Package: bind9 Version: 1:9.18.19-1~deb12u1 Severity: normal Hi,
This is a weird one, but it's been happening daily for a few days now, so I figured it was worth reporting. For the last few days, if I try and visit https://www.dumbingofage.com/ Firefox can't resolve the hostname, similarly on the CLI: matthew@aragorn:~$ host www.dumbingofage.com Host www.dumbingofage.com not found: 2(SERVFAIL) AFAICT the NSs work - I can do both dig @23.226.68.75 www.dumbingofage.com and dig @23.226.68.76 www.dumbingofage.com And get a sensible answer back. If I restart bind9 then I am able to resolve the hostname fine, only for the same problem to recur the following day. So _something_ is getting confused, and I'm pretty sure it's bind :) Regards, Matthew -- System Information: Debian Release: 12.2 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-13-amd64 (SMP w/8 CPU threads; PREEMPT) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en Shell: /bin/sh linked to /usr/bin/dash Init: sysvinit (via /sbin/init) LSM: AppArmor: enabled Versions of packages bind9 depends on: ii adduser 3.134 ii bind9-libs 1:9.18.19-1~deb12u1 ii bind9-utils 1:9.18.19-1~deb12u1 ii debconf [debconf-2.0] 1.5.82 ii dns-root-data 2023010101 ii init-system-helpers 1.65.2 ii iproute2 6.1.0-3 ii libc6 2.36-9+deb12u3 ii libcap2 1:2.66-4 ii libelogind0 [libsystemd0] 246.10-1debian1 ii libfstrm0 0.6.1-1 ii libjson-c5 0.16-2 ii liblmdb0 0.9.24-1 ii libmaxminddb0 1.7.1-1 ii libnghttp2-14 1.52.0-1 ii libprotobuf-c1 1.4.1-1+b1 ii libssl3 3.0.11-1~deb12u2 ii libuv1 1.44.2-1 ii libxml2 2.9.14+dfsg-1.3~deb12u1 ii lsb-base 11.6 ii netbase 6.4 ii sysvinit-utils [lsb-base] 3.06-4 ii zlib1g 1:1.2.13.dfsg-1 bind9 recommends no packages. Versions of packages bind9 suggests: pn bind-doc <none> ii bind9-dnsutils [dnsutils] 1:9.18.19-1~deb12u1 ii dnsutils 1:9.18.19-1~deb12u1 pn resolvconf <none> pn ufw <none> -- Configuration Files: /etc/bind/db.127 changed: ; ; BIND reverse data file for local loopback interface ; $TTL 604800 @ IN SOA ns.empire.pick.ucam.org. hostmaster.pick.ucam.org. ( 3 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS localhost. 1.0.0 IN PTR localhost. /etc/bind/named.conf changed: // This is the primary configuration file for the BIND DNS server named. // // Please read /usr/share/doc/bind/README.Debian for information on the // structure of BIND configuration files in Debian for BIND versions 8.2.1 // and later, *BEFORE* you customize this configuration file. // options { directory "/var/cache/bind"; check-names master warn; // If there is a firewall between you and nameservers you want // to talk to, you might need to uncomment the query-source // directive below. Previous versions of BIND always asked // questions using port 53, but BIND 8.1 and later use an unprivileged // port by default. // query-source address * port 53; // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder. //can't use this, since it would break the reverse zones we secondary //forwarders { //212.23.8.1; 212.23.8.6; //}; }; // reduce log verbosity on issues outside our control logging { category lame-servers { null; }; // category cname { null; }; }; // prime the server with knowledge of the root servers zone "." { type hint; file "/etc/bind/db.root"; }; // be authoritative for the localhost forward and reverse zones, and for // broadcast zones as per RFC 1912 zone "localhost" { type master; file "/etc/bind/db.local"; }; zone "127.in-addr.arpa" { type master; file "/etc/bind/db.127"; }; zone "0.in-addr.arpa" { type master; file "/etc/bind/db.0"; }; zone "255.in-addr.arpa" { type master; file "/etc/bind/db.255"; }; // add entries for other zones below here zone "empire.pick.ucam.org" { type master; file "/etc/bind/db.empire"; }; zone "22.16.172.in-addr.arpa" { type master; file "/etc/bind/db.172.16.22"; }; zone "23.16.172.in-addr.arpa" { type master; file "/etc/bind/db.172.16.23"; }; // real IP address for the house network with A&A //zone "160-167.100.2.81.in-addr.arpa" { // type master; // file "/etc/bind/db.81.2.100.160-167"; //}; // WAN IP address for the ADSL router with A&A //zone "225.93.2.81.in-addr.arpa" { // type master; // file "/etc/bind/db.81.2.93.225"; //}; zone "easel.vpn.ucam.org" { type master; file "/etc/bind/db.easel"; }; zone "principate.org" { type slave; masters { 212.13.197.229; 93.93.128.67; 45.33.127.156; }; file "slave/principate.org"; }; zone "principate.org.uk" {type slave; masters { 212.13.197.229; 93.93.128.67; 45.33.127.156; }; file "slave/principate.org.uk"; }; zone "168.192.in-addr.arpa" { type slave; masters { 172.31.80.8; }; file "slave/168.192.in-addr.arpa"; }; zone "16.172.in-addr.arpa" { type slave; masters { 172.31.80.8; }; file "slave/16.172.in-addr.arpa"; }; zone "17.172.in-addr.arpa" { type slave; masters { 172.31.80.8; }; file "slave/17.172.in-addr.arpa"; }; zone "18.172.in-addr.arpa" { type slave; masters { 172.31.80.8; }; file "slave/18.172.in-addr.arpa"; }; zone "19.172.in-addr.arpa" { type slave; masters { 172.31.80.8; }; file "slave/19.172.in-addr.arpa"; }; zone "20.172.in-addr.arpa" { type slave; masters { 172.31.80.8; }; file "slave/20.172.in-addr.arpa"; }; zone "21.172.in-addr.arpa" { type slave; masters { 172.31.80.8; }; file "slave/21.172.in-addr.arpa"; }; zone "22.172.in-addr.arpa" { type slave; masters { 172.31.80.8; }; file "slave/22.172.in-addr.arpa"; }; zone "23.172.in-addr.arpa" { type slave; masters { 172.31.80.8; }; file "slave/23.172.in-addr.arpa"; }; zone "24.172.in-addr.arpa" { type slave; masters { 172.31.80.8; }; file "slave/24.172.in-addr.arpa"; }; zone "25.172.in-addr.arpa" { type slave; masters { 172.31.80.8; }; file "slave/25.172.in-addr.arpa"; }; zone "26.172.in-addr.arpa" { type slave; masters { 172.31.80.8; }; file "slave/26.172.in-addr.arpa"; }; zone "27.172.in-addr.arpa" { type slave; masters { 172.31.80.8; }; file "slave/27.172.in-addr.arpa"; }; zone "28.172.in-addr.arpa" { type slave; masters { 172.31.80.8; }; file "slave/28.172.in-addr.arpa"; }; zone "29.172.in-addr.arpa" { type slave; masters { 172.31.80.8; }; file "slave/29.172.in-addr.arpa"; }; zone "30.172.in-addr.arpa" { type slave; masters { 172.31.80.8; }; file "slave/30.172.in-addr.arpa"; }; zone "31.172.in-addr.arpa" { type slave; masters { 172.31.80.8; }; file "slave/31.172.in-addr.arpa"; }; //zone "cam.ac.uk" {type slave; masters { 131.111.8.37; 131.111.12.37; }; file "slave/cam.ac.uk"; }; zone "ucam.org" {type slave; masters { 212.13.197.229; }; file "slave/ucam.org"; }; //zone "greenend.empire.pick.ucam.org" {type slave; masters { 192.168.73.1; }; file "slave/greenend.empire.pick.ucam.org"; }; -- debconf information: bind9/start-as-user: bind bind9/different-configuration-file: bind9/run-resolvconf: true