Trying to do reverse lookups, but crashing named instead.

Mark Andrews marka at isc.org
Fri Jan 20 01:02:11 UTC 2012


This is a modified version of named "dynamic-db" is *not* a valid
configuration option in named as shipped by ISC.

Additionaly "failed to create new zone" is not a log message from
named as shipped by ISC.

As you are seeing a core dump I would suggest that you contact
whomever extended the version of named you are running so they can
determine whether it is a fault with their extension or with named
from ISC.

Mark

In message <CAGAtKrJt4sML8xyUAcpWJmOAyZGgnH7hOycbHVDrpCwSreBOjA at mail.gmail.com>
, =?UTF-8?Q?Stack_Koror=C4=81?= writes:
> 
> Hello,
> 
> The dhcpd mailinglist sent me your way with a problem I am having with
> named/dhcpd.
> 
> The problem I have is that I can not seem to get reverse hostname lookups
> in my PXEboot, which means my PXEboot clients think they are localhost.
> 
> The problem that may be more relevant to the BIND list is that I can
> reproducibly cause named to crash with a nasty looking error.
> 
> I am running on Scientific Linux 6.2 (rolling) with
> bind-9.7.3-8.P3.el6.x86_64 and dhcp-4.1.1-25.P1.el6_2.1.x86_64.
> 
> In my log files below what I did was run `service named restart && service
> dhcpd restart` then promptly start a PXEboot. The log file starts with the
> first named message. Please let me know if there are other files or any
> other information you would care for. The crash always starts with this
> line first "failed to create new zone: already exists".
> 
> Files are attached in this order:
> dhcpd.conf
> named.conf
> resolv.conf
> project
> project.reverse
> messages
> rndc.key <- Nope, don't care that I am posting this. I know it is supposed
> to be secret but this is a virtual machine test lab with zero importance
> and isn't connected to the internet.
> 
> 
> There are two other logging files mentioned in the conf files:
> /var/log/named-auth.info never has any information in it.
> /var/log/update-debug.log mostly complains about this:
> update: info: client 127.0.0.1#46599: updating zone 'project.local/IN':
> update unsuccessful: aa001.project.local: 'name not in use' prerequisite
> not satisfied (YXDOMAIN)
> 
> I know the error says that it thinks the domain does not exist. I have read
> the FAQ and the rfc2136.txt, yet I still don't understand why it thinks
> that.
> 
> Any help is appreciated.
> Thanks!
> 
> ~Stack~
> 
> 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> dhcpd.conf
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> option domain-name "project.local";
> option domain-name-servers 127.0.0.1;
> authoritive;
> ddns-updates    on;
> update-static-leases on;
> ddns-domainname "project.local";
> ddns-rev-domainname    "in-addr.arpa.";
> ddns-update-style interim;
> allow client-updates;
> update-conflict-detection false;
> key rndc-key {
>     algorithm hmac-md5;
>     secret 8VDl3xORCQlIXZvAs/UgSQ==;
> };
> zone project.local. {
>     primary 127.0.0.1;
>     key rndc-key;
> }
> zone 31.172.in-addr.arpa. {
>     primary 127.0.0.1;
>     key rndc-key;
> }
> option routers 172.31.255.254;
> default-lease-time 86400;
> max-lease-time 86400;
> deny unknown-clients;
> subnet 172.31.0.0 netmask 255.255.0.0 {}
> group {
> filename "pxelinux.0";
> next-server 172.31.200.2;
> option domain-name "project.local";
> host dev001 { ddns-hostname "dev001"; hardware ethernet 08:00:27:11:4B:E8;
> fixed-address 172.31.201.10; }
> host aa001 { ddns-hostname "aa001"; hardware ethernet 08:00:27:15:BF:F5;
> fixed-address 172.31.202.1; }
> host hp001 { ddns-hostname "hp001"; hardware ethernet 08:00:27:15:A3:1D;
> fixed-address 172.31.203.1; }
> }
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> dhcpd.conf
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> include "/etc/rndc.key";
> acl "project.local" { 172.31.0/16; 127.0.0.1; };
> controls { inet 127.0.0.1 allow { any; } keys { "rndc-key"; }; };
> logging {
>     channel default_debug {
>         file "data/named.run";
>         severity dynamic;
>     };
>     channel update_debug {
>                  file "/var/log/update-debug.log";
>                  severity  debug 3;
>                  print-category yes;
>                  print-severity yes;
>                  print-time     yes;
>             };
>             channel security_info    {
>                  file "/var/log/named-auth.info";
>                  severity  info;
>                  print-category yes;
>                  print-severity yes;
>                  print-time     yes;
>             };
> 
>             category update { update_debug; };
>             category security { security_info; };
> };
> options {
>     directory "/var/named"; // the default
>     dump-file        "data/cache_dump.db";
>     statistics-file        "data/named_stats.txt";
>     memstatistics-file    "data/named_mem_stats.txt";
>     forward first;
>     forwarders { };
>     allow-recursion { any; };
>     tkey-gssapi-credential "DNS/dns.project.local";
>     tkey-domain "PROJECT.LOCAL";
> };
> zone "project.local" {
>     type master;
>     file "data/project";
>     allow-update { key rndc-key; 127.0.0.1; };
> };
> zone "31.172.in-addr.arpa" {
>     type master;
>     file "data/project.reverse";
>     allow-update { key rndc-key; 127.0.0.1; };
> };


> dynamic-db "ipa" {
>     library "ldap.so";
>     arg "uri ldapi://%2fvar%2frun%2fslapd-PROJECT-LOCAL.socket";
>     arg "base cn=dns, dc=project,dc=local";
>     arg "fake_mname dns.project.local.";
>     arg "auth_method sasl";
>     arg "sasl_mech GSSAPI";
>     arg "sasl_user DNS/dns.project.local";
>     arg "zone_refresh 30";
> };
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> resolv.conf
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> search project.local
> nameserver 172.31.200.2
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> project
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> $ORIGIN .
> $TTL 86400    ; 1 day
> project.local        IN SOA    dns.project.local. project.local. (
>                 1          ; serial
>                 86400      ; refresh (1 day)
>                 3600       ; retry (1 hour)
>                 604800     ; expire (1 week)
>                 10800      ; minimum (3 hours)
>                 )
>             NS    dns.project.local.
> $ORIGIN project.local.
> $TTL 43200    ; 12 hours
> aa001            A    172.31.202.1
>             TXT    "0054986fe9177c6cb8eb9e8e395511b039"
> $TTL 86400    ; 1 day
> dns            A    172.31.200.2
> 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> project.reverse
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> $ORIGIN .
> $TTL 10800    ; 3 hours
> 31.172.in-addr.arpa    IN SOA    dns.project.local. 31.172.in-addr.arpa. (
>                 1          ; serial
>                 86400      ; refresh (1 day)
>                 3600       ; retry (1 hour)
>                 604800     ; expire (1 week)
>                 10800      ; minimum (3 hours)
>                 )
>             NS    dns.project.local.
> $ORIGIN 31.172.in-addr.arpa.
> $TTL 43200    ; 12 hours
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> messages
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> dns named[6114]: built with '--build=x86_64-redhat-linux-gnu'
> '--host=x86_64-redhat-linux-gnu' '--target=x86_64-redhat-linux-gnu'
> '--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr'
> '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc'
> '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64'
> '--libexecdir=/usr/libexec' '--sharedstatedir=/var/lib'
> '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-libtool'
> '--localstatedir=/var' '--enable-threads' '--enable-ipv6' '--with-pic'
> '--disable-static' '--disable-openssl-version-check' '--with-dlz-ldap=yes'
> '--with-dlz-postgres=yes' '--with-dlz-mysql=yes'
> '--with-dlz-filesystem=yes' '--with-gssapi=yes' '--disable-isc-spnego'
> '--with-docbook-xsl=/usr/share/sgml/docbook/xsl-stylesheets'
> 'build_alias=x86_64-redhat-linux-gnu' 'host_alias=x86_64-redhat-linux-gnu'
> 'target_alias=x86_64-redhat-linux-gnu' 'CFLAGS= -O2 -g -pipe -Wall
> -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector
> --param=ssp-buffer-size=4 -m64 -mtune=generic' 'CPPFLAGS= -DDIG_SIGCHASE'
> dns named[6114]: adjusted limit on open files from 1024 to 1048576
> dns named[6114]: found 1 CPU, using 1 worker thread
> dns named[6114]: using up to 4096 sockets
> dns named[6114]: loading configuration from '/etc/named.conf'
> dns named[6114]: using default UDP/IPv4 port range: [1024, 65535]
> dns named[6114]: using default UDP/IPv6 port range: [1024, 65535]
> dns named[6114]: listening on IPv4 interface lo, 127.0.0.1#53
> dns named[6114]: listening on IPv4 interface eth0, 172.31.200.2#53
> dns named[6114]: generating session key for dynamic DNS
> dns named[6114]: failed to create new zone: already exists
> dns named[6114]: /etc/named.conf:50: no forwarders seen; disabling
> forwarding
> dns named[6114]: set up managed keys zone for view _default, file
> 'dynamic/managed-keys.bind'
> dns named[6114]: automatic empty zone: 0.IN-ADDR.ARPA
> dns named[6114]: automatic empty zone: 127.IN-ADDR.ARPA
> dns named[6114]: automatic empty zone: 254.169.IN-ADDR.ARPA
> dns named[6114]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
> dns named[6114]: automatic empty zone: 100.51.198.IN-ADDR.ARPA
> dns named[6114]: automatic empty zone: 113.0.203.IN-ADDR.ARPA
> dns named[6114]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
> dns named[6114]: automatic empty zone:
> 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
> dns named[6114]: automatic empty zone:
> 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
> dns named[6114]: automatic empty zone: D.F.IP6.ARPA
> dns named[6114]: automatic empty zone: 8.E.F.IP6.ARPA
> dns named[6114]: automatic empty zone: 9.E.F.IP6.ARPA
> dns named[6114]: automatic empty zone: A.E.F.IP6.ARPA
> dns named[6114]: automatic empty zone: B.E.F.IP6.ARPA
> dns named[6114]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
> dns named[6114]: /etc/named.conf:50: no forwarders seen; disabling
> forwarding
> dns named[6114]: command channel listening on 127.0.0.1#953
> dns named[6114]: zone 31.172.in-addr.arpa/IN: loaded serial 2
> dns named[6114]: zone project.local/IN: loaded serial 1
> dns named[6114]: managed-keys-zone ./IN: loading from master file
> dynamic/managed-keys.bind failed: file not found
> dns named[6114]: managed-keys-zone ./IN: loaded serial 0
> dns named[6114]: running
> dns dhcpd: Internet Systems Consortium DHCP Server 4.1.1-P1
> dns dhcpd: Copyright 2004-2010 Internet Systems Consortium.
> dns dhcpd: All rights reserved.
> dns dhcpd: For info, please visit https://www.isc.org/software/dhcp/
> dns dhcpd: Not searching LDAP since ldap-server, ldap-port and ldap-base-dn
> were not specified in the config file
> dns dhcpd: Wrote 0 deleted host decls to leases file.
> dns dhcpd: Wrote 0 new dynamic host decls to leases file.
> dns dhcpd: Wrote 0 leases to leases file.
> dns dhcpd: Listening on LPF/eth0/08:00:27:8c:28:2c/172.31.0.0/16
> dns dhcpd: Sending on   LPF/eth0/08:00:27:8c:28:2c/172.31.0.0/16
> dns dhcpd: Sending on   Socket/fallback/fallback-net
> dns named[6114]: failed to create new zone: already exists
> dns named[6114]: zone.c:1377: REQUIRE((((zone) != ((void *)0)) && (((const
> isc__magic_t *)(zone))->magic == ((('Z') << 24 | ('O') << 16 | ('N') << 8 |
> ('E')))))) failed, back trace
> dns named[6114]: #0 0x7f324dd3232f in ??
> dns named[6114]: #1 0x7f324c6ff73a in ??
> dns named[6114]: #2 0x7f324d67660e in ??
> dns named[6114]: #3 0x7f3243df590b in ??
> dns named[6114]: #4 0x7f3243df9998 in ??
> dns named[6114]: #5 0x7f324c71dfe8 in ??
> dns named[6114]: #6 0x7f324c2d87f1 in ??
> dns named[6114]: #7 0x7f324b82a70d in ??
> dns named[6114]: exiting (due to assertion failure)
> dns dhcpd: DHCPDISCOVER from 08:00:27:15:bf:f5 via eth0
> dns dhcpd: DHCPOFFER on 172.31.202.1 to 08:00:27:15:bf:f5 via eth0
> dns dhcpd: Unable to add forward map from aa001.project.local to
> 172.31.202.1: connection refused
> dns dhcpd: DHCPREQUEST for 172.31.202.1 (172.31.200.2) from
> 08:00:27:15:bf:f5 via eth0
> dns dhcpd: DHCPACK on 172.31.202.1 to 08:00:27:15:bf:f5 via eth0
> dns xinetd[1773]: START: tftp pid=3470 from=172.31.202.1
> dns in.tftpd[3471]: tftp: client does not accept options
> dns dhcpd: DHCPDISCOVER from 08:00:27:15:bf:f5 via eth0
> dns dhcpd: DHCPOFFER on 172.31.202.1 to 08:00:27:15:bf:f5 via eth0
> dns dhcpd: Unable to add forward map from aa001.project.local to
> 172.31.202.1: connection refused
> dns dhcpd: DHCPREQUEST for 172.31.202.1 (172.31.200.2) from
> 08:00:27:15:bf:f5 via eth0
> dns dhcpd: DHCPACK on 172.31.202.1 to 08:00:27:15:bf:f5 via eth0
> dns dhcpd: Unable to add forward map from aa001.project.local to
> 172.31.202.1: connection refused
> dns dhcpd: DHCPREQUEST for 172.31.202.1 from 08:00:27:15:bf:f5 via eth0
> dns dhcpd: DHCPACK on 172.31.202.1 to 08:00:27:15:bf:f5 via eth0
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> rndc.key
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> key "rndc-key" {
>     algorithm hmac-md5;
>     secret "8VDl3xORCQlIXZvAs/UgSQ==";
> };
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org



More information about the bind-users mailing list