Hi folks, Ubuntu 7.04 server amd64 (Host OS) bind9 VMWare $ sudo /etc/init.d/bind9 start Code: Password: * Starting domain name service... bind [ OK ] It worked w/o complaint. $ cat /var/log/messages | grep bind9 No printout $ cat /var/log/messages | grep bind Code: ....... Oct 22 10:19:40 ubuntu kernel: [ 21.840979] TCP bind hash table entries: 65536 (order: 8, 1048576 bytes) Oct 22 10:19:40 ubuntu kernel: [ 21.841382] TCP: Hash tables configured (established 262144 bind 65536) Oct 22 10:24:00 ubuntu kernel: [ 21.818484] TCP bind hash table entries: 65536 (order: 8, 1048576 bytes) Oct 22 10:24:00 ubuntu kernel: [ 21.818888] TCP: Hash tables configured (established 262144 bind 65536) Oct 22 10:34:43 ubuntu kernel: [ 22.883807] TCP bind hash table entries: 65536 (order: 8, 1048576 bytes) Oct 22 10:34:43 ubuntu kernel: [ 22.884211] TCP: Hash tables configured (established 262144 bind 65536) Oct 22 10:40:12 ubuntu kernel: [ 22.532074] TCP bind hash table entries: 65536 (order: 8, 1048576 bytes) Oct 22 10:40:12 ubuntu kernel: [ 22.532478] TCP: Hash tables configured (established 262144 bind 65536) Oct 22 11:01:01 ubuntu kernel: [ 21.910182] TCP bind hash table entries: 65536 (order: 8, 1048576 bytes) Oct 22 11:01:01 ubuntu kernel: [ 21.910586] TCP: Hash tables configured (established 262144 bind 65536) Oct 22 22:19:52 ubuntu kernel: [ 22.414739] TCP bind hash table entries: 65536 (order: 8, 1048576 bytes) Oct 22 22:19:52 ubuntu kernel: [ 22.415143] TCP: Hash tables configured (established 262144 bind 65536) Oct 23 07:32:56 ubuntu kernel: [ 22.380609] TCP bind hash table entries: 65536 (order: 8, 1048576 bytes) Oct 23 07:32:56 ubuntu kernel: [ 22.381012] TCP: Hash tables configured (established 262144 bind 65536) Oct 23 01:54:33 ubuntu kernel: [ 22.180044] TCP bind hash table entries: 65536 (order: 8, 1048576 bytes) Oct 23 01:54:33 ubuntu kernel: [ 22.180449] TCP: Hash tables configured (established 262144 bind 65536) Oct 23 01:58:08 ubuntu kernel: [ 21.958472] TCP bind hash table entries: 65536 (order: 8, 1048576 bytes) Oct 23 01:58:08 ubuntu kernel: [ 21.958876] TCP: Hash tables configured (established 262144 bind 65536) Oct 23 02:05:48 ubuntu kernel: [ 22.827121] TCP bind hash table entries: 65536 (order: 8, 1048576 bytes) Oct 23 02:05:48 ubuntu kernel: [ 22.827524] TCP: Hash tables configured (established 262144 bind 65536) Oct 23 03:55:15 ubuntu kernel: [ 22.587018] TCP bind hash table entries: 65536 (order: 8, 1048576 bytes) Oct 23 03:55:15 ubuntu kernel: [ 22.587421] TCP: Hash tables configured (established 262144 bind 65536) But on running; $ sudo /etc/init.d/bind9 restart Code: * Stopping domain name service... bind It hung here. On pressing [Ctrl]+c Code: rndc: connect failed: 127.0.0.1#953: operation canceled I found something on; $ cat /var/log/syslog | grep bind Code: ..... Oct 23 03:55:21 ubuntu named[4500]: starting BIND 9.3.4 -u bind -t /var/lib/named Oct 23 03:55:21 ubuntu named[4500]: loading configuration from '/etc/bind/named.conf' Oct 23 04:05:32 ubuntu named[5083]: starting BIND 9.3.4 -u bind -t /var/lib/named Oct 23 04:05:32 ubuntu named[5083]: loading configuration from '/etc/bind/named.conf' Oct 23 04:05:32 ubuntu named[5083]: binding TCP socket: address in use Oct 23 04:05:32 ubuntu named[5083]: binding TCP socket: address in use Oct 23 04:05:32 ubuntu named[5083]: binding TCP socket: address in use $ sudo /etc/init.d/bind9 stop Code: * Stopping domain name service... bind the same, also hanging. [Ctrl]+c Code: rndc: connect failed: 127.0.0.1#953: operation canceled Where shall I check and how to correct the "restart" problem. TIA Edit: It is the firewall causing the problem. $ sudo iptables -F Password: $ sudo /etc/init.d/bind9 stop Code: * Stopping domain name service... bind [ OK ] $ cat /etc/rc.local | grep 953 No printout $ cat /etc/rc.local | grep 127.0.0.1 Code: iptables -I OUTPUT 3 -j REJECT -s 127.0.0.1 --reject-with icmp-port-unreachable satimis
try to configure bind to write logs to another log file and the try to reload bind with this kill -HUP `cat /var/run/named.pid` and also check the files perms try something like this the log file logging{ channel my_log { file "/var/log/bind/named.log"; severity dynamic; print-time yes; print-severity yes; print-category yes; }; category default{ my_log; }; };
Thanks for your advice. Problem already solved after rebooting PC and stopping firewall. Performed following test; $ ps aux | grep bind Code: bind 4532 0.0 0.1 62500 3548 ? Ssl 16:58 0:00 /usr/sbin/named -u bind -t /var/lib/named satimis 5684 0.0 0.0 5024 832 pts/0 S+ 18:17 0:00 grep bind $ ps aux | grep bind9 Code: satimis 5686 0.0 0.0 5020 828 pts/0 S+ 18:18 0:00 grep bind9 bind was running. $ sudo /etc/init.d/bind9 restart Code: * Stopping domain name service... bind rndc: connect failed: 127.0.0.1#953: operation canceled It was hanging there until I cancelled the operation manually. $ cat /var/log/syslog | grep bind9 No printout $ tail /var/log/syslog Code: Oct 26 16:58:52 ubuntu kernel: [ 65.194323] vmnet1: no IPv6 routers present Oct 26 17:09:02 ubuntu /USR/SBIN/CRON[5352]: (root) CMD ( [ -d /var/lib/php5 ] && find /var/lib/php5/ -type f -cmin +$(/usr/lib/php5/maxlifetime) -print0 | xargs -r -0 rm) Oct 26 17:17:01 ubuntu /USR/SBIN/CRON[5381]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly) Oct 26 17:38:27 ubuntu -- MARK -- Oct 26 17:39:01 ubuntu /USR/SBIN/CRON[5453]: (root) CMD ( [ -d /var/lib/php5 ] && find /var/lib/php5/ -type f -cmin +$(/usr/lib/php5/maxlifetime) -print0 | xargs -r -0 rm) Oct 26 17:58:27 ubuntu -- MARK -- Oct 26 17:58:33 ubuntu named[4532]: listening on IPv4 interface vmnet8, 192.168.213.1#53 Oct 26 17:58:33 ubuntu named[4532]: listening on IPv4 interface vmnet1, 172.16.77.1#53 Oct 26 18:09:01 ubuntu /USR/SBIN/CRON[5636]: (root) CMD ( [ -d /var/lib/php5 ] && find /var/lib/php5/ -type f -cmin +$(/usr/lib/php5/maxlifetime) -print0 | xargs -r -0 rm) Oct 26 18:17:01 ubuntu /USR/SBIN/CRON[5676]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly) Seems nothing in connection with my operation. $ cat /var/log/syslog | grep bind | tail - Code: Oct 26 07:53:27 ubuntu named[4540]: starting BIND 9.3.4 -u bind -t /var/lib/named Oct 26 07:53:27 ubuntu named[4540]: loading configuration from '/etc/bind/named.conf' Oct 26 08:47:07 ubuntu kernel: [ 22.412987] TCP bind hash table entries: 65536 (order: 8, 1048576 bytes) Oct 26 08:47:07 ubuntu kernel: [ 22.413391] TCP: Hash tables configured (established 262144 bind 65536) Oct 26 08:47:24 ubuntu named[4590]: starting BIND 9.3.4 -u bind -t /var/lib/named Oct 26 08:47:24 ubuntu named[4590]: loading configuration from '/etc/bind/named.conf' Oct 26 16:58:26 ubuntu kernel: [ 22.662420] TCP bind hash table entries: 65536 (order: 8, 1048576 bytes) Oct 26 16:58:26 ubuntu kernel: [ 22.662824] TCP: Hash tables configured (established 262144 bind 65536) Oct 26 16:58:33 ubuntu named[4532]: starting BIND 9.3.4 -u bind -t /var/lib/named Oct 26 16:58:33 ubuntu named[4532]: loading configuration from '/etc/bind/named.conf' Nothing showing the cause of the problem of hanging. $ sudo iptables -F No complaint $ sudo /etc/init.d/bind9 restart Code: * Stopping domain name service... bind [ OK ] * Starting domain name service... bind [ OK ] It worked without problem. I was following these doc building this virtual machine with Ubuntu 7.04 as Host OS; Server Virtualization Tips http://searchservervirtualization.techtarget.com/tip/0,289483,sid94_gci1241828,00.html http://searchservervirtualization.techtarget.com/tip/0,289483,sid94_gci1242833,00.html The author put restrict firewall rules. It must have reasons. Code: - --- BEGIN COPY --- # # INPUT # # allow all incoming traffic from the management interface NIC # as long as it is a part of an established connection iptables -I INPUT 1 -j ACCEPT -d MGMT_NIC_IP -m state --state RELATED,ESTABLISHED # allow all ssh traffic to the management interface NIC iptables -I INPUT 2 -j ACCEPT -p TCP -d MGMT_NIC_IP --destination-port 22 # allow all VMware MUI HTTP traffic to the management interface NIC iptables -I INPUT 3 -j ACCEPT -p TCP -d MGMT_NIC_IP --destination-port 8222 # allow all VMware MUI HTTPS traffic to the management interface NIC iptables -I INPUT 4 -j ACCEPT -p TCP -d MGMT_NIC_IP --destination-port 8333 # allow all VMware Authorization Daemon traffic to the management interface NIC iptables -I INPUT 5 -j ACCEPT -p TCP -d MGMT_NIC_IP --destination-port 902 # reject all other traffic to the management interface NIC iptables -I INPUT 6 -j REJECT -d MGMT_NIC_IP --reject-with icmp-port-unreachable # # OUTPUT # # allow all outgoing traffic from the management interface NIC # if it is a part of an established connection iptables -I OUTPUT 1 -j ACCEPT -s MGMT_NIC_IP -m state --state RELATED,ESTABLISHED # allow all DNS queries from the management interface NIC iptables -I OUTPUT 2 -j ACCEPT -s MGMT_NIC_IP -p UDP --destination-port 53 # reject all other traffic from localhost iptables -I OUTPUT 3 -j REJECT -s 127.0.0.1 --reject-with icmp-port-unreachable # reject all other traffic from the management interface NIC iptables -I OUTPUT 4 -j REJECT -s MGMT_NIC_IP --reject-with icmp-port-unreachable - --- END COPY --- MGMT_NIC_IP = IP Address of the server (/etc/rc.local of Ubuntu 7.04) I have been trying to understand the rules without a clear picture. Any advice? OR can any folk on the forum shed me some light? TIA Where shall I put your script ??? Thanks. B.R. satimis
$ cat /etc/init.d/bind9 Code: .... restart) $0 stop sleep 2 $0 start ;; *) log_action_msg "Usage: /etc/init.d/bind9 {start|stop|reload|restart|force-reload}" exit 1 ;; esac satimis
$ sudo cp -p /etc/init.d/bind9 /etc/init.d/bind9.origin $ sudo nano /etc/init.d/bind9 Change "sleep 2" to "sleep 5" $ cat /etc/init.d/bind9 | grep sleep Code: sleep 5 $ sudo /etc/init.d/bind9 reload Code: * Reloading domain name service... bind rndc: connect failed: 127.0.0.1#953: operation canceled still hanging there. $ sudo iptables -F $ sudo /etc/init.d/bind9 reload Code: * Reloading domain name service... bind [ OK ] satimis