Somehow my DNS is not starting up

Blason R blason16 at gmail.com
Thu Apr 19 03:18:32 UTC 2018


That is unrelated message and docker is being used for different purpose.

On Thu, Apr 19, 2018 at 2:45 AM, Warren Kumari <warren at kumari.net> wrote:

> On Wed, Apr 18, 2018 at 4:45 PM, Reindl Harald <h.reindl at thelounge.net>
> wrote:
> > what baout posting the content of
> > "/usr/lib/systemd/system/named.service" (at best in the initial mail)
>
>
> Yup -- also, this complains about docker (libcontainerd: failed to
> receive event from containerd) -- are you running it under docker, or
> is that an unrelated message?
>
> W
>
> > and try increase "TimeoutStartSec" as you said you have 362086 zones
> > which is a lot?
> >
> > TimeoutStartSec defaults to DefaultTimeoutStartSec
> > on Fedora: DefaultTimeoutStartSec=90s
> >
> > mkdir /etc/systemd/system/named.service.d/
> > chmod 755 /etc/systemd/system/named.service.d/
> > touch /etc/systemd/system/named.service.d/overrides.conf
> > chmod 644 /etc/systemd/system/named.service.d/overrides.conf
> >
> > /etc/systemd/system/named.service.d/overrides.conf
> > [Service]
> > TimeoutStartSec=180
> >
> > systemctl daemon-reload
> > systemctl restart named.service
> >
> > Am 18.04.2018 um 19:44 schrieb Blason R:
> >> it almost takes minute or so
> >>
> >> and here are the logs
> >>
> >> [root at dnsfw.isn.in <mailto:root at dnsfw.isn.in> /cf/cleandns/spool]#
> >> systemctl status -l -n 20 named.service
> >> ● named.service - Berkeley Internet Name Domain (DNS)
> >>    Loaded: loaded (/usr/lib/systemd/system/named.service; enabled;
> >> vendor preset: disabled)
> >>    Active: failed (Result: timeout) since Wed 2018-04-18 23:09:44 IST;
> >> 1min 41s ago
> >>   Process: 1868 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF}
> >> $OPTIONS (code=killed, signal=TERM)
> >>     Tasks: 0
> >>    Memory: 10.9M
> >>
> >> Apr 18 23:08:45 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 127.100.IN-ADDR.ARPA
> >> Apr 18 23:08:45 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 127.IN-ADDR.ARPA
> >> Apr 18 23:08:45 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 254.169.IN-ADDR.ARPA
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 2.0.192.IN-ADDR.ARPA
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 100.51.198.IN-ADDR.ARPA
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 113.0.203.IN-ADDR.ARPA
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone:
> >> 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.
> 0.0.IP6.ARPA
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: D.F.IP6.ARPA
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 8.E.F.IP6.ARPA
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 9.E.F.IP6.ARPA
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: A.E.F.IP6.ARPA
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: B.E.F.IP6.ARPA
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]: command
> >> channel listening on 127.0.0.1#953
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]: command
> >> channel listening on ::1#953
> >> Apr 18 23:09:44 dnsfw.isn.in <http://dnsfw.isn.in> systemd[1]:
> >> named.service start operation timed out. Terminating.
> >> Apr 18 23:09:44 dnsfw.isn.in <http://dnsfw.isn.in> systemd[1]: Failed
> to
> >> start Berkeley Internet Name Domain (DNS).
> >> Apr 18 23:09:44 dnsfw.isn.in <http://dnsfw.isn.in> systemd[1]: Unit
> >> named.service entered failed state.
> >> Apr 18 23:09:44 dnsfw.isn.in <http://dnsfw.isn.in> systemd[1]:
> >> named.service failed.
> >> *[root at dnsfw.isn.in <mailto:root at dnsfw.isn.in> /cf/cleandns/spool]#
> >> journalctl -xe*
> >> Apr 18 23:08:44 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 115.100.IN-ADDR.ARPA
> >> Apr 18 23:08:44 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 116.100.IN-ADDR.ARPA
> >> Apr 18 23:08:45 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 117.100.IN-ADDR.ARPA
> >> Apr 18 23:08:45 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 118.100.IN-ADDR.ARPA
> >> Apr 18 23:08:45 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 119.100.IN-ADDR.ARPA
> >> Apr 18 23:08:45 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 120.100.IN-ADDR.ARPA
> >> Apr 18 23:08:45 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 121.100.IN-ADDR.ARPA
> >> Apr 18 23:08:45 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 122.100.IN-ADDR.ARPA
> >> Apr 18 23:08:45 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 123.100.IN-ADDR.ARPA
> >> Apr 18 23:08:45 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 124.100.IN-ADDR.ARPA
> >> Apr 18 23:08:45 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 125.100.IN-ADDR.ARPA
> >> Apr 18 23:08:45 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 126.100.IN-ADDR.ARPA
> >> Apr 18 23:08:45 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 127.100.IN-ADDR.ARPA
> >> Apr 18 23:08:45 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 127.IN-ADDR.ARPA
> >> Apr 18 23:08:45 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 254.169.IN-ADDR.ARPA
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 2.0.192.IN-ADDR.ARPA
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 100.51.198.IN-ADDR.ARPA
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 113.0.203.IN-ADDR.ARPA
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone:
> >> 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.
> 0.0.IP6.ARPA
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: D.F.IP6.ARPA
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 8.E.F.IP6.ARPA
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 9.E.F.IP6.ARPA
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: A.E.F.IP6.ARPA
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: B.E.F.IP6.ARPA
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]:
> >> automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]: command
> >> channel listening on 127.0.0.1#953
> >> Apr 18 23:08:46 dnsfw.isn.in <http://dnsfw.isn.in> named[1869]: command
> >> channel listening on ::1#953
> >> Apr 18 23:09:42 dnsfw.isn.in <http://dnsfw.isn.in>
> dockerd-current[880]:
> >> time="2018-04-18T23:09:41.305371273+05:30" level=error
> >> msg="libcontainerd: failed to receive event from containerd: r
> >> Apr 18 23:09:43 dnsfw.isn.in <http://dnsfw.isn.in>
> dockerd-current[880]:
> >> time="2018-04-18T23:09:41.859430667+05:30" level=info
> >> msg="libcontainerd: new containerd process, pid: 1877"
> >> Apr 18 23:09:43 dnsfw.isn.in <http://dnsfw.isn.in>
> dockerd-current[880]:
> >> time="2018-04-18T23:09:42.860103049+05:30" level=info
> >> msg="libcontainerd: new containerd process, pid: 1887"
> >> Apr 18 23:09:44 dnsfw.isn.in <http://dnsfw.isn.in> systemd[1]:
> >> named.service start operation timed out. Terminating.
> >> Apr 18 23:09:44 dnsfw.isn.in <http://dnsfw.isn.in> systemd[1]: Failed
> to
> >> start Berkeley Internet Name Domain (DNS).
> >> -- Subject: Unit named.service has failed
> >> -- Defined-By: systemd
> >> -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
> >> --
> >> -- Unit named.service has failed.
> >> --
> >> -- The result is failed.
> >> Apr 18 23:09:45 dnsfw.isn.in <http://dnsfw.isn.in> polkitd[532]:
> >> Unregistered Authentication Agent for unix-process:1857:160748 (system
> >> bus name :1.29, object path /org/freedesktop/PolicyKit
> >> Apr 18 23:09:44 dnsfw.isn.in <http://dnsfw.isn.in> systemd[1]: Unit
> >> named.service entered failed state.
> >> Apr 18 23:09:44 dnsfw.isn.in <http://dnsfw.isn.in> systemd[1]:
> >> named.service failed.
> >>
> >>
> >> On Wed, Apr 18, 2018 at 7:38 PM, Warren Kumari <warren at kumari.net
> >> <mailto:warren at kumari.net>> wrote:
> >>
> >>     On Wed, Apr 18, 2018 at 5:13 AM, Daniel Stirnimann
> >>     <daniel.stirnimann at switch.ch <mailto:daniel.stirnimann at switch.ch>>
> >>     wrote:
> >>     > On 18.04.18 10:57, Blason R wrote:
> >>     >> Well it just loads fine when I run from command line i.e. named
> -u named
> >>     >> -n 4 -c /etc/named.conf
> >>     >
> >>
> >>     ... and how long does it take to start up when doing so (in case it
> is
> >>     simply taking too long and systemd get bored waiting).
> >>
> >>     Also, what does:
> >>
> >>     systemctl status -l -n 50 named
> >>     and
> >>     journalctl -u named
> >>
> >>     show?
> >>
> >>     Gah, I hate systemd - it makes debugging startup really hard.
> >>     W
> >>
> >>
> >>
> >>     > Just a guess. If you use and have SELinux in enforcing mode (see
> >>     > getenforce), this could be a reason. Your user process runs
> unconfined
> >>     > that's why it works from the command line if you have a policy
> violation.
> >>     >
> >>     > You may want to check the audit logs and fix the broken
> configuration.
> >>     >
> >>     > sealert -a /var/log/audit/audit.log
>
>
>
> --
> I don't think the execution is relevant when it was obviously a bad
> idea in the first place.
> This is like putting rabid weasels in your pants, and later expressing
> regret at having chosen those particular rabid weasels and that pair
> of pants.
>    ---maf
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180419/8f93cb84/attachment-0001.html>


More information about the bind-users mailing list