Bind9 Errors causing service stop.

jmgibson1981 · 07-13-2018, 09:55 AM

Code:

● bind9.service - BIND Domain Name Server
   Loaded: loaded (/lib/systemd/system/bind9.service; enabled; vendor preset: enabled)
  Drop-In: /run/systemd/generator/bind9.service.d
           └─50-insserv.conf-$named.conf
   Active: active (running) since Thu 2018-07-12 09:43:21 MST; 8h ago
     Docs: man:named(8)
  Process: 6034 ExecStop=/usr/sbin/rndc stop (code=exited, status=0/SUCCESS)
 Main PID: 6042 (named)
    Tasks: 7
   Memory: 24.2M
      CPU: 55.988s
   CGroup: /system.slice/bind9.service
           └─6042 /usr/sbin/named -f -u bind

Jul 12 18:12:40 failbox named[6042]: REFUSED unexpected RCODE resolving 'log.dmtry.com/A/IN': 216.239.34.99#53
Jul 12 18:12:40 failbox named[6042]: network unreachable resolving 'log.dmtry.com/A/IN': 2001:4860:4802:34::63#53
Jul 12 18:12:41 failbox named[6042]: REFUSED unexpected RCODE resolving 'log.dmtry.com/A/IN': 216.239.32.99#53
Jul 12 18:12:41 failbox named[6042]: REFUSED unexpected RCODE resolving 'log.dmtry.com/A/IN': 216.239.38.99#53
Jul 12 18:12:41 failbox named[6042]: REFUSED unexpected RCODE resolving 'log.dmtry.com/A/IN': 216.239.36.99#53
Jul 12 18:12:41 failbox named[6042]: network unreachable resolving 'log.dmtry.com/A/IN': 2001:4860:4802:32::63#53
Jul 12 18:12:41 failbox named[6042]: network unreachable resolving 'log.dmtry.com/A/IN': 2001:4860:4802:36::63#53
Jul 12 18:12:41 failbox named[6042]: network unreachable resolving 'log.dmtry.com/A/IN': 2001:4860:4802:38::63#53
Jul 12 18:12:41 failbox named[6042]: REFUSED unexpected RCODE resolving 'log.dmtry.com/A/IN': 216.239.34.99#53
Jul 12 18:12:41 failbox named[6042]: network unreachable resolving 'log.dmtry.com/A/IN': 2001:4860:4802:34::63#53

Have got a script running every so often checking a few services for certain keywords in them. If found it logs the status, then restarts the service. The above status causes my bind server to stop working. The service keeps running but it doesn't resolve dns hence the reason I restart it. What does the above mean, any way to prevent it? This is on Ubuntu 16.04 LTS

bathory · 07-13-2018, 03:27 PM

Hi,

Quote:

Jul 12 18:12:40 failbox named[6042]: REFUSED unexpected RCODE resolving 'log.dmtry.com/A/IN': 216.239.34.99#53
Jul 12 18:12:40 failbox named[6042]: network unreachable resolving 'log.dmtry.com/A/IN': 2001:4860:4802:34::63#53
<snip>

These are legitimate logs of your server trying to resolve log.dmtry.com using 216.239.34.99 (google dns). For some reason (I guess a misconfiguration) the authoritative dns responds with a RCODE. So this is not a reason for your dns to stop working.

Quote:

Process: 6034 ExecStop=/usr/sbin/rndc stop (code=exited, status=0/SUCCESS)

Using the command above will stop named from running, thus you cannot resolve anything if your dns is the only resolver for your clients

jmgibson1981 · 07-26-2018, 08:38 PM

Ok so what is causing that command? My script logs the status before sending the systemctl restart command so I have no idea what is causing it to run the ExecStop line.

bathory · 07-27-2018, 02:33 AM

Quote:

Originally Posted by jmgibson1981

Ok so what is causing that command? My script logs the status before sending the systemctl restart command so I have no idea what is causing it to run the ExecStop line.

Looks like for debian based distros, this is the way the service start/stop script works.

jmgibson1981 · 08-12-2018, 03:18 PM

I read that over. Couldn't figure how that could or would apply to my issue. Also that ExecStop line is present everytime I run my status command, even after a fresh restart and dns resolution is working fine so I'm not sure that is the issue.

scasey · 08-12-2018, 06:29 PM

Quote:

Originally Posted by jmgibson1981

Code:

● bind9.service - BIND Domain Name Server
   Loaded: loaded (/lib/systemd/system/bind9.service; enabled; vendor preset: enabled)
  Drop-In: /run/systemd/generator/bind9.service.d
           └─50-insserv.conf-$named.conf
   Active: active (running) since Thu 2018-07-12 09:43:21 MST; 8h ago
     Docs: man:named(8)
  Process: 6034 ExecStop=/usr/sbin/rndc stop (code=exited, status=0/SUCCESS)
 Main PID: 6042 (named)
    Tasks: 7
   Memory: 24.2M
      CPU: 55.988s
   CGroup: /system.slice/bind9.service
           └─6042 /usr/sbin/named -f -u bind

Jul 12 18:12:40 failbox named[6042]: REFUSED unexpected RCODE resolving 'log.dmtry.com/A/IN': 216.239.34.99#53
Jul 12 18:12:40 failbox named[6042]: network unreachable resolving 'log.dmtry.com/A/IN': 2001:4860:4802:34::63#53
Jul 12 18:12:41 failbox named[6042]: REFUSED unexpected RCODE resolving 'log.dmtry.com/A/IN': 216.239.32.99#53
Jul 12 18:12:41 failbox named[6042]: REFUSED unexpected RCODE resolving 'log.dmtry.com/A/IN': 216.239.38.99#53
Jul 12 18:12:41 failbox named[6042]: REFUSED unexpected RCODE resolving 'log.dmtry.com/A/IN': 216.239.36.99#53
Jul 12 18:12:41 failbox named[6042]: network unreachable resolving 'log.dmtry.com/A/IN': 2001:4860:4802:32::63#53
Jul 12 18:12:41 failbox named[6042]: network unreachable resolving 'log.dmtry.com/A/IN': 2001:4860:4802:36::63#53
Jul 12 18:12:41 failbox named[6042]: network unreachable resolving 'log.dmtry.com/A/IN': 2001:4860:4802:38::63#53
Jul 12 18:12:41 failbox named[6042]: REFUSED unexpected RCODE resolving 'log.dmtry.com/A/IN': 216.239.34.99#53
Jul 12 18:12:41 failbox named[6042]: network unreachable resolving 'log.dmtry.com/A/IN': 2001:4860:4802:34::63#53

Have got a script running every so often checking a few services for certain keywords in them. If found it logs the status, then restarts the service. The above status causes my bind server to stop working. The service keeps running but it doesn't resolve dns hence the reason I restart it. What does the above mean, any way to prevent it? This is on Ubuntu 16.04 LTS

As bathory said, the entries re: log.dmtry.com are not an indication that your DNS is not working. When I try to resolve that domain name on either of the two networks I'm on, I get a SERVFAIL. Both networks use ISP DNS servers which I'm sure are working. Something in your configuration is causing that attempt several times a second...a typo in a zone file somewhere, perhaps?

See the line I've bolded in red which indicates that named is up, and has been for 8 hours.

The ExecStop line is about rndc, not about bind. I think it's the program that starts the name server.

What keywords is your script looking for to indicate that named is down to cause a restart?

This is a systemd distro, yes?
Suggestion:
Stop named manually
Run the status command...identify the line that says the service is down/stopped/not running.
Start named
Modify your script to look only for that line/keyword.

jmgibson1981 · 08-13-2018, 06:32 PM

I've reworked my script to check for the dns service resolving and logging when it doesn't resolve but is active. Might have a result tomorrow, may not be for 6 months :/ Will probably have to open a new thread when and if it pops again. Thanks for suggestions.