Strange Firewall Behavior with bind

G.W. Haywood bind at jubileegroup.co.uk
Thu Jul 17 13:40:25 UTC 2008


Hi there,

On Thu, 17 Jul 2008, Martin McCormick wrote:

> I administer 3 master BIND 9.3.3 DNS's under FreeBSD6.2 ...  2 out
> of the 3 DNS's work perfectly, one of which is very busy, and the
> 3RD DNS, on our quietest remote campus will stop being able to query
> outside our network even though bind is still running and logging

If this were my machine and I wanted to know what was going wrong, as
it isn't very busy I would put in some instrumentation and a lot more
logging.  Actually I tend to err on the verbose side for all logging,
but then I have the luxury of managing relatively unstressed machines.
Things like tcpdump, SmokePing, 'top -b -n 1' and 'ifconfig' run from
a crontab every five minutes, verbose debugging o/p from named itself.
Are you using syslog for logging output from named?

OTOH as you're going to blow away the installation soon anyway, why
not just restart named every night from cron and see what happens?
Or reinstall from source (I guess you're using some sort of package?)

I've never used ipfw, and my knowledge of FreeBSD is minimal, so I
can't really help with the specifics.

> Folks are starting to do things like asking if we need to rebuild
> the server and rebooting the whole system when it misbehaves

Assuming that you've checked the logs for any suggestion of hardware
failures and as it only affects port 53, it's unlikely that it could
be a hardware fault.  Rebooting is something you do to Windows boxes.
So I don't think those suggestions will help a great deal.

--

73,
Ged.


More information about the bind-users mailing list