<div dir="ltr"><div>Hi all,</div><div><br></div><div dir="ltr">Finally I've found the solution.<br>The problem seems to be caused by a known issue since BIND version 9.16.1<br><br>Commenting out these lines in /etc/named.conf solves the issue:<br><br>query-source address 192.168.10.100;<br>notify-source 192.168.10.100 port 53;<br>transfer-source 192.168.10.100 port 53;<br><br>This problem causes other major problems with BIND (notify messages get lost, zone changes propagation takes longer, dynamic updates get lost, etc...)<br><br></div><div dir="ltr">Other related posts at <a href="mailto:bind-users@lists.isc.org">bind-users@lists.isc.org</a>: <br></div><div dir="ltr">- See my post (
BIND ignores "packets received correctly" ) from January 2020<br></div><div dir="ltr">- Look also the post (
No response from localhost with "allow-query { any; };" ) from September 2020<br><br>Notes for BIND 9.16.1<br>Known Issues<br>UDP network ports used for listening can no longer simultaneously be used for sending traffic. An example configuration which triggers this issue would be one which uses the same address:port pair for listen-on(-v6) statements as for notify-source(-v6) or transfer-source(-v6). While this issue affects all operating systems, it only triggers log messages (e.g. “unable to create dispatch for reserved port”) on some of them. There are currently no plans to make such a combination of settings work again.<br></div><div dir="ltr"><br></div><div>Hope this helps someone else to avoid loosing a lot of time.</div><div><br></div><div>Regards,</div><div><br></div><div>-- </div><div>Bernardo</div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">El sáb, 23 ene 2021 a las 11:35, Bernardo (<<a href="mailto:bernardo.pons@gmail.com">bernardo.pons@gmail.com</a>>) escribió:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div><span style="font-family:monospace">Hi all,</span><br></div><div><font face="monospace"><br></font></div><div><font face="monospace">Is it normal to see bind listening on UDP port 53 using 2 fd?</font></div><div><div><font face="monospace"><br></font><div><font face="monospace">udp UNCONN 0 0 <a href="http://192.168.10.100:53" target="_blank">192.168.10.100:53</a> 0.0.0.0:* users:(("named",pid=4205,fd=512))<br>udp UNCONN 0 0 <a href="http://192.168.10.100:53" target="_blank">192.168.10.100:53</a> 0.0.0.0:* users:(("named",pid=4205,fd=15))<br>tcp LISTEN 0 10 <a href="http://192.168.10.100:53" target="_blank">192.168.10.100:53</a> 0.0.0.0:* users:(("named",pid=4205,fd=17))<br>tcp LISTEN 0 128 <a href="http://127.0.0.1:953" target="_blank">127.0.0.1:953</a> 0.0.0.0:* users:(("named",pid=4205,fd=21))<br></font></div><div><div><span style="font-family:monospace"><br></span></div><div><span style="font-family:monospace">Does this make any sense?</span><br></div><div><font face="monospace"><br></font></div><div><font face="monospace">According to "rndc status" command "UDP listeners per interface: 1"<br></font></div><div><span style="font-family:monospace"><br></span></div><div><font face="monospace"># rndc status<br>version: BIND 9.16.6 (Stable Release) <id:25846cf><br>running on ns2: Linux x86_64 5.3.18-lp152.60-default #1 SMP Tue Jan 12 23:10:31 UTC 2021 (9898712)<br>boot time: Sat, 23 Jan 2021 10:14:09 GMT<br>last configured: Sat, 23 Jan 2021 10:14:09 GMT<br>configuration file: /etc/named.conf (/var/lib/named/etc/named.conf)<br>CPUs found: 1<br>worker threads: 1<br>UDP listeners per interface: 1<br>number of zones: 156 (0 automatic)<br>debug level: 0<br>xfers running: 0<br>xfers deferred: 0<br>soa queries in progress: 0<br>query logging is ON<br>recursive clients: 0/900/1000<br>tcp clients: 0/150<br>TCP high-water: 1<br>server is up and running</font><br></div><div><font face="monospace"><br></font></div><div><font face="monospace"><br></font></div><div><div></div></div><div><font face="monospace"><br></font></div><font face="monospace">-- </font></div><div><font face="monospace">Bernardo</font></div></div></div><div><font face="monospace"><br></font></div></div><div id="gmail-m_-8809001865955910549DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2"><br> <table style="border-top:1px solid rgb(211,212,222)">
<tbody><tr>
<td style="width:55px;padding-top:18px"><a href="https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail" target="_blank"><img src="https://ipmcdn.avast.com/images/icons/icon-envelope-tick-round-orange-animated-no-repeat-v1.gif" alt="" width="46" height="29" style="width: 46px; height: 29px;"></a></td>
<td style="width:470px;padding-top:17px;color:rgb(65,66,78);font-size:13px;font-family:Arial,Helvetica,sans-serif;line-height:18px">Libre de virus. <a href="https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail" style="color:rgb(68,83,234)" target="_blank">www.avast.com</a> </td>
</tr>
</tbody></table>
<a href="#m_-8809001865955910549_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2" width="1" height="1"></a></div>
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail_signature"><div dir="ltr"><div><div><span style="font-size:12.8px">Bernardo</span><br></div></div></div></div></div>