My DNS sinkhole is failing to start

John W. Blue john.blue at rrcic.com
Sun Nov 26 15:40:52 UTC 2017 

So basic troubleshooting 101 .. break your problem into chunks.  If you remove all of these sinkhole zones does BIND start?

If it does start then start looking at the zones you are loading.  If it does not start then start looking at BIND and/or the OS.

Good hunting!

John

Sent from Nine<http://www.9folders.com/>
________________________________
From: Blason R <blason16 at gmail.com>
Sent: Nov 26, 2017 9:25 AM
To: bind-users
Subject: My DNS sinkhole is failing to start

Hi Guys,

I am setting sinkhole server and have almost around 123000 zones. The server is setup on CentOS 7.4.

Everything seems to be proper and have created the zones. however when I am starting named.service its failing and not sure why.

Can someone please help me?
[root at dnsdf.isnlab.in<mailto:root at dnsdf.isnlab.in> /cf/cleandns/sbin]# systemctl status named.service
? named.service - Berkeley Internet Name Domain (DNS)
   Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Sun 2017-11-26 20:52:29 IST; 13s ago
  Process: 2135 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=1/FAILURE)
 Main PID: 1709 (code=exited, status=0/SUCCESS)

Nov 26 20:52:19 dnsdf.isnlab.in<http://dnsdf.isnlab.in> bash[2135]: zone 12aww7mdklwvh1sgd2kk1lwsr3.net/IN<http://12aww7mdklwvh1sgd2kk1lwsr3.net/IN>: loaded serial 2006060301
Nov 26 20:52:19 dnsdf.isnlab.in<http://dnsdf.isnlab.in> bash[2135]: zone 12b0jv17vnwgdb6bmxf13yuq1e.net/IN<http://12b0jv17vnwgdb6bmxf13yuq1e.net/IN>: loaded serial 2006060301
Nov 26 20:52:19 dnsdf.isnlab.in<http://dnsdf.isnlab.in> bash[2135]: zone 12b5sba8fsvv29jmm68o6rwk.org/IN<http://12b5sba8fsvv29jmm68o6rwk.org/IN>: loaded serial 2006060301
Nov 26 20:52:19 dnsdf.isnlab.in<http://dnsdf.isnlab.in> bash[2135]: zone 12b8ko6forrxv1oml8251kfizkh.com/IN<http://12b8ko6forrxv1oml8251kfizkh.com/IN>: loaded serial 2006060301
Nov 26 20:52:19 dnsdf.isnlab.in<http://dnsdf.isnlab.in> bash[2135]: zone 12bc8ds10wet991cms4qtnwlfzl.org/IN<http://12bc8ds10wet991cms4qtnwlfzl.org/IN>: loaded serial 2006060301
Nov 26 20:52:19 dnsdf.isnlab.in<http://dnsdf.isnlab.in> bash[2135]: zone 12bdyz8slslfbr1dhi81x20kcq.net/IN<http://12bdyz8slslfbr1dhi81x20kcq.net/IN>: loaded serial 2006060301
Nov 26 20:52:29 dnsdf.isnlab.in<http://dnsdf.isnlab.in> systemd[1]: named.service: control process exited, code=exited status=1
Nov 26 20:52:29 dnsdf.isnlab.in<http://dnsdf.isnlab.in> systemd[1]: Failed to start Berkeley Internet Name Domain (DNS).
Nov 26 20:52:29 dnsdf.isnlab.in<http://dnsdf.isnlab.in> systemd[1]: Unit named.service entered failed state.
Nov 26 20:52:29 dnsdf.isnlab.in<http://dnsdf.isnlab.in> systemd[1]: named.service failed.
######################


[root at dnsdf.isnlab.in<mailto:root at dnsdf.isnlab.in> /cf/cleandns/sbin]# journalctl -xe
Nov 26 20:52:19 dnsdf.isnlab.in<http://dnsdf.isnlab.in> bash[2135]: zone 1298sxi1n08hmmr5agkr1vzcm2r.com/IN<http://1298sxi1n08hmmr5agkr1vzcm2r.com/IN>: loaded serial 2006060301
Nov 26 20:52:19 dnsdf.isnlab.in<http://dnsdf.isnlab.in> bash[2135]: zone 129ax9r9558xk135lw6ueaewun.org/IN<http://129ax9r9558xk135lw6ueaewun.org/IN>: loaded serial 2006060301
Nov 26 20:52:19 dnsdf.isnlab.in<http://dnsdf.isnlab.in> bash[2135]: zone 129cbttfzmkz4x2ziijr14j5b.com/IN<http://129cbttfzmkz4x2ziijr14j5b.com/IN>: loaded serial 2006060301
Nov 26 20:52:19 dnsdf.isnlab.in<http://dnsdf.isnlab.in> bash[2135]: zone 129ei6z1bn458l1lcpsxg1x35586.net/IN<http://129ei6z1bn458l1lcpsxg1x35586.net/IN>: loaded serial 2006060301
Nov 26 20:52:19 dnsdf.isnlab.in<http://dnsdf.isnlab.in> bash[2135]: zone 129jbef21rpai1s46moh8pe2yl.net/IN<http://129jbef21rpai1s46moh8pe2yl.net/IN>: loaded serial 2006060301
Nov 26 20:52:19 dnsdf.isnlab.in<http://dnsdf.isnlab.in> bash[2135]: zone 12bdyz8slslfbr1dhi81x20kcq.net/IN<http://12bdyz8slslfbr1dhi81x20kcq.net/IN>: loaded serial 2006060301
Nov 26 20:52:29 dnsdf.isnlab.in<http://dnsdf.isnlab.in> systemd[1]: named.service: control process exited, code=exited status=1
Nov 26 20:52:29 dnsdf.isnlab.in<http://dnsdf.isnlab.in> systemd[1]: Failed to start Berkeley Internet Name Domain (DNS).
-- Subject: Unit named.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit named.service has failed.
--
-- The result is failed.
Nov 26 20:52:29 dnsdf.isnlab.in<http://dnsdf.isnlab.in> systemd[1]: Unit named.service entered failed state.
Nov 26 20:52:29 dnsdf.isnlab.in<http://dnsdf.isnlab.in> systemd[1]: named.service failed.
Nov 26 20:52:29 dnsdf.isnlab.in<http://dnsdf.isnlab.in> polkitd[2124]: Unregistered Authentication Agent for unix-process:2119:1791615 (system bus name :1.54, object path /org/freedeskto

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20171126/39d55632/attachment.html>

More information about the bind-users mailing list