Date: Sat, 2 May 2020 11:29:07 -0600 From: The Doctor <doctor@doctor.nl2k.ab.ca> To: Christoph Moench-Tegeder <cmt@burggraben.net> Cc: freebsd-ports@freebsd.org Subject: Re: Bind 9.16 port error still lingers Message-ID: <20200502172907.GA59662@doctor.nl2k.ab.ca> In-Reply-To: <20200502165318.GB4453@elch.exwg.net> References: <20200502140501.GA16385@doctor.nl2k.ab.ca> <20200502143210.GA4453@elch.exwg.net> <20200502151636.GA22397@doctor.nl2k.ab.ca> <20200502165318.GB4453@elch.exwg.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, May 02, 2020 at 06:53:18PM +0200, Christoph Moench-Tegeder wrote:
> ## The Doctor via freebsd-ports (freebsd-ports@freebsd.org):
>
> > > > Subject: Bind 9.16 port error still lingers
> > >
> > > "Still"?
>
> You seemed to imply that there was a known problem in our bind port.
> While I doubt the existence of a problem with this severity (at least
> my and other people's bind instances are happily serving away), a pointer
> to that previous description could still be quite helpful.
>
> > > > May 1 21:29:02 gallifrey named[90441]: parser.c:950: REQUIRE(obj != ((void *)0) && obj->type->rep == &cfg_rep_uint32) failed, back trace
> > >
> > > Some (configuration) value should be an integer, but isn't.
>
> Have you checked your configuration for that type of problem?
> Even a simple named-checkconf could go a long way here.
>
> > and ls -Fail /var/run/named.pid
> >
> > -rw-r--r-- 1 root wheel 6 May 1 21:38 /var/run/named.pid
>
Even with the changes still the parser error exists.
> And that's still not the default location, and again the pid file was
> created via the workaround code - else that file would have been written
> as user "bind" - which only works at the default location, which is why
> we have that default location.
>
> Your configuration differs from the default configuration in more than
> "local addresses and zones", but you have given neither details nor
> rationale on your changes - all we have is some deductions from error
> messages. That might make for a good detective story, but does not
> really expedite technical analysis.
>
Then let's look at the file:
//Use with the following in named.conf, adjusting the allow list as needed:
key "rndc-key" {
algorithm hmac-md5;
secret "7ZbGK94NdSa2WACxx72W1w==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
acl loclnetworks{
127.0.0.1;
::1;
10.8.0.0/24;
204.209.81.0/24;
};
// generated by named-bootconf.pl
options {
directory "/usr/local/etc/namedb";
pid-file "/var/run/named/pid";
dump-file "/usr/local/etc/namedb/named.core";
max-ncache-ttl 86400;
recursive-clients 100;
//recursive no;
reserved-sockets 32;
tcp-clients 40;
tcp-listen-queue 14;
zone-statistics yes;
//forwarders { 208.67.222.222; 208.67.220.220; };
blackhole {
65.94.172.87;
67.68.204.41;
74.15.184.13;
65.94.173.208;
};
allow-transfer {
204.209.81.1;
204.209.81.14;
};
allow-notify {
204.209.81.1;
204.209.81.14;
};
also-notify {
204.209.81.1 port 53;
204.209.81.14 port 53;
};
query-source address 204.209.81.3 port 53;
version "no";
listen-on {204.209.81.3; 127.0.0.1; };
disable-algorithms . {
DSA;
};
};
// directory where cache files are stored
// type domain source (ip/file) backup file
// --------- ------------------------ -------------------- ----------
zone "." {
type hint;
file "root.cache";
};
And the rest zone files.
> Regards,
> Christoph
>
> --
> Spare Space
> _______________________________________________
> freebsd-ports@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-ports
> To unsubscribe, send any mail to "freebsd-ports-unsubscribe@freebsd.org"
--
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising!
https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism
One kind word can warm three winter months. -Japanese proverb
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20200502172907.GA59662>