Re: Re: Re: zone not loaded in one of view
Hi, I do have two `named`, one is original /usr/sbin/named installed via `yum install bind bind-utils` a few years ago, and another /usr/local/sbin/named which I build from source. I did not remember when the jnl file generated, maybe in the first run of new named, I never saw jnl file in the past. When I using the older named, /etc/named.data/db.ynu.edu.cn.intranet always got updated unexpected, detailed information is on Zone file got updated via named process unexpected (isc.org), so I update the named, but this problem still exists. After I make some changes to named.conf like disable DNSSEC or DLV or something else manually or explicitly. The file not changed anymore, but resulted in `zone not loaded`. Now I removed the jnl file and it worked well now. [root@pridns ~]# /usr/sbin/named -v BIND 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.15 (Extended Support Version) [root@pridns ~]# /usr/local/sbin/named -v BIND 9.18.20 (Extended Support Version) [root@pridns ~]# [root@pridns ~]# ll ~/db.ynu.edu.cn.intranet.jnl /etc/named.data/db.ynu.edu.cn.intranet -rw-r--r-- 1 root root 1.3K Dec 16 16:00 /etc/named.data/db.ynu.edu.cn.intranet -rw-r--r-- 1 named named 1.1K Dec 15 17:48 /root/db.ynu.edu.cn.intranet.jnl [root@pridns ~]# 2023-12-19 16:43:36 "Greg Choules" 写道: Hi. The existence of a `.jnl` file for the zone means that, at some point in the past anyway, you *did* allow dynamic updates to this zone and some updates were made, which were stored in the journal file. I would like to ask a couple of questions: 1) What is the timeline of your investigation? Map out file creation and modification dates and times along with log messages and times you made changes to see if you can build a picture of what actually happened when. 2) How many instances of 'named' are running on this server? I have seen in the past people have two or more 'named' processes running that they were not aware of, which *might* cause problems if they are trying to use the same data files. Cheers, Greg On Tue, 19 Dec 2023 at 08:26, wrote: I found there was a db.ynu.edu.cn.intranet.jnl beside db.ynu.edu.cn.intranet, I tried to remove it, then restarted and checked the new cache_dump.db, no `zone not loaded` anymore. For the original problem, because I modified serial of SOA and updated bind9 to the latest version, it could not reproduce. Maybe it's also the similar issue, but in the older bind 9.11, no jnl file generated via named. 2023-12-17 15:47:43 "Mark Andrews" 写道: Read your logs and/or use named-checkzone and/or tell name-checkconf to load the zones. -- Mark Andrews On 17 Dec 2023, at 15:22, liudong...@ynu.edu.cn wrote: Hi, I have a bind9 authoritative name server running, but I found a strange problem. One of zone in a specific view not loaded when I view the cache_dump.db after I execute `rndc dumpdb -all`. The zone data file is almost the same for difference views execpted some few domain resolution. [root@pridns data]# head -n 20 /etc/named.data/db.ynu.edu.cn.cernet $TTL 86400 ; 1 day @ IN SOA pridns.ynu.edu.cn. root.pridns.ynu.edu.cn. ( 2023121601; serial number 10800 ; Refresh interval, every 3 hours 3600; Retry interval, every 30 minutes 604800 ; Expire after 1 week 86400 ) ;Minimum TTL of 1 day $INCLUDE /etc/named.data/db.ynu.edu.cn.common ; RR of type A ; vpn110800 IN A 113.55.110.251 ; lb-http-jz IN A 113.55.14.52 ynucdn 600 IN A 202.203.208.4 ; vpn2IN A 202.203.208.9 [root@pridns data]# head -n 20 /etc/named.data/db.ynu.edu.cn.intranet $TTL 86400 ; 1 day @ IN SOA pridns.ynu.edu.cn. root.pridns.ynu.edu.cn. ( 2023121601; serial number 10800 ; Refresh interval, every 3 hours 3600; Retry interval, every 30 minutes 604800 ; Expire after 1 week 86400 ) ;Minimum TTL of 1 day $INCLUDE /etc/named.data/db.ynu.edu.cn.common ; RR of type A ; lb-http-jz IN A 113.55.14.52 ; vpn110800 IN A 192.168.208.3 ynucdn 600 IN A 202.203.208.4 ; vpn2IN A 202.203.208.9 [root@pridns data]# [root@pridns data]# named-checkconf /etc/named.conf [root@pridns data]# echo $? 0 [root@pridns data]# [root@pridns data]# rndc zonestatus ynu.edu.cn in CERNET name: ynu.edu.cn type: primary files: db.ynu.edu.cn.cernet, /etc/named.data/db.ynu.edu.cn.common serial: 2023121601 nodes: 576 last loaded: Sat, 16 Dec 2023 08:00:49 GMT secure: no dynamic:
Re: Re: zone not loaded in one of view
Hi. The existence of a `.jnl` file for the zone means that, at some point in the past anyway, you *did* allow dynamic updates to this zone and some updates were made, which were stored in the journal file. I would like to ask a couple of questions: 1) What is the timeline of your investigation? Map out file creation and modification dates and times along with log messages and times you made changes to see if you can build a picture of what actually happened when. 2) How many instances of 'named' are running on this server? I have seen in the past people have two or more 'named' processes running that they were not aware of, which *might* cause problems if they are trying to use the same data files. Cheers, Greg On Tue, 19 Dec 2023 at 08:26, wrote: > I found there was a db.ynu.edu.cn.intranet.jnl beside db.ynu.edu.cn.intranet, > I tried to remove it, then restarted and checked the new cache_dump.db, no > `zone not loaded` anymore. > > For the original problem, because I modified serial of SOA and updated bind9 > to the latest version, it could not reproduce. Maybe it's also the similar > issue, but in the older bind 9.11, no jnl file generated via named. > > > > > 2023-12-17 15:47:43 "Mark Andrews" 写道: > > Read your logs and/or use named-checkzone and/or tell name-checkconf to > load the zones. > > -- > Mark Andrews > > On 17 Dec 2023, at 15:22, liudong...@ynu.edu.cn wrote: > > Hi, I have a bind9 authoritative name server running, but I found a > strange problem. One of zone in a specific view not loaded when I view the > cache_dump.db after I execute `rndc dumpdb -all`. > > > The zone data file is almost the same for difference views execpted some > few domain resolution. > > > [root@pridns data]# head -n 20 /etc/named.data/db.ynu.edu.cn.cernet > $TTL 86400 ; 1 day > @ IN SOA pridns.ynu.edu.cn. root.pridns.ynu.edu.cn. ( > 2023121601; serial number > 10800 ; Refresh interval, every 3 hours > 3600; Retry interval, every 30 > minutes > 604800 ; Expire after 1 week > 86400 ) ;Minimum TTL of 1 day > > > $INCLUDE /etc/named.data/db.ynu.edu.cn.common > > > > > ; RR of type A > ; > vpn110800 IN A 113.55.110.251 > ; > lb-http-jz IN A 113.55.14.52 > ynucdn 600 IN A 202.203.208.4 > ; > vpn2IN A 202.203.208.9 > > > [root@pridns data]# head -n 20 /etc/named.data/db.ynu.edu.cn.intranet > $TTL 86400 ; 1 day > @ IN SOA pridns.ynu.edu.cn. root.pridns.ynu.edu.cn. ( > 2023121601; serial number > 10800 ; Refresh interval, every 3 hours > 3600; Retry interval, every 30 > minutes > 604800 ; Expire after 1 week > 86400 ) ;Minimum TTL of 1 day > > > $INCLUDE /etc/named.data/db.ynu.edu.cn.common > > > > > ; RR of type A > ; > lb-http-jz IN A 113.55.14.52 > ; > vpn110800 IN A 192.168.208.3 > ynucdn 600 IN A 202.203.208.4 > ; > vpn2IN A 202.203.208.9 > > > [root@pridns data]# > [root@pridns data]# named-checkconf /etc/named.conf > [root@pridns data]# echo $? > 0 > [root@pridns data]# > [root@pridns data]# rndc zonestatus ynu.edu.cn in CERNET > name: ynu.edu.cn > type: primary > files: db.ynu.edu.cn.cernet, /etc/named.data/db.ynu.edu.cn.common > serial: 2023121601 > nodes: 576 > last loaded: Sat, 16 Dec 2023 08:00:49 GMT > secure: no > dynamic: no > reconfigurable via modzone: no > [root@pridns data]# > [root@pridns data]# rndc zonestatus ynu.edu.cn in INTRANET > rndc: 'zonestatus' failed: zone not loaded > [root@pridns data]# > [root@pridns data]# named-checkzone ynu.edu.cn > /etc/named.data/db.ynu.edu.cn.intranet > zone ynu.edu.cn/IN: loaded serial 2023121601 > OK > [root@pridns data]# > [root@pridns data]# ll /etc/named.data/db.ynu.edu.cn.cernet > /etc/named.data/db.ynu.edu.cn.intranet > -rw-r--r-- 1 root root 1.3K Dec 16 16:00 > /etc/named.data/db.ynu.edu.cn.cernet > -rw-r--r-- 1 root root 1.3K Dec 16 16:00 > /etc/named.data/db.ynu.edu.cn.intranet > [root@pridns data]# > > > And here is parts of content in /var/named/data/cache_dump.db > > > ; Zone dump of 'ynu.edu.cn/IN/INTRANET' > ; > ; zone not loaded > ; > ; Zone dump of 'rpz/IN/INTRANET' > > > > > -- > Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > ISC funds the development of this software with paid support > subscriptions. Contact us at https://www.isc.org/contact/ for more > information. > > > bind-users mailing list > bind-users@lists.isc.org >
Re: Re: zone not loaded in one of view
I found there was a db.ynu.edu.cn.intranet.jnl beside db.ynu.edu.cn.intranet, I tried to remove it, then restarted and checked the new cache_dump.db, no `zone not loaded` anymore. For the original problem, because I modified serial of SOA and updated bind9 to the latest version, it could not reproduce. Maybe it's also the similar issue, but in the older bind 9.11, no jnl file generated via named. 2023-12-17 15:47:43 "Mark Andrews" 写道: Read your logs and/or use named-checkzone and/or tell name-checkconf to load the zones. -- Mark Andrews On 17 Dec 2023, at 15:22, liudong...@ynu.edu.cn wrote: Hi, I have a bind9 authoritative name server running, but I found a strange problem. One of zone in a specific view not loaded when I view the cache_dump.db after I execute `rndc dumpdb -all`. The zone data file is almost the same for difference views execpted some few domain resolution. [root@pridns data]# head -n 20 /etc/named.data/db.ynu.edu.cn.cernet $TTL 86400 ; 1 day @ IN SOA pridns.ynu.edu.cn. root.pridns.ynu.edu.cn. ( 2023121601; serial number 10800 ; Refresh interval, every 3 hours 3600; Retry interval, every 30 minutes 604800 ; Expire after 1 week 86400 ) ;Minimum TTL of 1 day $INCLUDE /etc/named.data/db.ynu.edu.cn.common ; RR of type A ; vpn110800 IN A 113.55.110.251 ; lb-http-jz IN A 113.55.14.52 ynucdn 600 IN A 202.203.208.4 ; vpn2IN A 202.203.208.9 [root@pridns data]# head -n 20 /etc/named.data/db.ynu.edu.cn.intranet $TTL 86400 ; 1 day @ IN SOA pridns.ynu.edu.cn. root.pridns.ynu.edu.cn. ( 2023121601; serial number 10800 ; Refresh interval, every 3 hours 3600; Retry interval, every 30 minutes 604800 ; Expire after 1 week 86400 ) ;Minimum TTL of 1 day $INCLUDE /etc/named.data/db.ynu.edu.cn.common ; RR of type A ; lb-http-jz IN A 113.55.14.52 ; vpn110800 IN A 192.168.208.3 ynucdn 600 IN A 202.203.208.4 ; vpn2IN A 202.203.208.9 [root@pridns data]# [root@pridns data]# named-checkconf /etc/named.conf [root@pridns data]# echo $? 0 [root@pridns data]# [root@pridns data]# rndc zonestatus ynu.edu.cn in CERNET name: ynu.edu.cn type: primary files: db.ynu.edu.cn.cernet, /etc/named.data/db.ynu.edu.cn.common serial: 2023121601 nodes: 576 last loaded: Sat, 16 Dec 2023 08:00:49 GMT secure: no dynamic: no reconfigurable via modzone: no [root@pridns data]# [root@pridns data]# rndc zonestatus ynu.edu.cn in INTRANET rndc: 'zonestatus' failed: zone not loaded [root@pridns data]# [root@pridns data]# named-checkzone ynu.edu.cn /etc/named.data/db.ynu.edu.cn.intranet zone ynu.edu.cn/IN: loaded serial 2023121601 OK [root@pridns data]# [root@pridns data]# ll /etc/named.data/db.ynu.edu.cn.cernet /etc/named.data/db.ynu.edu.cn.intranet -rw-r--r-- 1 root root 1.3K Dec 16 16:00 /etc/named.data/db.ynu.edu.cn.cernet -rw-r--r-- 1 root root 1.3K Dec 16 16:00 /etc/named.data/db.ynu.edu.cn.intranet [root@pridns data]# And here is parts of content in /var/named/data/cache_dump.db ; Zone dump of 'ynu.edu.cn/IN/INTRANET' ; ; zone not loaded ; ; Zone dump of 'rpz/IN/INTRANET' -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
