|
|
JFTR RedHat folks know and they are working on the fix already. |
|
|
|
I'm also experiencing this crash after upgrade from 7.5 to 7.6, it's really a shame that this kind of problems make it to a stable release.
SHAME ON REDHAT!
@mhagen94: do you have a link to the upstream bug issue? |
|
|
|
Same problem here. This is....really bad. I had to figure out how to get systemd to restart the darn thing when it died, and set a cron job to delete the core files, because all of them made my box run out of space.
The link to the upstream bug appears to be here:
https://access.redhat.com/solutions/3683641
I can't see much on that page. Troubling, however, is the date: "Updated November 9 2018 at 8:20 PM"
How is this not biting everyone who uses Bind? Maybe there just aren't that many of us. |
|
|
|
Would you be willing to share your named.conf, redacting keys as necessary? |
|
|
|
We've seen this exact same issue on 3 servers that have been updated to CentOS 7.6. Two of them are authoritative name servers with 14K zones and after several systemd restarts they manage to reach a stable state and will remain functioning without issue until restarted again.
The 3rd server is the most problematic and is a private DNS resolver only. It does receive a lot of queries, mainly RBL lookups for spam filtering. The configuration is basically the default with a few additional logging options. As it turns out, disabling those logs appears to resolve the crashing. Before this change, systemd was having to restart the service many times per minute. Now it has remained stable for two 15 minutes periods with a manual restart in between. I've attached the named.conf where you can see the commented logging.
The other two impact servers have similar additional logging configured as well. Since they've remained stable for the past 10 hours I won't be touching them to evaluate this possible fix.
named.conf (1,771 bytes)
options {
listen-on port 53 { 127.0.0.1; };
#listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; };
query-source address x.x.x.x; //snip
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
/*
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
*/
logging {
channel default_log {
file "/var/log/named/named.log" versions 5 size 128M;
print-time yes;
print-severity yes;
print-category yes;
severity warning;
};
category default { default_log; };
category general { default_log; };
/*
channel querylog {
file "/var/log/named/querylog" versions 25 size 100m;
severity debug 10;
print-category yes;
print-time yes;
print-severity yes;
};
category queries { querylog;};
category query-errors { querylog;};
channel hd_security {
file "/var/log/named/security" versions 2 size 100m;
print-time yes;
print-severity yes;
print-category yes;
};
category security { hd_security; };
*/
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
|
|
|
|
Do any of you run rndc dumpdb on a regular basis? |
|
|
|
No @TrevorH. |
|
|
|
Here is my config. Also very simple. _Also_ has additional logging. I need the querylog.
This is a simple, small setup. There are a couple of extra zones for local names, and then some zones that I redirect to 127.0.0.1.
I could attempt to turn off the logging, but honestly, the logging is required.
I've also run with this config for years.
With this exercise, I diffed my config to the rpm's current default. The only option I had in my config that seems to no longer be needed was "dnssec-lookaside auto;". I've removed that, but I'm still seeing the crashing.
Thank you.
named-2.conf (2,766 bytes)
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// See the BIND Administrator's Reference Manual (ARM) for details about the
// configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html
options {
/* listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; }; */
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
/* allow-query { localhost; }; */
/*
- If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
- If you are building a RECURSIVE (caching) DNS server, you need to enable
recursion.
- If your recursive DNS server has a public IP address, you MUST enable access
control to limit queries to your legitimate users. Failing to do so will
cause your server to become part of large scale DNS amplification
attacks. Implementing BCP38 within your network would greatly
reduce such attack surface
*/
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
channel named_file
{
file "/var/log/named.log" versions 99 size 10m;
print-time yes;
print-category yes;
print-severity yes;
};
category default
{
named_file;
};
channel querylog
{
file "/var/log/named_querylog" versions unlimited size 100M;
severity debug 10;
print-category yes;
print-time yes;
print-severity yes;
};
category queries { querylog; };
category lame-servers
{
querylog;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
zone "xxxx.org" {
notify no;
type master;
file "xxxx.org";
};
zone "xxxx.net" {
notify no;
type master;
file "xxxx.net";
};
zone "xx.168.192.in-addr.arpa" {
notify no;
type master;
file "192.168.xx";
};
zone "xxxx.com" {type master; file "blockeddomain.hosts";};
zone "xxxx.com" {type master; file "blockeddomain.hosts";};
|
|
|
|
We're working on a temporary fix until we get an official one from RH. I hope to have a test build available tomorrow |
|
|
|
"Do any of you run rndc dumpdb on a regular basis?" No
So i "fixed" my issue just to force systemctl to restart named when it crashes. It happens when local computers/servers do a query's for some websites.
This is my experience.
Attached logging.conf and named.conf
For long time i have been using this log format, just copied somewhere from the internet but has everything i need, and maybe bit more (don't judge)
My setup contains a primary local/public DNS server and a offsite slave DNS.
Using views on the primary for internal clients/server
logging.conf (2,924 bytes)
logging {
channel default_debug {
file "/var/log/named/named.run" versions 5 size 5m;
severity dynamic;
print-time yes;
};
channel default_file {
file "/var/log/named/default.log" versions 5 size 5m;
severity dynamic;
print-time yes;
};
channel general_file {
file "/var/log/named/general.log" versions 5 size 5m;
severity dynamic;
print-time yes;
};
channel database_file {
file "/var/log/named/database.log" versions 5 size 5m;
severity dynamic;
print-time yes;
};
channel security_file {
file "/var/log/named/security.log" versions 5 size 5m;
severity dynamic;
print-time yes;
};
channel config_file {
file "/var/log/named/config.log" versions 5 size 5m;
severity dynamic;
print-time yes;
};
channel resolver_file {
file "/var/log/named/resolver.log" versions 5 size 5m;
severity dynamic;
print-time yes;
};
channel xfer-in_file {
file "/var/log/named/xfer-in.log" versions 5 size 5m;
severity dynamic;
print-time yes;
};
channel xfer-out_file {
file "/var/log/named/xfer-out.log" versions 5 size 5m;
severity dynamic;
print-time yes;
};
channel notify_file {
file "/var/log/named/notify.log" versions 5 size 5m;
severity dynamic;
print-time yes;
};
channel client_file {
file "/var/log/named/client.log" versions 5 size 5m;
severity dynamic;
print-time yes;
};
channel unmatched_file {
file "/var/log/named/unmatched.log" versions 5 size 5m;
severity dynamic;
print-time yes;
};
channel queries_file {
file "/var/log/named/queries.log" versions 5 size 5m;
severity debug 10;
print-time yes;
};
channel network_file {
file "/var/log/named/network.log" versions 5 size 5m;
severity dynamic;
print-time yes;
};
channel update_file {
file "/var/log/named/update.log" versions 5 size 5m;
severity dynamic;
print-time yes;
};
channel dispatch_file {
file "/var/log/named/dispatch.log" versions 5 size 5m;
severity dynamic;
print-time yes;
};
channel dnssec_file {
file "/var/log/named/dnssec.log" versions 5 size 5m;
severity dynamic;
print-time yes;
};
channel lame-servers_file {
file "/var/log/named/lame-servers.log" versions 5 size 5m;
severity dynamic;
print-time yes;
};
category default {
default_file;
};
category general {
general_file;
};
category database {
database_file;
};
category security {
security_file;
};
category config {
config_file;
};
category resolver {
resolver_file;
};
category xfer-in {
xfer-in_file;
};
category xfer-out {
xfer-out_file;
};
category notify {
notify_file;
};
category client {
client_file;
};
category unmatched {
unmatched_file;
};
category queries {
queries_file;
};
category network {
network_file;
};
category update {
update_file;
};
category dispatch {
dispatch_file;
};
category dnssec {
dnssec_file;
};
category lame-servers {
lame-servers_file;
};
};
named-3.conf (2,333 bytes)
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// See the BIND Administrator's Reference Manual (ARM) for details about the
// configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html
acl x1 {
<SNIP>
};
masters x2 {
<SNIP>
};
acl x3 {
<SNIP>
};
acl x4 {
<SNIP>
};
options {
listen-on port 53 { 10.10.0.22; };
//listen-on-v6 port 53 { ::1; };
version none;
provide-ixfr no;
auth-nxdomain no; # conform to RFC1035
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
/*
- If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
- If you are building a RECURSIVE (caching) DNS server, you need to enable
recursion.
- If your recursive DNS server has a public IP address, you MUST enable access
control to limit queries to your legitimate users. Failing to do so will
cause your server to become part of large scale DNS amplification
attacks. Implementing BCP38 within your network would greatly
reduce such attack surface
*/
#recursion yes; # Disabled because of views
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
notify explicit;
dnssec-lookaside auto;
filter-aaaa-on-v4 yes;
};
include "/var/named/logging.conf";
include "/etc/named.root.key";
key rndc-key {
<snip>
};
controls {
inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndc-key"; };
};
trusted-keys {
};
view "external" {
match-clients { !x4; any; };
recursion no;
allow-transfer { x1; x3; };
also-notify { x2; };
<SNIP ZONES>
};
view "internal" {
match-clients { x4; };
recursion yes;
allow-recursion { x4; };
allow-query { x4; };
notify no;
include "/etc/named.rfc1912.zones";
<SNIP ZONES>
};
|
|
|
|
Well, we have a test build here https://buildlogs.centos.org/c7.1810.u.x86_64/bind/20181211154620/9.9.4-72.el7.0.1.x86_64/
Please use it if you can, with your default config.
Thanks, Pablo. |
|
|
|
I experienced the same issue today after performing a system update. I installed the test build and so far so good. Haven't crashed yet. |
|
|
|
Same result here, installed it on my local dev dns (which has the same issue and config) and no crashes or errors so far. |
|
|
|
I have installed it here: no problems so far. I will keep monitoring it. |
|
|
|
OK .. we have started a new repo to publish fixes. We are reusing the Fasttrack repo now for this purpose.
I just pushed the output from bind-9.9.4-72.el7.0.1.src.rpm (thanks pgreco for the patch).
In order to use this repo, you can do:
sudo yum-config-manager --enable fasttrack
Then just a normal yum upgrade.
Once Red Hat releases a fix for a given we will be removing our fixes from this fasttrack repo. |
|
|
|
Perfect! Thank you very much for making that available.
Running the patch on all machines which were updated to the latest bind, and all is working like it should.
Still running extra logging and debugging if it goes wrong. |
|
|
|
Just tonight i had multiple "crashes"/killed named using the 9.9.4-72.el7.0.1.
Attaches redacted general.log
I suspect it has something to do with "signature has expired" domain.
Before the last crash there is call "stopping command channel on 127.0.0.1#953" after that, it didn't occur anymore?
redacted-general.log (28,591 bytes)
26-Jan-2019 00:00:06.489 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 00:00:32.315 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 00:00:32.316 general: info: sync: dumping zone '<redacted>.nl/IN' external: success
26-Jan-2019 00:00:33.111 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 00:00:33.630 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 00:00:34.065 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 00:00:35.182 general: info: received control channel command 'sync <redacted>.local'
26-Jan-2019 00:00:35.182 general: info: sync: dumping zone '<redacted>.local/IN' internal: success
26-Jan-2019 00:00:40.339 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 00:00:40.383 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 00:00:40.392 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 00:02:25.024 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 00:02:27.018 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 00:02:27.527 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 00:02:27.527 general: info: sync: dumping zone '<redacted>.nl/IN' external: success
26-Jan-2019 00:02:29.125 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 00:02:30.195 general: info: received control channel command 'sync <redacted>.info'
26-Jan-2019 00:02:30.985 general: info: received control channel command 'sync <redacted>.org'
26-Jan-2019 00:02:31.509 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 00:02:33.680 general: info: received control channel command 'sync <redacted>.link'
26-Jan-2019 00:02:33.680 general: info: sync: dumping zone '<redacted>.link/IN' external: success
26-Jan-2019 00:02:38.526 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 00:02:48.575 general: info: received control channel command 'sync mc<redacted>.nl'
26-Jan-2019 00:02:49.062 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 00:02:49.531 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 00:02:50.591 general: info: received control channel command 'sync <redacted>.org'
26-Jan-2019 00:02:51.218 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 00:02:51.680 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 00:02:52.159 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 00:02:52.159 general: info: sync: dumping zone '<redacted>.nl/IN' external: success
26-Jan-2019 00:02:52.716 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 00:02:53.518 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 00:02:53.518 general: info: sync: dumping zone '<redacted>.nl/IN' external: success
26-Jan-2019 00:02:55.295 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 00:03:00.242 general: info: received control channel command 'sync <redacted>.link'
26-Jan-2019 00:03:00.243 general: info: sync: dumping zone '<redacted>.link/IN' external: success
26-Jan-2019 00:03:01.413 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 00:03:05.820 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 00:03:05.820 general: info: sync: dumping zone '<redacted>.nl/IN' external: success
26-Jan-2019 00:03:06.657 general: info: received control channel command 'sync <redacted>.local'
26-Jan-2019 00:03:06.657 general: info: sync: dumping zone '<redacted>.local/IN' internal: success
26-Jan-2019 01:00:07.332 general: info: managed-keys-zone/external: journal file is out of date: removing journal file
26-Jan-2019 01:00:07.333 general: info: managed-keys-zone/external: loaded serial 21043
26-Jan-2019 01:00:07.337 general: info: managed-keys-zone/internal: journal file is out of date: removing journal file
26-Jan-2019 01:00:07.337 general: info: managed-keys-zone/internal: loaded serial 21043
26-Jan-2019 01:00:07.341 general: info: zone <redacted>.info.disabled/IN/external: loaded serial 2018122400
26-Jan-2019 01:00:07.341 general: info: zone <redacted>.nl.disabled/IN/external: loaded serial 2017020502
26-Jan-2019 01:00:07.341 general: info: zone <redacted>.nl.disabled/IN/external: loaded serial 2017020502
26-Jan-2019 01:00:07.342 general: warning: /var/named/external/<redacted>.nl.hosts:77: signature has expired
26-Jan-2019 01:00:07.344 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122402
26-Jan-2019 01:00:07.345 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 01:00:07.345 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 01:00:07.345 general: info: zone <redacted>.org/IN/external: loaded serial 2018122802
26-Jan-2019 01:00:07.345 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 01:00:07.345 general: info: zone <redacted>.link/IN/external: loaded serial 2018122401
26-Jan-2019 01:00:07.345 general: info: zone 0.in-addr.arpa/IN/internal: loaded serial 0
26-Jan-2019 01:00:07.346 general: info: zone 0.10.10.in-addr.arpa/IN/internal: loaded serial 2018120501
26-Jan-2019 01:00:07.346 general: info: zone <redacted>.nl/IN/internal: loaded serial 2019011000
26-Jan-2019 01:00:07.347 general: info: zone 1.0.0.127.in-addr.arpa/IN/internal: loaded serial 0
26-Jan-2019 01:00:07.347 general: info: zone <redacted>.org/IN/internal: loaded serial 2018081524
26-Jan-2019 01:00:07.347 general: info: zone corp.<redacted>.nl/IN/internal: loaded serial 2018121700
26-Jan-2019 01:00:07.347 general: info: zone localhost.localdomain/IN/internal: loaded serial 0
26-Jan-2019 01:00:07.348 general: info: zone <redacted>.local/IN/internal: loaded serial 2018071004
26-Jan-2019 01:00:07.348 general: info: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/internal: loaded serial 0
26-Jan-2019 01:00:07.348 general: info: zone <redacted>.nl/IN/external: loaded serial 2019011500 (DNSSEC signed)
26-Jan-2019 01:00:07.348 general: info: zone localhost/IN/internal: loaded serial 0
26-Jan-2019 01:00:07.349 general: info: zone <redacted>.nl/IN/internal: loaded serial 2018082000
26-Jan-2019 01:00:07.349 general: notice: all zones loaded
26-Jan-2019 01:00:07.349 general: notice: running
26-Jan-2019 01:00:55.980 general: info: managed-keys-zone/external: loaded serial 21043
26-Jan-2019 01:00:55.981 general: info: managed-keys-zone/internal: loaded serial 21043
26-Jan-2019 01:00:55.982 general: info: zone <redacted>.info.disabled/IN/external: loaded serial 2018122400
26-Jan-2019 01:00:55.983 general: info: zone <redacted>.nl.disabled/IN/external: loaded serial 2017020502
26-Jan-2019 01:00:55.983 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122402
26-Jan-2019 01:00:55.983 general: info: zone <redacted>.nl.disabled/IN/external: loaded serial 2017020502
26-Jan-2019 01:00:55.983 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 01:00:55.983 general: info: zone <redacted>.link/IN/external: loaded serial 2018122401
26-Jan-2019 01:00:55.983 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 01:00:55.983 general: warning: /var/named/external/<redacted>.nl.hosts:77: signature has expired
26-Jan-2019 01:00:55.985 general: info: zone <redacted>.nl/IN/external: loaded serial 2019011500 (DNSSEC signed)
26-Jan-2019 01:00:55.985 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 01:00:55.985 general: info: zone 0.10.10.in-addr.arpa/IN/internal: loaded serial 2018120501
26-Jan-2019 01:00:55.985 general: info: zone <redacted>.org/IN/external: loaded serial 2018122802
26-Jan-2019 01:00:55.985 general: info: zone 0.in-addr.arpa/IN/internal: loaded serial 0
26-Jan-2019 01:00:55.987 general: info: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/internal: loaded serial 0
26-Jan-2019 01:00:55.987 general: info: zone 1.0.0.127.in-addr.arpa/IN/internal: loaded serial 0
26-Jan-2019 01:00:55.987 general: info: zone <redacted>.local/IN/internal: loaded serial 2018071004
26-Jan-2019 01:00:55.987 general: info: zone localhost.localdomain/IN/internal: loaded serial 0
26-Jan-2019 01:00:55.987 general: info: zone <redacted>.nl/IN/internal: loaded serial 2019011000
26-Jan-2019 01:00:55.988 general: info: zone localhost/IN/internal: loaded serial 0
26-Jan-2019 01:00:55.988 general: info: zone corp.<redacted>.nl/IN/internal: loaded serial 2018121700
26-Jan-2019 01:00:55.988 general: info: zone <redacted>.nl/IN/internal: loaded serial 2018082000
26-Jan-2019 01:00:55.988 general: info: zone <redacted>.org/IN/internal: loaded serial 2018081524
26-Jan-2019 01:00:55.988 general: notice: all zones loaded
26-Jan-2019 01:00:55.991 general: notice: running
26-Jan-2019 01:00:59.358 general: info: managed-keys-zone/external: loaded serial 21043
26-Jan-2019 01:00:59.359 general: info: managed-keys-zone/internal: loaded serial 21043
26-Jan-2019 01:00:59.364 general: warning: /var/named/external/<redacted>.nl.hosts:77: signature has expired
26-Jan-2019 01:00:59.366 general: info: zone 0.10.10.in-addr.arpa/IN/internal: loaded serial 2018120501
26-Jan-2019 01:00:59.367 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 01:00:59.367 general: info: zone 0.in-addr.arpa/IN/internal: loaded serial 0
26-Jan-2019 01:00:59.367 general: info: zone 1.0.0.127.in-addr.arpa/IN/internal: loaded serial 0
26-Jan-2019 01:00:59.367 general: info: zone <redacted>.nl.disabled/IN/external: loaded serial 2017020502
26-Jan-2019 01:00:59.368 general: info: zone <redacted>.nl/IN/external: loaded serial 2019011500 (DNSSEC signed)
26-Jan-2019 01:00:59.368 general: info: zone <redacted>.nl.disabled/IN/external: loaded serial 2017020502
26-Jan-2019 01:00:59.368 general: info: zone <redacted>.link/IN/external: loaded serial 2018122401
26-Jan-2019 01:00:59.368 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122402
26-Jan-2019 01:00:59.368 general: info: zone <redacted>.info.disabled/IN/external: loaded serial 2018122400
26-Jan-2019 01:00:59.368 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 01:00:59.368 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 01:00:59.368 general: info: zone corp.<redacted>.nl/IN/internal: loaded serial 2018121700
26-Jan-2019 01:00:59.370 general: info: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/internal: loaded serial 0
26-Jan-2019 01:00:59.370 general: info: zone <redacted>.org/IN/external: loaded serial 2018122802
26-Jan-2019 01:00:59.372 general: info: zone localhost/IN/internal: loaded serial 0
26-Jan-2019 01:00:59.372 general: info: zone localhost.localdomain/IN/internal: loaded serial 0
26-Jan-2019 01:00:59.372 general: info: zone <redacted>.nl/IN/internal: loaded serial 2019011000
26-Jan-2019 01:00:59.372 general: info: zone <redacted>.nl/IN/internal: loaded serial 2018082000
26-Jan-2019 01:00:59.373 general: info: zone <redacted>.local/IN/internal: loaded serial 2018071004
26-Jan-2019 01:00:59.374 general: info: zone <redacted>.org/IN/internal: loaded serial 2018081524
26-Jan-2019 01:00:59.374 general: notice: all zones loaded
26-Jan-2019 01:00:59.374 general: notice: running
26-Jan-2019 01:01:06.116 general: info: managed-keys-zone/external: loaded serial 21043
26-Jan-2019 01:01:06.117 general: info: managed-keys-zone/internal: loaded serial 21043
26-Jan-2019 01:01:06.121 general: info: zone <redacted>.info.disabled/IN/external: loaded serial 2018122400
26-Jan-2019 01:01:06.121 general: info: zone <redacted>.link/IN/external: loaded serial 2018122401
26-Jan-2019 01:01:06.121 general: info: zone <redacted>.nl.disabled/IN/external: loaded serial 2017020502
26-Jan-2019 01:01:06.121 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 01:01:06.121 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122402
26-Jan-2019 01:01:06.123 general: info: zone 1.0.0.127.in-addr.arpa/IN/internal: loaded serial 0
26-Jan-2019 01:01:06.123 general: info: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/internal: loaded serial 0
26-Jan-2019 01:01:06.123 general: info: zone localhost/IN/internal: loaded serial 0
26-Jan-2019 01:01:06.123 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 01:01:06.123 general: info: zone <redacted>.org/IN/external: loaded serial 2018122802
26-Jan-2019 01:01:06.124 general: info: zone localhost.localdomain/IN/internal: loaded serial 0
26-Jan-2019 01:01:06.124 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 01:01:06.125 general: info: zone <redacted>.nl.disabled/IN/external: loaded serial 2017020502
26-Jan-2019 01:01:06.125 general: info: zone <redacted>.nl/IN/internal: loaded serial 2019011000
26-Jan-2019 01:01:06.126 general: info: zone <redacted>.nl/IN/internal: loaded serial 2018082000
26-Jan-2019 01:01:06.126 general: info: zone <redacted>.local/IN/internal: loaded serial 2018071004
26-Jan-2019 01:01:06.126 general: info: zone corp.<redacted>.nl/IN/internal: loaded serial 2018121700
26-Jan-2019 01:01:06.126 general: info: zone <redacted>.org/IN/internal: loaded serial 2018081524
26-Jan-2019 01:01:06.127 general: warning: /var/named/external/<redacted>.nl.hosts:77: signature has expired
26-Jan-2019 01:01:06.128 general: info: zone <redacted>.nl/IN/external: loaded serial 2019011500 (DNSSEC signed)
26-Jan-2019 01:01:06.128 general: info: zone 0.in-addr.arpa/IN/internal: loaded serial 0
26-Jan-2019 01:01:06.129 general: info: zone 0.10.10.in-addr.arpa/IN/internal: loaded serial 2018120501
26-Jan-2019 01:01:06.129 general: notice: all zones loaded
26-Jan-2019 01:01:06.129 general: notice: running
26-Jan-2019 01:01:10.409 general: info: managed-keys-zone/external: loaded serial 21043
26-Jan-2019 01:01:10.412 general: info: managed-keys-zone/internal: loaded serial 21043
26-Jan-2019 01:01:10.421 general: info: zone <redacted>.nl.disabled/IN/external: loaded serial 2017020502
26-Jan-2019 01:01:10.421 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122402
26-Jan-2019 01:01:10.421 general: info: zone <redacted>.info.disabled/IN/external: loaded serial 2018122400
26-Jan-2019 01:01:10.421 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 01:01:10.421 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 01:01:10.421 general: info: zone <redacted>.nl.disabled/IN/external: loaded serial 2017020502
26-Jan-2019 01:01:10.422 general: info: zone <redacted>.link/IN/external: loaded serial 2018122401
26-Jan-2019 01:01:10.423 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 01:01:10.423 general: warning: /var/named/external/<redacted>.nl.hosts:77: signature has expired
26-Jan-2019 01:01:10.424 general: info: zone <redacted>.org/IN/external: loaded serial 2018122802
26-Jan-2019 01:01:10.426 general: info: zone <redacted>.nl/IN/external: loaded serial 2019011500 (DNSSEC signed)
26-Jan-2019 01:01:10.426 general: info: zone 0.in-addr.arpa/IN/internal: loaded serial 0
26-Jan-2019 01:01:10.428 general: info: zone <redacted>.nl/IN/internal: loaded serial 2019011000
26-Jan-2019 01:01:10.428 general: info: zone 0.10.10.in-addr.arpa/IN/internal: loaded serial 2018120501
26-Jan-2019 01:01:10.429 general: info: zone <redacted>.local/IN/internal: loaded serial 2018071004
26-Jan-2019 01:01:10.429 general: info: zone localhost.localdomain/IN/internal: loaded serial 0
26-Jan-2019 01:01:10.429 general: info: zone 1.0.0.127.in-addr.arpa/IN/internal: loaded serial 0
26-Jan-2019 01:01:10.429 general: info: zone corp.<redacted>.nl/IN/internal: loaded serial 2018121700
26-Jan-2019 01:01:10.429 general: info: zone <redacted>.nl/IN/internal: loaded serial 2018082000
26-Jan-2019 01:01:10.429 general: info: zone <redacted>.org/IN/internal: loaded serial 2018081524
26-Jan-2019 01:01:10.430 general: info: zone localhost/IN/internal: loaded serial 0
26-Jan-2019 01:01:10.430 general: info: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/internal: loaded serial 0
26-Jan-2019 01:01:10.430 general: notice: all zones loaded
26-Jan-2019 01:01:10.430 general: notice: running
26-Jan-2019 01:01:18.249 general: info: managed-keys-zone/external: loaded serial 21043
26-Jan-2019 01:01:18.250 general: info: managed-keys-zone/internal: loaded serial 21043
26-Jan-2019 01:01:18.255 general: warning: /var/named/external/<redacted>.nl.hosts:77: signature has expired
26-Jan-2019 01:01:18.257 general: info: zone <redacted>.org/IN/external: loaded serial 2018122802
26-Jan-2019 01:01:18.257 general: info: zone <redacted>.nl/IN/external: loaded serial 2019011500 (DNSSEC signed)
26-Jan-2019 01:01:18.257 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122402
26-Jan-2019 01:01:18.257 general: info: zone <redacted>.link/IN/external: loaded serial 2018122401
26-Jan-2019 01:01:18.257 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 01:01:18.257 general: info: zone <redacted>.nl.disabled/IN/external: loaded serial 2017020502
26-Jan-2019 01:01:18.257 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 01:01:18.257 general: info: zone <redacted>.info.disabled/IN/external: loaded serial 2018122400
26-Jan-2019 01:01:18.258 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 01:01:18.259 general: info: zone <redacted>.nl.disabled/IN/external: loaded serial 2017020502
26-Jan-2019 01:01:18.259 general: info: zone 0.in-addr.arpa/IN/internal: loaded serial 0
26-Jan-2019 01:01:18.261 general: info: zone 0.10.10.in-addr.arpa/IN/internal: loaded serial 2018120501
26-Jan-2019 01:01:18.261 general: info: zone 1.0.0.127.in-addr.arpa/IN/internal: loaded serial 0
26-Jan-2019 01:01:18.261 general: info: zone <redacted>.nl/IN/internal: loaded serial 2018082000
26-Jan-2019 01:01:18.262 general: info: zone <redacted>.local/IN/internal: loaded serial 2018071004
26-Jan-2019 01:01:18.262 general: info: zone <redacted>.org/IN/internal: loaded serial 2018081524
26-Jan-2019 01:01:18.262 general: info: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/internal: loaded serial 0
26-Jan-2019 01:01:18.263 general: info: zone corp.<redacted>.nl/IN/internal: loaded serial 2018121700
26-Jan-2019 01:01:18.264 general: info: zone <redacted>.nl/IN/internal: loaded serial 2019011000
26-Jan-2019 01:01:18.265 general: info: zone localhost.localdomain/IN/internal: loaded serial 0
26-Jan-2019 01:01:18.265 general: info: zone localhost/IN/internal: loaded serial 0
26-Jan-2019 01:01:18.265 general: notice: all zones loaded
26-Jan-2019 01:01:18.266 general: notice: running
26-Jan-2019 01:01:36.816 general: info: managed-keys-zone/external: loaded serial 21043
26-Jan-2019 01:01:36.816 general: info: managed-keys-zone/internal: loaded serial 21043
26-Jan-2019 01:01:36.817 general: info: zone 0.in-addr.arpa/IN/internal: loaded serial 0
26-Jan-2019 01:01:36.817 general: info: zone 0.10.10.in-addr.arpa/IN/internal: loaded serial 2018120501
26-Jan-2019 01:01:36.818 general: info: zone <redacted>.nl.disabled/IN/external: loaded serial 2017020502
26-Jan-2019 01:01:36.818 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 01:01:36.818 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122402
26-Jan-2019 01:01:36.818 general: info: zone <redacted>.nl.disabled/IN/external: loaded serial 2017020502
26-Jan-2019 01:01:36.818 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 01:01:36.818 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 01:01:36.819 general: info: zone <redacted>.org/IN/external: loaded serial 2018122802
26-Jan-2019 01:01:36.819 general: info: zone <redacted>.org/IN/internal: loaded serial 2018081524
26-Jan-2019 01:01:36.819 general: info: zone <redacted>.local/IN/internal: loaded serial 2018071004
26-Jan-2019 01:01:36.820 general: info: zone localhost.localdomain/IN/internal: loaded serial 0
26-Jan-2019 01:01:36.820 general: info: zone corp.<redacted>.nl/IN/internal: loaded serial 2018121700
26-Jan-2019 01:01:36.820 general: info: zone <redacted>.nl/IN/internal: loaded serial 2019011000
26-Jan-2019 01:01:36.820 general: info: zone <redacted>.nl/IN/internal: loaded serial 2018082000
26-Jan-2019 01:01:36.821 general: info: zone <redacted>.info.disabled/IN/external: loaded serial 2018122400
26-Jan-2019 01:01:36.821 general: info: zone 1.0.0.127.in-addr.arpa/IN/internal: loaded serial 0
26-Jan-2019 01:01:36.821 general: info: zone <redacted>.link/IN/external: loaded serial 2018122401
26-Jan-2019 01:01:36.821 general: info: zone localhost/IN/internal: loaded serial 0
26-Jan-2019 01:01:36.821 general: warning: /var/named/external/<redacted>.nl.hosts:77: signature has expired
26-Jan-2019 01:01:36.823 general: info: zone <redacted>.nl/IN/external: loaded serial 2019011500 (DNSSEC signed)
26-Jan-2019 01:01:36.823 general: info: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/internal: loaded serial 0
26-Jan-2019 01:01:36.823 general: notice: all zones loaded
26-Jan-2019 01:01:36.824 general: notice: running
26-Jan-2019 01:01:38.140 general: info: managed-keys-zone/external: loaded serial 21043
26-Jan-2019 01:01:38.140 general: info: managed-keys-zone/internal: loaded serial 21043
26-Jan-2019 01:01:38.144 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 01:01:38.144 general: info: zone 0.in-addr.arpa/IN/internal: loaded serial 0
26-Jan-2019 01:01:38.145 general: info: zone <redacted>.nl.disabled/IN/external: loaded serial 2017020502
26-Jan-2019 01:01:38.145 general: info: zone <redacted>.org/IN/external: loaded serial 2018122802
26-Jan-2019 01:01:38.145 general: info: zone <redacted>.nl.disabled/IN/external: loaded serial 2017020502
26-Jan-2019 01:01:38.145 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 01:01:38.145 general: info: zone <redacted>.link/IN/external: loaded serial 2018122401
26-Jan-2019 01:01:38.145 general: info: zone <redacted>.info.disabled/IN/external: loaded serial 2018122400
26-Jan-2019 01:01:38.145 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122402
26-Jan-2019 01:01:38.146 general: warning: /var/named/external/<redacted>.nl.hosts:77: signature has expired
26-Jan-2019 01:01:38.147 general: info: zone <redacted>.nl/IN/external: loaded serial 2019011500 (DNSSEC signed)
26-Jan-2019 01:01:38.147 general: info: zone 0.10.10.in-addr.arpa/IN/internal: loaded serial 2018120501
26-Jan-2019 01:01:38.147 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 01:01:38.148 general: info: zone 1.0.0.127.in-addr.arpa/IN/internal: loaded serial 0
26-Jan-2019 01:01:38.148 general: info: zone <redacted>.org/IN/internal: loaded serial 2018081524
26-Jan-2019 01:01:38.148 general: info: zone localhost/IN/internal: loaded serial 0
26-Jan-2019 01:01:38.149 general: info: zone <redacted>.nl/IN/internal: loaded serial 2018082000
26-Jan-2019 01:01:38.149 general: info: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/internal: loaded serial 0
26-Jan-2019 01:01:38.150 general: info: zone corp.<redacted>.nl/IN/internal: loaded serial 2018121700
26-Jan-2019 01:01:38.150 general: info: zone <redacted>.nl/IN/internal: loaded serial 2019011000
26-Jan-2019 01:01:38.151 general: info: zone <redacted>.local/IN/internal: loaded serial 2018071004
26-Jan-2019 01:01:38.151 general: info: zone localhost.localdomain/IN/internal: loaded serial 0
26-Jan-2019 01:01:38.151 general: notice: all zones loaded
26-Jan-2019 01:01:38.152 general: notice: running
26-Jan-2019 10:19:01.965 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 10:19:01.978 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 19:28:59.796 general: info: received control channel command 'stop'
26-Jan-2019 19:28:59.797 general: info: shutting down: flushing changes
26-Jan-2019 19:28:59.797 general: notice: stopping command channel on 127.0.0.1#953
26-Jan-2019 19:28:59.822 general: notice: exiting
26-Jan-2019 19:28:59.974 general: info: managed-keys-zone/external: journal file is out of date: removing journal file
26-Jan-2019 19:28:59.975 general: info: managed-keys-zone/external: loaded serial 21079
26-Jan-2019 19:28:59.975 general: info: managed-keys-zone/internal: journal file is out of date: removing journal file
26-Jan-2019 19:28:59.975 general: info: managed-keys-zone/internal: loaded serial 21079
26-Jan-2019 19:28:59.975 general: info: zone <redacted>.info.disabled/IN/external: loaded serial 2018122400
26-Jan-2019 19:28:59.976 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122402
26-Jan-2019 19:28:59.976 general: info: zone <redacted>.nl.disabled/IN/external: loaded serial 2017020502
26-Jan-2019 19:28:59.976 general: info: zone 0.10.10.in-addr.arpa/IN/internal: loaded serial 2018120501
26-Jan-2019 19:28:59.977 general: info: zone <redacted>.org/IN/external: loaded serial 2018122802
26-Jan-2019 19:28:59.977 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 19:28:59.977 general: info: zone 1.0.0.127.in-addr.arpa/IN/internal: loaded serial 0
26-Jan-2019 19:28:59.977 general: info: zone <redacted>.local/IN/internal: loaded serial 2018071004
26-Jan-2019 19:28:59.977 general: info: zone <redacted>.org/IN/internal: loaded serial 2018081524
26-Jan-2019 19:28:59.978 general: info: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/internal: loaded serial 0
26-Jan-2019 19:28:59.978 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 19:28:59.978 general: info: zone <redacted>.nl/IN/external: loaded serial 2018122801
26-Jan-2019 19:28:59.978 general: info: zone <redacted>.link/IN/external: loaded serial 2018122401
26-Jan-2019 19:28:59.979 general: warning: /var/named/external/<redacted>.nl.hosts:77: signature has expired
26-Jan-2019 19:28:59.980 general: info: zone <redacted>.nl/IN/external: loaded serial 2019011500 (DNSSEC signed)
26-Jan-2019 19:28:59.980 general: info: zone corp.<redacted>.nl/IN/internal: loaded serial 2018121700
26-Jan-2019 19:28:59.983 general: info: zone <redacted>.nl.disabled/IN/external: loaded serial 2017020502
26-Jan-2019 19:28:59.983 general: info: zone 0.in-addr.arpa/IN/internal: loaded serial 0
26-Jan-2019 19:28:59.984 general: info: zone localhost/IN/internal: loaded serial 0
26-Jan-2019 19:28:59.984 general: info: zone <redacted>.nl/IN/internal: loaded serial 2019011000
26-Jan-2019 19:28:59.984 general: info: zone localhost.localdomain/IN/internal: loaded serial 0
26-Jan-2019 19:28:59.985 general: info: zone <redacted>.nl/IN/internal: loaded serial 2018082000
26-Jan-2019 19:28:59.985 general: notice: all zones loaded
26-Jan-2019 19:28:59.986 general: notice: running
26-Jan-2019 19:31:14.395 general: info: received control channel command 'sync <redacted>.org'
26-Jan-2019 19:31:14.404 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 19:31:14.413 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 19:31:14.421 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 19:31:14.439 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 19:31:14.447 general: info: received control channel command 'sync <redacted>.org'
26-Jan-2019 19:31:18.659 general: info: received control channel command 'sync <redacted>.org'
26-Jan-2019 19:31:18.667 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 19:31:18.675 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 19:31:18.683 general: info: received control channel command 'sync <redacted>.nl'
26-Jan-2019 19:31:18.700 general: info: received control channel command 'sync <redacted>.nl'
|
|
|
|
Should be fixed with https://access.redhat.com/errata/RHSA-2019:0194 and bind-9.9.4-73.el7_6. That package is currently in the build-and-release process.
Please retry once the update is installed. |
|
|
|
This was fixed upstream a while ago, closing |
|
