006-03-02 at 20:39 +0000, Chris Thompson wrote:
> On Mar 2 2006, Mark Andrews wrote:
>
> >
> >> on my master DNS server, rndc suddenly (March 1 2006) stopped working,
> >> giving my the error "rndc: connect failed: timed out" this is after
> >> MONTHS of being up, years after creation of the bind setup with the
> >> keys and everything.
> >
> > There error indicates that the TCP connection failed. Either
> > named is nolonger listening or the accept queue is full or
> > a firewall in blocking the connection or kernel resources
> > are exchausted or ...
> >
> >> machine running sunOS 5.8, BIND 9.2.2rc1
> >
> > Upgrade. BIND 9.2.2 is well past its "use by" date.
> >
> > Also we don't expect people to keep running release candidates
> > after the final release. We do not look at release candidates
> > when looking for which versions are vulnerable to a security
> > issue.
>
> Good advice in general, but I'm sorry to say that I have observed almost
> exactly that effect with other versions, most recently 9.2.5 (and Solaris 8,
> again). Not with 9.3.2 as yet, but we've only been running that a few days ...
>
> In practice we've always been in too much of a hurry to get the nameserver
> working again to investigate the problem in depth. But netstat still shows
> BIND listening on port 953 (on the loopback interface) on the face of it.
>
Isn't 953 the rndc port? It is on my system.
--
G. Roderick Singleton <gerry at pathtech.org>
PATH tech
More information about the bind-users
mailing list