We had an incident last night on the authoritative nameserver which is master for dnssec-test.csi.cam.ac.uk (a signed zone). At the time it was running BIND 9.6.1rc1 (but I doubt if 9.6.1 is going to make a difference). A script-generated update timed out, and it subsequently failed to respond to any DNS queries or rndc commands (although the named process was still running).
It has to have been the update itself that caused this. (It had just previously processed updates to two unsigned zones perfectly). On the other hand, it had previously processed dozens of updates to the signed zone without any problems (it is maintained as an approximate clone of cam.ac.uk), and there wasn't anything unusual about this one. Indeed there was no problem re-applying it after BIND had been restarted. I am reduced to speculating about timing effects, e.g. collision with a re-signing event. Unfortunately I failed to get a core dump of named in the non-responding state (I need to review my procedures for that!) so I haven't got enough to report to bind-bugs. This is an appeal to ask if anyone has seen anything similar. -- Chris Thompson Email: c...@cam.ac.uk _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users