BIND9 and empty responses

Matthew Carpenter matt
Tue Jun 14 20:58:55 PDT 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

David Bandel wrote:

>Folks,
>
>OK, I administer a number of systems, including those of my Internet
>provider. He has 2 BIND 9.3.1 boxes (one is Debian on Sparc, the
>other is RH or some derivative thereof).
>
>He has 98 domains. Today, for some strange reason, two of those
>domains stopped responding. That is, you could dig, but you'd only
>get an empty set returned. Not no reponse, just literally an empty
>answer.
>
>Finally put those two on the slave as masters and all is working.
>
>Things I looked at/for:
>1. problems with named.conf (domains above and below responded fine,
>and all syntax looks good -- nothing in the logs indicating an error).
>2. permissions on files/directories where the zone files were located
>-- no problems there
>3. possible line termination problem (i.e., someone edited them in
>DOS). No, not there either, all had UNIX terminations (i.e., \n).
>
>If anyone has any ideas at all, I'm all ears. dig +trace SOA @host
>domain.com showed all normal, just a blank line where the SOA should
>be. I've gone over the files until I'm blind.
>
>Got me baffled.

Should we assume, since you moved the master to the other box, that
restarting named didn't resolv the issue?
Would you mind making your named.conf and the two zone files available?

If a restart resolved the issue, I would suggest an unknown bug (or
known by bad folks) in the service itself.  Bit the service bug would
be resolved by killing the process and restarting it.

What process did you follow, exactly, in switching the slave to a
master and what was the last access-time for the slave zone files?

Wierd.  I don't suppose you can now reproduce it (ie.  files all
modified from the slave <-> master swap)?  If everything was as you
describe, I'm now intrigued as well.

- --
Matthew Carpenter
matt at eisgr.com                          http://www.eisgr.com/

Enterprise Information Systems
* Network Server Appliances
* Security Consulting, Incident Handling & Forensics
* Network Consulting, Integration & Support
* Web Integration and E-Business
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCr0M3so9lqh4MragRAs9IAKCQTroFkqW9yAUg0o0bRw8/OKkidwCeMNJV
MUhiYVI/rhugs0ojSDyucso=
=guzm
-----END PGP SIGNATURE-----

More information about the Linux-users mailing list