Package: bind9
Version: 1:9.8.1.dfsg.P1-4.1
Severity: normal
bind can stop resolving.
steps to reproduce:
1. configure dnssec
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
2. run bind, make some work
3. suspend pc for a while, turn off modem, resume, turn on modem
4. on resume, network will be unavailable for some time (modem load can take a
minutes)
but once modem loaded - bind will not resolve addresses and log a messages
like
Nov 18 12:54:14 x named[3046]: dnssec: info: validating @0xf22e45e8:
itpen.am.dlv.isc.org NSEC: no valid signature found
Nov 18 12:54:14 x named[3046]: dnssec: info: validating @0xf22e45e8:
itpen.am.dlv.isc.org NSEC: bad cache hit (am.dlv.isc.org/DS)
Nov 18 12:54:14 x named[3046]: dnssec: info: validating @0xf955ba58:
dlv.isc.org SOA: no valid signature found
workaround:
restarting bind9 solves a problem
-- System Information:
Debian Release: 6.0
APT prefers testing
APT policy: (600, 'testing'), (599, 'unstable')
Architecture: i386 (x86_64)
Kernel: Linux 3.6.6 (SMP w/4 CPU cores)
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages bind9 depends on:
ii adduser 3.112+nmu2 add and remove users and groups
ii bind9utils 1:9.8.1.dfsg.P1-4.1 Utilities for BIND
ii debconf [debconf-2.0 1.5.36.1 Debian configuration management sy
ii libbind9-80 1:9.8.1.dfsg.P1-4.1 BIND9 Shared Library used by BIND
ii libc6 2.13-26 Embedded GNU C Library: Shared lib
ii libcap2 1:2.19-3 support for getting/setting POSIX.
ii libcomerr2 1.42.2-1 common error description library
ii libdns81 1:9.8.1.dfsg.P1-4.1 DNS Shared Library used by BIND
ii libgssapi-krb5-2 1.10.1+dfsg-1 MIT Kerberos runtime libraries - k
ii libisc83 1:9.8.1.dfsg.P1-4.1 ISC Shared Library used by BIND
ii libisccc80 1:9.8.1.dfsg.P1-4.1 Command Channel Library used by BI
ii libisccfg82 1:9.8.1.dfsg.P1-4.1 Config File Handling Library used
ii libk5crypto3 1.10.1+dfsg-1 MIT Kerberos runtime libraries - C
ii libkrb5-3 1.10.1+dfsg-1 MIT Kerberos runtime libraries
ii liblwres80 1:9.8.1.dfsg.P1-4.1 Lightweight Resolver Library used
ii libssl1.0.0 1.0.1c-3 SSL shared libraries
ii lsb-base 3.2-28 Linux Standard Base 3.2 init scrip
ii net-tools 1.60-23 The NET-3 networking toolkit
ii netbase 5.0 Basic TCP/IP networking system
bind9 recommends no packages.
Versions of packages bind9 suggests:
ii bind9-doc 1:9.7.2.dfsg.P3-1.1 Documentation for BIND
ii dnsutils 1:9.7.3.dfsg-1+b1 Clients provided with BIND
pn resolvconf <none> (no description available)
pn ufw <none> (no description available)
-- Configuration Files:
/etc/bind/db.0 [Errno 2] Нет такого файла или каталога: u'/etc/bind/db.0'
/etc/bind/db.127 [Errno 2] Нет такого файла или каталога: u'/etc/bind/db.127'
/etc/bind/db.255 [Errno 2] Нет такого файла или каталога: u'/etc/bind/db.255'
/etc/bind/db.empty [Errno 2] Нет такого файла или каталога:
u'/etc/bind/db.empty'
/etc/bind/db.local [Errno 2] Нет такого файла или каталога:
u'/etc/bind/db.local'
/etc/bind/named.conf changed [not included]
/etc/bind/named.conf.default-zones changed [not included]
/etc/bind/named.conf.local changed [not included]
/etc/bind/named.conf.options changed [not included]
/etc/bind/zones.rfc1918 [Errno 2] Нет такого файла или каталога:
u'/etc/bind/zones.rfc1918'
-- debconf information:
* bind9/different-configuration-file:
* bind9/run-resolvconf: true
* bind9/start-as-user: bind
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
