Strange error from nsupdate
chris.p.buxton at gmail.com
Mon Feb 14 19:18:21 UTC 2011
On Feb 14, 2011, at 6:31 AM, Chris Thompson wrote:
> We are running BIND 9.7.2-P3, and update our zones with nsupdate calls
> that look like this:
> nsupdate -v -k keys/update-key <[input] >/dev/null 2>[errors]
> This is run from a Solaris 10_x86 non-global "zone" (container).
> On a couple of occasions it has generated the error
> dns_dispatch_getudp (v4): permission denied
> This seems to strike at random, and goes away on retrying the same
> nsupdate call. What's really strange here is that nsupdate is being
> told to use TCP (the -v option), so why is it messing around with UDP?
> Has anyone else seen this?
I haven't seen it specifically, but:
- nsupdate might be sending a query (over UDP) to fill in missing info, such as the zone or server to update.
- Your Solaris container might be the problem. I've heard of problems running named in a container, typically performance problems but this type of behavior might explain a performance issue.
More information about the bind-users