LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 07-22-2005, 05:44 PM   #1
eantoranz
Senior Member
 
Registered: Apr 2003
Location: Costa Rica
Distribution: Kubuntu, Debian, Knoppix
Posts: 2,092
Blog Entries: 1

Rep: Reputation: 90
why is named burning syslog?


We lost our internet connection today... and after a while I noticed that named was on fire... and so was syslogd, so I took a look at syslog and noticed that it was getting so big.... incredibly fast... it was almost ! Gb in just a couple of hours, I think... with messages from named saying that it could not get the address for a ROOT NS. (don't remember the message exactly).

What could be the problem? I guess it's because the network was down.... but how can I keep it from happening again?

(ubuntu 5.04)
 
Old 07-23-2005, 11:40 AM   #2
mpeg4codec
Member
 
Registered: Jul 2005
Distribution: Debian, Gentoo, self-built [not LFS]
Posts: 109

Rep: Reputation: 15
It sounds like you don't have the hints for the root servers turned on. This is vitally important for any DNS server. I'm not sure how Ubuntu sets it up, but it's based on Debian, so I'll make a few assumptions.

Your /etc/bind/named.conf needs to have these lines in it:

zone "." {
type hint;
file "/etc/bind/db.root";
};

They should give Bind the info it needs to locate the root servers and works even if the network is down. It at least shouldn't complain to syslog every three seconds. Give it a try and tell me how it turns out.
 
Old 07-23-2005, 11:42 AM   #3
eantoranz
Senior Member
 
Registered: Apr 2003
Location: Costa Rica
Distribution: Kubuntu, Debian, Knoppix
Posts: 2,092

Original Poster
Blog Entries: 1

Rep: Reputation: 90
I'll do it on monday as soon as I get to the office.... but if my memory is not wrong, that section is in the named.conf file. Tell you on monday anyway.
 
Old 07-29-2005, 10:51 AM   #4
eantoranz
Senior Member
 
Registered: Apr 2003
Location: Costa Rica
Distribution: Kubuntu, Debian, Knoppix
Posts: 2,092

Original Poster
Blog Entries: 1

Rep: Reputation: 90
Well.. this is the follow up.

As told you, that section was in the configuration file:
Code:
zone "." {
        type hint;
        file "/etc/bind/db.root";
};
This were the messages that were popping up in syslog:
Code:
Jul 25 07:40:30 localhost named[2302]: sysquery: no addrs found for root NS (E.ROOT-SERVERS.NET)
Jul 25 07:40:30 localhost named[2302]: sysquery: no addrs found for root NS (E.ROOT-SERVERS.NET)
Jul 25 07:40:30 localhost named[2302]: sysquery: no addrs found for root NS (F.ROOT-SERVERS.NET)
Jul 25 07:40:30 localhost named[2302]: sysquery: no addrs found for root NS (F.ROOT-SERVERS.NET)
Jul 25 07:40:30 localhost named[2302]: sysquery: no addrs found for root NS (G.ROOT-SERVERS.NET)
Jul 25 07:40:30 localhost named[2302]: sysquery: no addrs found for root NS (G.ROOT-SERVERS.NET)
Jul 25 07:40:30 localhost named[2302]: sysquery: no addrs found for root NS (I.ROOT-SERVERS.NET)
Jul 25 07:40:30 localhost named[2302]: sysquery: no addrs found for root NS (I.ROOT-SERVERS.NET)
Jul 25 07:40:30 localhost named[2302]: sysquery: no addrs found for root NS (J.ROOT-SERVERS.NET)
Jul 25 07:40:30 localhost named[2302]: sysquery: no addrs found for root NS (J.ROOT-SERVERS.NET)
Jul 25 07:40:30 localhost named[2302]: sysquery: no addrs found for root NS (K.ROOT-SERVERS.NET)
Jul 25 07:40:30 localhost named[2302]: sysquery: no addrs found for root NS (K.ROOT-SERVERS.NET)
Jul 25 07:40:30 localhost named[2302]: sysquery: no addrs found for root NS (L.ROOT-SERVERS.NET)
Jul 25 07:40:30 localhost named[2302]: sysquery: no addrs found for root NS (L.ROOT-SERVERS.NET)
Jul 25 07:40:30 localhost named[2302]: sysquery: no addrs found for root NS (M.ROOT-SERVERS.NET)
Jul 25 07:40:30 localhost named[2302]: sysquery: no addrs found for root NS (M.ROOT-SERVERS.NET)
Jul 25 07:40:30 localhost named[2302]: sysquery: no addrs found for root NS (B.ROOT-SERVERS.NET)
Jul 25 07:40:30 localhost named[2302]: sysquery: no addrs found for root NS (A.ROOT-SERVERS.NET)
Jul 25 07:40:30 localhost named[2302]: sysquery: no addrs found for root NS (A.ROOT-SERVERS.NET)
Jul 25 07:40:30 localhost named[2302]: sysquery: no addrs found for root NS (C.ROOT-SERVERS.NET)
Jul 25 07:40:30 localhost named[2302]: sysquery: no addrs found for root NS (C.ROOT-SERVERS.NET)
Jul 25 07:40:30 localhost named[2302]: sysquery: no addrs found for root NS (D.ROOT-SERVERS.NET)
Jul 25 07:40:30 localhost named[2302]: sysquery: no addrs found for root NS (D.ROOT-SERVERS.NET)
See what I mean? All those messages were logged in less than a second. :-S

As I told you, I stopped bind till we got internet back. Once we got internet connection again, I started it again, with no problem... but I certainly don't want that to be a problem when our internet connection be down. Any other ideas?
 
Old 07-29-2005, 11:44 AM   #5
Half_Elf
LQ Guru
 
Registered: Sep 2001
Location: Montreal, Canada
Distribution: Slackware; Debian; Gentoo...
Posts: 2,163

Rep: Reputation: 46
can you post the output of db.root? there is obliviously something wrong about it. It's like your server can't resolv root server (you should NEVER try to resolv server of course, your server should know their name).

From my own db.root file :
Code:
.                        3600000  IN  NS    A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET.      3600000      A     198.41.0.4
For each "NS *.ROOT-SERVERS.NET" you should have a "A <ip>" line. Could you be missing the second one?
 
Old 07-29-2005, 11:47 AM   #6
eantoranz
Senior Member
 
Registered: Apr 2003
Location: Costa Rica
Distribution: Kubuntu, Debian, Knoppix
Posts: 2,092

Original Poster
Blog Entries: 1

Rep: Reputation: 90
Your whishes are orders:

Code:
# cat /etc/bind/db.root

; <<>> DiG 9.2.3 <<>> ns . @a.root-servers.net.
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18944
;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13

;; QUESTION SECTION:
;.                              IN      NS

;; ANSWER SECTION:
.                       518400  IN      NS      A.ROOT-SERVERS.NET.
.                       518400  IN      NS      B.ROOT-SERVERS.NET.
.                       518400  IN      NS      C.ROOT-SERVERS.NET.
.                       518400  IN      NS      D.ROOT-SERVERS.NET.
.                       518400  IN      NS      E.ROOT-SERVERS.NET.
.                       518400  IN      NS      F.ROOT-SERVERS.NET.
.                       518400  IN      NS      G.ROOT-SERVERS.NET.
.                       518400  IN      NS      H.ROOT-SERVERS.NET.
.                       518400  IN      NS      I.ROOT-SERVERS.NET.
.                       518400  IN      NS      J.ROOT-SERVERS.NET.
.                       518400  IN      NS      K.ROOT-SERVERS.NET.
.                       518400  IN      NS      L.ROOT-SERVERS.NET.
.                       518400  IN      NS      M.ROOT-SERVERS.NET.

;; ADDITIONAL SECTION:
A.ROOT-SERVERS.NET.     3600000 IN      A       198.41.0.4
B.ROOT-SERVERS.NET.     3600000 IN      A       192.228.79.201
C.ROOT-SERVERS.NET.     3600000 IN      A       192.33.4.12
D.ROOT-SERVERS.NET.     3600000 IN      A       128.8.10.90
E.ROOT-SERVERS.NET.     3600000 IN      A       192.203.230.10
F.ROOT-SERVERS.NET.     3600000 IN      A       192.5.5.241
G.ROOT-SERVERS.NET.     3600000 IN      A       192.112.36.4
H.ROOT-SERVERS.NET.     3600000 IN      A       128.63.2.53
I.ROOT-SERVERS.NET.     3600000 IN      A       192.36.148.17
J.ROOT-SERVERS.NET.     3600000 IN      A       192.58.128.30
K.ROOT-SERVERS.NET.     3600000 IN      A       193.0.14.129
L.ROOT-SERVERS.NET.     3600000 IN      A       198.32.64.12
M.ROOT-SERVERS.NET.     3600000 IN      A       202.12.27.33

;; Query time: 81 msec
;; SERVER: 198.41.0.4#53(a.root-servers.net.)
;; WHEN: Sun Feb  1 11:27:14 2004
;; MSG SIZE  rcvd: 436
Why does it look like a dig response??? :-o
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
syslog not opening named pipe. fluxrad Linux - Software 5 02-10-2009 05:31 AM
Syslog & Named Fails At Boot? ACR Fedora 1 03-31-2005 01:18 PM
named -u named at startup zzero Linux - Newbie 4 03-16-2004 12:08 AM
cannot find named.conf and /var/named kaushikma Red Hat 1 02-07-2004 12:49 PM
Virtual Host type, named or IP via SSL? Named VH is not possible? piratebiter Linux - Security 3 08-20-2003 05:27 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 07:50 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration