Trying to do reverse lookups, but crashing named instead.

Stack Kororā i.am.stack at gmail.com
Thu Jan 19 20:18:34 UTC 2012


Hello,

The dhcpd mailinglist sent me your way with a problem I am having with
named/dhcpd.

The problem I have is that I can not seem to get reverse hostname lookups
in my PXEboot, which means my PXEboot clients think they are localhost.

The problem that may be more relevant to the BIND list is that I can
reproducibly cause named to crash with a nasty looking error.

I am running on Scientific Linux 6.2 (rolling) with
bind-9.7.3-8.P3.el6.x86_64 and dhcp-4.1.1-25.P1.el6_2.1.x86_64.

In my log files below what I did was run `service named restart && service
dhcpd restart` then promptly start a PXEboot. The log file starts with the
first named message. Please let me know if there are other files or any
other information you would care for. The crash always starts with this
line first "failed to create new zone: already exists".

Files are attached in this order:
dhcpd.conf
named.conf
resolv.conf
project
project.reverse
messages
rndc.key <- Nope, don't care that I am posting this. I know it is supposed
to be secret but this is a virtual machine test lab with zero importance
and isn't connected to the internet.


There are two other logging files mentioned in the conf files:
/var/log/named-auth.info never has any information in it.
/var/log/update-debug.log mostly complains about this:
update: info: client 127.0.0.1#46599: updating zone 'project.local/IN':
update unsuccessful: aa001.project.local: 'name not in use' prerequisite
not satisfied (YXDOMAIN)

I know the error says that it thinks the domain does not exist. I have read
the FAQ and the rfc2136.txt, yet I still don't understand why it thinks
that.

Any help is appreciated.
Thanks!

~Stack~


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
dhcpd.conf
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
option domain-name "project.local";
option domain-name-servers 127.0.0.1;
authoritive;
ddns-updates    on;
update-static-leases on;
ddns-domainname "project.local";
ddns-rev-domainname    "in-addr.arpa.";
ddns-update-style interim;
allow client-updates;
update-conflict-detection false;
key rndc-key {
    algorithm hmac-md5;
    secret 8VDl3xORCQlIXZvAs/UgSQ==;
};
zone project.local. {
    primary 127.0.0.1;
    key rndc-key;
}
zone 31.172.in-addr.arpa. {
    primary 127.0.0.1;
    key rndc-key;
}
option routers 172.31.255.254;
default-lease-time 86400;
max-lease-time 86400;
deny unknown-clients;
subnet 172.31.0.0 netmask 255.255.0.0 {}
group {
filename "pxelinux.0";
next-server 172.31.200.2;
option domain-name "project.local";
host dev001 { ddns-hostname "dev001"; hardware ethernet 08:00:27:11:4B:E8;
fixed-address 172.31.201.10; }
host aa001 { ddns-hostname "aa001"; hardware ethernet 08:00:27:15:BF:F5;
fixed-address 172.31.202.1; }
host hp001 { ddns-hostname "hp001"; hardware ethernet 08:00:27:15:A3:1D;
fixed-address 172.31.203.1; }
}
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
dhcpd.conf
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include "/etc/rndc.key";
acl "project.local" { 172.31.0/16; 127.0.0.1; };
controls { inet 127.0.0.1 allow { any; } keys { "rndc-key"; }; };
logging {
    channel default_debug {
        file "data/named.run";
        severity dynamic;
    };
    channel update_debug {
                 file "/var/log/update-debug.log";
                 severity  debug 3;
                 print-category yes;
                 print-severity yes;
                 print-time     yes;
            };
            channel security_info    {
                 file "/var/log/named-auth.info";
                 severity  info;
                 print-category yes;
                 print-severity yes;
                 print-time     yes;
            };

            category update { update_debug; };
            category security { security_info; };
};
options {
    directory "/var/named"; // the default
    dump-file        "data/cache_dump.db";
    statistics-file        "data/named_stats.txt";
    memstatistics-file    "data/named_mem_stats.txt";
    forward first;
    forwarders { };
    allow-recursion { any; };
    tkey-gssapi-credential "DNS/dns.project.local";
    tkey-domain "PROJECT.LOCAL";
};
zone "project.local" {
    type master;
    file "data/project";
    allow-update { key rndc-key; 127.0.0.1; };
};
zone "31.172.in-addr.arpa" {
    type master;
    file "data/project.reverse";
    allow-update { key rndc-key; 127.0.0.1; };
};
dynamic-db "ipa" {
    library "ldap.so";
    arg "uri ldapi://%2fvar%2frun%2fslapd-PROJECT-LOCAL.socket";
    arg "base cn=dns, dc=project,dc=local";
    arg "fake_mname dns.project.local.";
    arg "auth_method sasl";
    arg "sasl_mech GSSAPI";
    arg "sasl_user DNS/dns.project.local";
    arg "zone_refresh 30";
};
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
resolv.conf
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
search project.local
nameserver 172.31.200.2
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
project
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
$ORIGIN .
$TTL 86400    ; 1 day
project.local        IN SOA    dns.project.local. project.local. (
                1          ; serial
                86400      ; refresh (1 day)
                3600       ; retry (1 hour)
                604800     ; expire (1 week)
                10800      ; minimum (3 hours)
                )
            NS    dns.project.local.
$ORIGIN project.local.
$TTL 43200    ; 12 hours
aa001            A    172.31.202.1
            TXT    "0054986fe9177c6cb8eb9e8e395511b039"
$TTL 86400    ; 1 day
dns            A    172.31.200.2

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
project.reverse
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
$ORIGIN .
$TTL 10800    ; 3 hours
31.172.in-addr.arpa    IN SOA    dns.project.local. 31.172.in-addr.arpa. (
                1          ; serial
                86400      ; refresh (1 day)
                3600       ; retry (1 hour)
                604800     ; expire (1 week)
                10800      ; minimum (3 hours)
                )
            NS    dns.project.local.
$ORIGIN 31.172.in-addr.arpa.
$TTL 43200    ; 12 hours
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
messages
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
dns named[6114]: built with '--build=x86_64-redhat-linux-gnu'
'--host=x86_64-redhat-linux-gnu' '--target=x86_64-redhat-linux-gnu'
'--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr'
'--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc'
'--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64'
'--libexecdir=/usr/libexec' '--sharedstatedir=/var/lib'
'--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-libtool'
'--localstatedir=/var' '--enable-threads' '--enable-ipv6' '--with-pic'
'--disable-static' '--disable-openssl-version-check' '--with-dlz-ldap=yes'
'--with-dlz-postgres=yes' '--with-dlz-mysql=yes'
'--with-dlz-filesystem=yes' '--with-gssapi=yes' '--disable-isc-spnego'
'--with-docbook-xsl=/usr/share/sgml/docbook/xsl-stylesheets'
'build_alias=x86_64-redhat-linux-gnu' 'host_alias=x86_64-redhat-linux-gnu'
'target_alias=x86_64-redhat-linux-gnu' 'CFLAGS= -O2 -g -pipe -Wall
-Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector
--param=ssp-buffer-size=4 -m64 -mtune=generic' 'CPPFLAGS= -DDIG_SIGCHASE'
dns named[6114]: adjusted limit on open files from 1024 to 1048576
dns named[6114]: found 1 CPU, using 1 worker thread
dns named[6114]: using up to 4096 sockets
dns named[6114]: loading configuration from '/etc/named.conf'
dns named[6114]: using default UDP/IPv4 port range: [1024, 65535]
dns named[6114]: using default UDP/IPv6 port range: [1024, 65535]
dns named[6114]: listening on IPv4 interface lo, 127.0.0.1#53
dns named[6114]: listening on IPv4 interface eth0, 172.31.200.2#53
dns named[6114]: generating session key for dynamic DNS
dns named[6114]: failed to create new zone: already exists
dns named[6114]: /etc/named.conf:50: no forwarders seen; disabling
forwarding
dns named[6114]: set up managed keys zone for view _default, file
'dynamic/managed-keys.bind'
dns named[6114]: automatic empty zone: 0.IN-ADDR.ARPA
dns named[6114]: automatic empty zone: 127.IN-ADDR.ARPA
dns named[6114]: automatic empty zone: 254.169.IN-ADDR.ARPA
dns named[6114]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
dns named[6114]: automatic empty zone: 100.51.198.IN-ADDR.ARPA
dns named[6114]: automatic empty zone: 113.0.203.IN-ADDR.ARPA
dns named[6114]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
dns named[6114]: automatic empty zone:
0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
dns named[6114]: automatic empty zone:
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
dns named[6114]: automatic empty zone: D.F.IP6.ARPA
dns named[6114]: automatic empty zone: 8.E.F.IP6.ARPA
dns named[6114]: automatic empty zone: 9.E.F.IP6.ARPA
dns named[6114]: automatic empty zone: A.E.F.IP6.ARPA
dns named[6114]: automatic empty zone: B.E.F.IP6.ARPA
dns named[6114]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
dns named[6114]: /etc/named.conf:50: no forwarders seen; disabling
forwarding
dns named[6114]: command channel listening on 127.0.0.1#953
dns named[6114]: zone 31.172.in-addr.arpa/IN: loaded serial 2
dns named[6114]: zone project.local/IN: loaded serial 1
dns named[6114]: managed-keys-zone ./IN: loading from master file
dynamic/managed-keys.bind failed: file not found
dns named[6114]: managed-keys-zone ./IN: loaded serial 0
dns named[6114]: running
dns dhcpd: Internet Systems Consortium DHCP Server 4.1.1-P1
dns dhcpd: Copyright 2004-2010 Internet Systems Consortium.
dns dhcpd: All rights reserved.
dns dhcpd: For info, please visit https://www.isc.org/software/dhcp/
dns dhcpd: Not searching LDAP since ldap-server, ldap-port and ldap-base-dn
were not specified in the config file
dns dhcpd: Wrote 0 deleted host decls to leases file.
dns dhcpd: Wrote 0 new dynamic host decls to leases file.
dns dhcpd: Wrote 0 leases to leases file.
dns dhcpd: Listening on LPF/eth0/08:00:27:8c:28:2c/172.31.0.0/16
dns dhcpd: Sending on   LPF/eth0/08:00:27:8c:28:2c/172.31.0.0/16
dns dhcpd: Sending on   Socket/fallback/fallback-net
dns named[6114]: failed to create new zone: already exists
dns named[6114]: zone.c:1377: REQUIRE((((zone) != ((void *)0)) && (((const
isc__magic_t *)(zone))->magic == ((('Z') << 24 | ('O') << 16 | ('N') << 8 |
('E')))))) failed, back trace
dns named[6114]: #0 0x7f324dd3232f in ??
dns named[6114]: #1 0x7f324c6ff73a in ??
dns named[6114]: #2 0x7f324d67660e in ??
dns named[6114]: #3 0x7f3243df590b in ??
dns named[6114]: #4 0x7f3243df9998 in ??
dns named[6114]: #5 0x7f324c71dfe8 in ??
dns named[6114]: #6 0x7f324c2d87f1 in ??
dns named[6114]: #7 0x7f324b82a70d in ??
dns named[6114]: exiting (due to assertion failure)
dns dhcpd: DHCPDISCOVER from 08:00:27:15:bf:f5 via eth0
dns dhcpd: DHCPOFFER on 172.31.202.1 to 08:00:27:15:bf:f5 via eth0
dns dhcpd: Unable to add forward map from aa001.project.local to
172.31.202.1: connection refused
dns dhcpd: DHCPREQUEST for 172.31.202.1 (172.31.200.2) from
08:00:27:15:bf:f5 via eth0
dns dhcpd: DHCPACK on 172.31.202.1 to 08:00:27:15:bf:f5 via eth0
dns xinetd[1773]: START: tftp pid=3470 from=172.31.202.1
dns in.tftpd[3471]: tftp: client does not accept options
dns dhcpd: DHCPDISCOVER from 08:00:27:15:bf:f5 via eth0
dns dhcpd: DHCPOFFER on 172.31.202.1 to 08:00:27:15:bf:f5 via eth0
dns dhcpd: Unable to add forward map from aa001.project.local to
172.31.202.1: connection refused
dns dhcpd: DHCPREQUEST for 172.31.202.1 (172.31.200.2) from
08:00:27:15:bf:f5 via eth0
dns dhcpd: DHCPACK on 172.31.202.1 to 08:00:27:15:bf:f5 via eth0
dns dhcpd: Unable to add forward map from aa001.project.local to
172.31.202.1: connection refused
dns dhcpd: DHCPREQUEST for 172.31.202.1 from 08:00:27:15:bf:f5 via eth0
dns dhcpd: DHCPACK on 172.31.202.1 to 08:00:27:15:bf:f5 via eth0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
rndc.key
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
key "rndc-key" {
    algorithm hmac-md5;
    secret "8VDl3xORCQlIXZvAs/UgSQ==";
};
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20120119/a94a5822/attachment.html>


More information about the bind-users mailing list