Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Mint 20.1 on workstation, Debian 11 on servers
Posts: 1,336
Rep:
Random DNS outages
I have a fairly newly setup local DNS server running CentOS 6.7 and whatever is the latest named available for that distro.
It acts as a local DNS server and also a cache/forwarder for rest of my internet.
Every now and then, it just stops working. All name resolutions fail. I need to restart it then everything starts working again. This is quite unacceptable, I should not have to restart a service all the time like that.
Is there a way to figure out why it's doing this, and to stop it? Does it create a log anywhere?
Distribution: Mint 20.1 on workstation, Debian 11 on servers
Posts: 1,336
Original Poster
Rep:
Not that I'm aware of, just doing named restart fixes the issue, I don't get any unusual errors, like failing to stop the service. I looked for a log but can't seem to find where it puts it or what it names it, if there is any.
Looks like you hit this bug.
Since there is no solution mentioned there, try to use a different bind version. Upgrade if possible or downgrade (according to the guy that opened the bug report downgrading bind solves the problem).
BTW as you can see at the bug report, the named logs are written in /var/named/data/named.run
Distribution: Mint 20.1 on workstation, Debian 11 on servers
Posts: 1,336
Original Poster
Rep:
Hmmm wonder if my version is affected, it's only a few numbers off:
BIND 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6_7.7
I did a yum update but it's as high as it goes. I'm not sure how to downgrade and even if I did the next time I do a system update it will just update back anyway. I found the named.run file, but it's empty. There's a couple dated ones but they're all empty as well.
Distribution: Mint 20.1 on workstation, Debian 11 on servers
Posts: 1,336
Original Poster
Rep:
Quote:
Originally Posted by lazydog
You should be able to downgrade and then use the '--exclude=' option to exclude bind from being updated.
Is there a way to make that permanent somewhere? I just go on all my servers and run "yum update" every now and then, I'll surely forget to put that flag. :P
But first I'll try to confirm if that really is the bug I have. I just tried that rndc command so next time it happens I'll go check that log.
Is there a way to make that permanent somewhere? I just go on all my servers and run "yum update" every now and then, I'll surely forget to put that flag. :P
You could always make a alias for it, for example:
Code:
alias yud='yum update --exclude=bind'
Then when the alias is no longer needed you can simple delete it.
Distribution: Mint 20.1 on workstation, Debian 11 on servers
Posts: 1,336
Original Poster
Rep:
Did it again with logging on. Where do I find the log file? And is there a way to change it so it's in /var/log, that's where all the other logs are.
Edit: NM noticed it was already posted. Found it. That log is HUGE. I will sift through that and try to see if there's anything relevant to post. There are no time stamps so really it's kind of useless.
Last edited by Red Squirrel; 05-15-2016 at 07:37 PM.
This is a dnssec validation error.
Perhaps due to this error the cache gets full, resulting in named failure.
This is also mentioned in this bug report, with the workaround to disable dnssec, so you can try it to see if it solves your problem:
Distribution: Mint 20.1 on workstation, Debian 11 on servers
Posts: 1,336
Original Poster
Rep:
Yeah just tried to disable dnssec as per the suggestion to see if it helps. This is just a local dns server so don't think it really matters, it's not exposed to the internet.
It is very important to discern who is actually writing to resolv.conf on your machine. Is it maybe the home router taking over with its own DHCP, and with it- its own suggestions for using DNS servers instead of what you prescribed?
Distribution: Mint 20.1 on workstation, Debian 11 on servers
Posts: 1,336
Original Poster
Rep:
Quote:
Originally Posted by v4r3l0v
It is very important to discern who is actually writing to resolv.conf on your machine. Is it maybe the home router taking over with its own DHCP, and with it- its own suggestions for using DNS servers instead of what you prescribed?
Not sure what you're tryng to say? There's only really one person with access to the server and resolv.conf is set to correct IP and having it set to a different IP would cause it to fail consistently not just randomly...unless I've been compromised which I can't see how given it's not public facing and all my public facing stuff is on a separate vlan, though that vlan does have access to the DNS server... is there any known exploits for named where there is remote code execution? It would still require that one of the public facing servers is compromised though.
So far so good with DNSSEC off though.... but is that a real solution? Turning something security related off does not sound like a good long term plan, or does it not really matter for a local server? I'll admit I never really read up much on it so not sure of the exact details on how it works.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.