From owner-freebsd-questions@FreeBSD.ORG  Tue Jul 15 10:27:58 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 2D0FC106566B
	for <freebsd-questions@freebsd.org>;
	Tue, 15 Jul 2008 10:27:58 +0000 (UTC)
	(envelope-from smithi@nimnet.asn.au)
Received: from gaia.nimnet.asn.au (nimbin.lnk.telstra.net [139.130.45.143])
	by mx1.freebsd.org (Postfix) with ESMTP id 475B18FC18
	for <freebsd-questions@freebsd.org>;
	Tue, 15 Jul 2008 10:27:55 +0000 (UTC)
	(envelope-from smithi@nimnet.asn.au)
Received: from localhost (smithi@localhost)
	by gaia.nimnet.asn.au (8.8.8/8.8.8R1.5) with SMTP id UAA09743;
	Tue, 15 Jul 2008 20:27:34 +1000 (EST)
	(envelope-from smithi@nimnet.asn.au)
Date: Tue, 15 Jul 2008 20:27:33 +1000 (EST)
From: Ian Smith <smithi@nimnet.asn.au>
To: jonathan michaels <jlm@caamora.com.au>
In-Reply-To: <20080715085012.ADEE810656F1@hub.freebsd.org>
Message-ID: <Pine.BSF.3.96.1080715194603.29091D-100000@gaia.nimnet.asn.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Cc: Yuri Pankov <yuri.pankov@gmail.com>, freebsd-questions@freebsd.org
Subject: Re: named and its hourly reports
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Jul 2008 10:27:58 -0000

On Tue, 15 Jul 2008 12:22:06 +1000 jonathan michaels <jlm@caamora.com.au> wrote:

 > named now reports hourly
 > 
 > Jul 15 06:55:10 hid named[617]: could not listen on UDP socket: permission denied
 > Jul 15 06:55:10 hid named[617]: creating IPv4 interface tun0 failed; interface ignored
 > Jul 15 07:55:10 hid named[617]: could not listen on UDP socket: permission denied
 > Jul 15 07:55:10 hid named[617]: creating IPv4 interface tun0 failed; interface ignored
 > Jul 15 08:55:10 hid named[617]: could not listen on UDP socket: permission denied
 > Jul 15 08:55:10 hid named[617]: creating IPv4 interface tun0 failed; interface ignored
 > Jul 15 09:55:10 hid named[617]: could not listen on UDP socket: permission denied
 > Jul 15 09:55:10 hid named[617]: creating IPv4 interface tun0 failed; interface ignored
 > 
 > i've tried teh hand book, even muddled my way through google, teh only
 > reference that has surfaced is a pointer to the fact the this error
 > message is because named is running in a sandbox ??? d'ont know when
 > that happened but freebsd now runs named from a sandbox ..

By default .. you don't have to, but it's a very good idea these days.

 > this machine is a router/gateway and old 486 with a small scsi hdd that
 > is rapidly filling up from this and others, to my mind silly error
 > messages.
 > 
 > is there some way to fix thins, is it a hard error, can i run named not
 > in a sandbox, i'm also seeing other errors that seem (to my mind) to be
 > related to this, but i am not sure so i'm keeping my mouth shut untill
 > i can work it out and find teh real culprit ..

Jonathan, I don't think not running named in a sandbox would help here. 

As Yuri pointed out, named is scanning all interfaces, default hourly. 
I had a related problem on this laptop, with the same error messages -
after a suspend/resume the (pccard) interface wasn't coming up quickly
enough to beat named's (then overdue) interface scan, so named wouldn't
bind to that interface.  I fixed that by running the following script
from /etc/rc.resume:

#!/bin/sh
# 28/12/6 called by rc.resume; wait for pccard resume to reattach xe0 ..
doit() {
    sleep $1
    # logger -p user.notice stopping named
    /etc/rc.d/named stop
    # + 31/12/6 missed restart once .. try:
    sleep 1
    # logger -p user.notice restarting named
    /etc/rc.d/named start
}
delay=5; [ "$1" ] && delay=$1
doit $delay &
exit 0          # finish rc.resume so pccard resume can get on with it ..
 
Note that /etc/rc.d/named restart didn't work for me, nor rndc restart. 

However there are perhaps better ways to tackle this, depending on which
interface/s you *need* to have named listening on.  If you need named to
listen on the adddress of tun0 (pppoe, I suppose?) then you may need to
do something like the above whenever ppp connects, or reconnects, from a
suitable up-script for ppp.  The disadvantage is clearing named's cache.

If on the other hand you only need named listening on other interface/s
than tun0, use the 'listen on { $address; };' option/s to specify the
address/es to listen on.  The default is '*', the addresses associated
with each interface, as 'sockstat -4 | grep named' will show.  Don't
forget to include a 'listen on { 127.0.0.1; }' if you want localhost.

 > some pointers would be most appreciated .. i've been struggling with
 > this for aover a year now and do not know where else to go ??

You could have come here a year ago :)

cheers, Ian