Re: Ubuntu service file is missing Restart parameter
Thank you for clarification. I'm not sure, who maintains which package. I opened bug report https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/2006054 ne 5. 2. 2023 o 15:55 Ondřej Surý napísal(a): > > Those are maintained by Ubuntu, not ISC, so you need to contact them. > > Or you can use packages provided by ISC: > https://kb.isc.org/docs/isc-packages-for-bind-9 > > Ondrej > -- > Ondřej Surý — ISC (He/Him) > > My working hours and your working hours may be different. Please do not feel > obligated to reply outside your normal working hours. > > On 5. 2. 2023, at 15:46, Blažej Krajňák wrote: > > Hi Ondrej, > > sorry, I really thought it's clear enough, but as I just found, the > problem presents in releases for Ubuntu 20.04, 18.04 and maybe older > also. > > It's all about the content of /lib/systemd/system/named.service > > Release for Ubuntu Jammy 22.04 LTS (1:9.18.1-1ubuntu1.3) contains > "Restart=on-failure" parameter. > > Releases for >Ubuntu Focal 20.04 LTS (1:9.16.1-0ubuntu2.12) >Ubuntu Bionic 18.04 LTS (1:9.11.3+dfsg-1ubuntu1.18) > and maybe older also are missing "Restart" parameter. > > I found this problem with friend, when Bind9 on Ubuntu 20.04 exited > with SIGV signal and keeps down (systemd did not restart the service). > > > Thanks > > > ne 5. 2. 2023 o 14:18 Ondřej Surý napísal(a): > > > Hi, > > > it might seem like we do practice black magic, but we really don’t. Thus we > can’t really help if you don’t provide more details like the content of the > file, the source of the package(s), and the version of the package(s). > > > Ondrej > > -- > > Ondřej Surý — ISC (He/Him) > > > My working hours and your working hours may be different. Please do not feel > obligated to reply outside your normal working hours. > > > On 5. 2. 2023, at 13:29, Blažej Krajňák wrote: > > > Hi there, > > > I just discovered that default Bind9 systemd service file for Ubuntu > > is missing "Restart" parameter. Is there any reason? > > Service file for Debian contains "Restart=on-failure" > > > > Thanks > > Blažej > > -- > > Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from > this list > > > ISC funds the development of this software with paid support subscriptions. > Contact us at https://www.isc.org/contact/ for more information. > > > > bind-users mailing list > > bind-users@lists.isc.org > > https://lists.isc.org/mailman/listinfo/bind-users -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Ubuntu service file is missing Restart parameter
Hi Ondrej, sorry, I really thought it's clear enough, but as I just found, the problem presents in releases for Ubuntu 20.04, 18.04 and maybe older also. It's all about the content of /lib/systemd/system/named.service Release for Ubuntu Jammy 22.04 LTS (1:9.18.1-1ubuntu1.3) contains "Restart=on-failure" parameter. Releases for Ubuntu Focal 20.04 LTS (1:9.16.1-0ubuntu2.12) Ubuntu Bionic 18.04 LTS (1:9.11.3+dfsg-1ubuntu1.18) and maybe older also are missing "Restart" parameter. I found this problem with friend, when Bind9 on Ubuntu 20.04 exited with SIGV signal and keeps down (systemd did not restart the service). Thanks ne 5. 2. 2023 o 14:18 Ondřej Surý napísal(a): > > Hi, > > it might seem like we do practice black magic, but we really don’t. Thus we > can’t really help if you don’t provide more details like the content of the > file, the source of the package(s), and the version of the package(s). > > Ondrej > -- > Ondřej Surý — ISC (He/Him) > > My working hours and your working hours may be different. Please do not feel > obligated to reply outside your normal working hours. > > > On 5. 2. 2023, at 13:29, Blažej Krajňák wrote: > > > > Hi there, > > > > I just discovered that default Bind9 systemd service file for Ubuntu > > is missing "Restart" parameter. Is there any reason? > > Service file for Debian contains "Restart=on-failure" > > > > > > Thanks > > Blažej > > -- > > Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from > > this list > > > > ISC funds the development of this software with paid support subscriptions. > > Contact us at https://www.isc.org/contact/ for more information. > > > > > > bind-users mailing list > > bind-users@lists.isc.org > > https://lists.isc.org/mailman/listinfo/bind-users -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Ubuntu service file is missing Restart parameter
Hi there, I just discovered that default Bind9 systemd service file for Ubuntu is missing "Restart" parameter. Is there any reason? Service file for Debian contains "Restart=on-failure" Thanks Blažej -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: DNSSEC implementation on IPv6 PTR Zones
Hello št 18. 11. 2021 o 10:28 Divya napísal(a): > Dear Admin, > > Has anybody implemented DNSSEC on IPv6 reverse zones? > Kindly help us to configure DNSSEC on reverse zones of IPV6 segment with > BIND 9.17.16+CentOS 7.9. > > With Thanks & Regards > Divya > I can confirm working DNSSEC for IPv6 reverse zone with BIND 9.16 on Debian 11. https://dnsviz.net/d/6.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.0.0.0.0.3.a.c.6.2.0.a.2.ip6.arpa/dnssec/ ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Stale cache feature problems
Hi, št 11. 11. 2021 o 10:28 Borja Marcos napísal(a): > First problem: I experienced random SERVFAILS with no apparent reason while i > had the feature turned on. I think it > especially affected CDNs with multiple chained CNAMES and complex DNS server > infrastructures. > glad to hear the confirmation of this problem. I experienced the same behaviour in our ISP network. Issue #2982 https://gitlab.isc.org/isc-projects/bind9/-/issues/2982 Please, add your conditions and findings to ticket. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Resolver failures after stale-answer enabled
https://gitlab.isc.org/isc-projects/bind9/-/issues/2982 st 27. 10. 2021 o 11:53 Blažej Krajňák napísal(a): > > Hello, > > few days ago I updated our recursive resolvers at AS50242 from Debian > 10 to 11 to be able to enable stale-answer afer Facebook incident. > However, today I got bug reports from customers. Their browser often > fail at page loading with DNS_PROBE_FINISHED_NXDOMAIN. After few > seconds (and after browser DNS re-query) page will load correctly. In > Bind9 log I see many of messages like: > > Oct 27 11:34:13 srv-snv-production named[576109]: > configuration.ls.apple.com resolver failure, stale answer unavailable > Oct 27 11:34:13 srv-snv-production named[576109]: client > @0x7fc71806cd58 10.202.42.196#58876 (configuration.ls.apple.com): view > clients: query failed (SERVFAIL) for > configuration.ls.apple.com/IN/TYPE65 at query.c:5832 > Oct 27 11:34:13 srv-snv-production named[576109]: > configuration.ls.apple.com resolver failure, stale answer unavailable > Oct 27 11:34:13 srv-snv-production named[576109]: client > @0x7fc7180715a8 10.202.42.196#49219 (configuration.ls.apple.com): view > clients: query failed (SERVFAIL) for configuration.ls.apple.com/IN/A > at query.c:5832 > > After I turned off stale-answer, problem looks to be resolved. I'm > attaching huge debug log of above failures - hope somebody will find > problem from this. The problematic query starts at 27-Oct-2021 > 11:34:13.858 > > https://drive.google.com/file/d/1qiyLa8CfNN54PUktth6R4kT8PpohNsde/view?usp=sharing > > Linux srv-le-production 5.10.0-9-amd64 #1 SMP Debian 5.10.70-1 > (2021-09-30) x86_64 GNU/Linux > bind9/stable,now 1:9.16.15-1 amd64 > > > Regards, > Blažej Krajňák ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Resolver failures after stale-answer enabled
Hello, few days ago I updated our recursive resolvers at AS50242 from Debian 10 to 11 to be able to enable stale-answer afer Facebook incident. However, today I got bug reports from customers. Their browser often fail at page loading with DNS_PROBE_FINISHED_NXDOMAIN. After few seconds (and after browser DNS re-query) page will load correctly. In Bind9 log I see many of messages like: Oct 27 11:34:13 srv-snv-production named[576109]: configuration.ls.apple.com resolver failure, stale answer unavailable Oct 27 11:34:13 srv-snv-production named[576109]: client @0x7fc71806cd58 10.202.42.196#58876 (configuration.ls.apple.com): view clients: query failed (SERVFAIL) for configuration.ls.apple.com/IN/TYPE65 at query.c:5832 Oct 27 11:34:13 srv-snv-production named[576109]: configuration.ls.apple.com resolver failure, stale answer unavailable Oct 27 11:34:13 srv-snv-production named[576109]: client @0x7fc7180715a8 10.202.42.196#49219 (configuration.ls.apple.com): view clients: query failed (SERVFAIL) for configuration.ls.apple.com/IN/A at query.c:5832 After I turned off stale-answer, problem looks to be resolved. I'm attaching huge debug log of above failures - hope somebody will find problem from this. The problematic query starts at 27-Oct-2021 11:34:13.858 https://drive.google.com/file/d/1qiyLa8CfNN54PUktth6R4kT8PpohNsde/view?usp=sharing Linux srv-le-production 5.10.0-9-amd64 #1 SMP Debian 5.10.70-1 (2021-09-30) x86_64 GNU/Linux bind9/stable,now 1:9.16.15-1 amd64 Regards, Blažej Krajňák ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
