[Non-DoD Source] BIND 9.16 incoming TCP connection errors

DeCaro, James John (Jim) CIV DISA FE (USA) james.j.decaro3.civ at mail.mil
Tue Jun 16 18:08:44 UTC 2020

When I got that message I had to unblock tcp port 53 on my firewall.


-----Original Message-----
From: bind-users <bind-users-bounces at lists.isc.org> On Behalf Of Anand Buddhdev
Sent: Tuesday, June 16, 2020 11:28 AM
To: bind-users <bind-users at lists.isc.org>
Subject: [Non-DoD Source] BIND 9.16 incoming TCP connection errors

All active links contained in this email were disabled.  Please verify the identity of the sender, and confirm the authenticity of all links contained within the message prior to copying and pasting the address to a Web browser.  


Hi folks,

I'm running an authoritative server on BIND 9.16. It gets about 3500 
q/s, of which around 200 q/s are over TCP. At least, this is what DSC 
reports (DSC is a libpcap application sniffing traffic independent of BIND).

In my named.conf, I have set:

reserved-sockets 1000;
tcp-clients 900;

Yet, when BIND is running, it is frequently logging:

16-Jun-2020 15:21:58.815 general: Accepting TCP connection failed: 
socket is not connected

What does this log message mean? I don't think it's related to quota, 
because the quota message is different ("TCP connection failed: quota 

Another question I have is that the "reserved-sockets" option has a note 
saying that it might go away. Does this mean that it's not actually 
necessary? The documentation suggests that I have to increase it if I 
want to increase the value of "tcp-clients".

Please visit Caution-https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at Caution-https://www.isc.org/contact/ for more information.

bind-users mailing list
bind-users at lists.isc.org

More information about the bind-users mailing list