Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 1 May 1998 16:23:06 -0700 (PDT)
From:      Roger Marquis <marquis@roble.com>
To:        freebsd-isp@FreeBSD.ORG
Subject:   Re: Named disappeared
Message-ID:  <Pine.SUN.3.96.980501155218.27480A-100000@roble.com>
In-Reply-To: <3.0.2.32.19980501111807.00898290@veronet.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
> I checked out my name server (currently use 'named') and found out there is
> no 'named' show up on ps -x command. I re-boot it to start over again and
> it's working now and 'named' showed up on ps command. 

Could easily have been hackers attempting to exploit the latest bugs:

  http://www.rootshell.com/archive-ld8dkslxlxja/199707/bind.txt
  ftp://ftp.cert.org/pub/cert_advisories/CA-98.05.bind_problems

The only known (and 4.9 compatible) fix, bind-4.9.7, compiles easily
under 2.2.6 and can be found at:

  ftp://ftp.isc.org/isc/bind/src/testing/bind-4.9.7-T1B.tar.gz

It also could be a problem in the local DNS maps.  Have you run them
through nslint?

  ftp://ftp.freebsd.org/pub/FreeBSD/FreeBSD-current/ports/net/nslint.tar

In any case crashing named daemons are not entirely unheard of and should
be checked periodically.  We do this with an /etc/hourly cron script
containing:

  #!/bin/sh
  PATH=/sbin:/usr/sbin:/bin:/usr/bin
  NAMED="`ps auxww | grep name | grep -v grep`"
  if [ "$NAMED" = "" ]; then
    echo "named died and was restarted" | mail root
    named
  fi

Of course this doesn't fix the source of the problem.  To determine why
named might be crashing run it in debug mode:

  kill -USR1 `ps auxww|grep named|grep -v grep|head -1|awk '{print $2}'`
  tail -f /var/tmp/named.run

And watch your disk availability carefully before turning debugging
off:

  kill -USR2 `ps auxww|grep named|grep -v grep|head -1|awk '{print $2}'`
  cp /dev/null /var/tmp/named.run 

Roger Marquis
Roble Systems Consulting
http://www.roble.com/consulting


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SUN.3.96.980501155218.27480A-100000>