The only thing I see that could be related is:
Jan 21 10:31:05 freeipa2 named[20660]: LDAP query timed out. Try to adjust 
"timeout" parameter
and then the message:
Jan 21 10:31:05 freeipa2 named[20660]:update_zone (psearch) failed for 
'idnsname=example.com,cn=dns,dc=example,dc=com'. Zones can be outdated, run 
`rndc reload`: timed out

However in errors/access log for that 389 instance, I do not see anything 
around that time.

When this happens again I will do what you suggested below (already have the 
debug packages installed) and will email you. Thanks a TON for your help on 
this!



 
-----Original Message-----
From: "Petr Spacek" <pspa...@redhat.com>
Sent: Tuesday, January 21, 2014 10:29am
To: andrew.tranqu...@mailtrust.com, freeipa-users@redhat.com
Subject: Re: [Freeipa-users] named unresponsive at seemingly random times



On 19.1.2014 03:38, andrew.tranqu...@mailtrust.com wrote:
> It seems to be at random and on different servers, but I will see the 
> following in named.run:
>
> update_zone (psearch) failed for 
> 'idnsname=example.com,cn=dns,dc=example,dc=com'. Zones can be outdated, run 
> `rndc reload`: bad zone
This typically mean that your zone is missing NS or glue records. Did you do 
some changes in the zone at time when the message appeared?

Do you see any errors related to connection between LDAP server and named? 
Look carefully to /var/log/messages for any other messages from named.

> When I see this, I cannot do any dns lookup for records in example.com. In 
> addition, named will not restart, I have to manually kill it and then start 
> it again. Once it is restarted, everything is fine, I can lookup records 
> again.
This is really weird. Could you capture stacks at the time when the problem 
manifests?

You can use following commands:
$ yum install gdb
$ debuginfo-install bind bind-dyndb-ldap
$ gdb -ex 'set confirm off' -ex 'set pagination off' -ex 'thread apply all bt 
full' -ex 'quit' `which named` `pgrep named` > stacktrace.`date +%s`.log 2>&1

Please send the stracktrace file to this list of privately to me and I will 
look into it.

Have a nice day!

Petr^2 Spacek

> I am looking for suggestions on troubleshooting or if anyone has seen this 
> before and found a resolution.
>
> I am running Centos 6.5:
> 389-ds-base-1.2.11.15-30
> bind-dyndb-ldap-2.3-5
> bind-libs-9.8.2-0.17.rc1
> bind-utils-9.8.2-0.17.rc1
>
> bind-9.8.2-0.17.rc1

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to