Bind problems - FIXED

kwebdesign · Unread post by **kwebdesign** » Thu Jun 26, 2008 10:58 am

CentOS 4, Plesk 8.4

Yesterday, I updated caching-nameserver and freetype. Today, all of the sudden, Bind just quit working. I tried to restart it, and got a message about rndc.key being missing or invalid, so I followed some instructions I found to regenerate the key and update named.conf.

Now, named starts fine, and the status shows that it's running with 37 zones loaded. However, whenever I do a lookup against it, I get SERVFAIL. I've verified that all the entries are in named.conf and restarted the service several times - I can't seem to pinpoint what the problem is.

Has anyone else had any trouble with the recent update of caching-nameserver (I'm assuming that was the culprit)? Any advice as to what to look at next?

UPDATE: I fixed it. Somehow, in named.conf, the directory option got set to /var/named instead of /var. Once I updated that and restarted, it worked.

Unread post by **scott** » Thu Jun 26, 2008 11:14 am

Yeah looks like it has replaced the default named.conf, easy enough fix do the following:

cp /var/named/run-root/etc/named.conf.rpmsave /var/named/run-root/etc/named.conf

and restart named

kwebdesign · Unread post by **kwebdesign** » Thu Jun 26, 2008 11:48 am

Oh, sure - if you want to do it the easy way. I prefer to research vague error messages and run down rabbit holes for a couple of hours first...

What threw me off was that I updated it yesterday, and everything was fine. Then suddenly it quit working today. I now realize that it actually did quit working yesterday, but DNS caching prevented me from noticing until the records started expiring today.

Lesson learned.

breun · Unread post by **breun** » Thu Jun 26, 2008 7:00 pm

The caching-nameserver package should not be installed on your Plesk server as it is known to cause problems (just like bind-chroot). See this knowledge base article: http://kb.parallels.com/en/234 (but don't exclude kernel updates like they tell you in that KB article).

kwebdesign · Unread post by **kwebdesign** » Thu Jun 26, 2008 10:50 pm

Thanks, breun - good to know. I had problems years ago with bind-chroot, but I wasn't aware that caching-nameserver could also cause trouble. I have removed it completely.

Kalimari · Unread post by **Kalimari** » Fri Jun 27, 2008 4:36 am

I just checked /etc/sysconfig/rhn/up2date and noticed that kernel* was in pkgSkipList. So removed it and ran up2date --dry-run, this was the result:

Code: Select all

Testing package set / solving RPM inter-dependencies...
########################################

Name                                    Version        Rel
kernel-smp                              2.6.9          67.0.20.EL        i686
kernel-utils                            2.4            13.1.105          i386

I take it that these updates should be added and won't cause any issues with Atomic on RHEL4/Plesk 8.4 running on a single Intel Core2 Duo processor?

Should /etc/yum.conf exclude sendmail bind-chroot caching-nameserver as suggested on the KB? It has entries as follows:

Code: Select all

installonlypkgs=kernel kernel-smp kernel-devel kernel-smp-devel kernel-largesmp kernel-largesmp-devel kernel-hugemem kernel-hugemem-devel

Thanks

breun · Unread post by **breun** » Fri Jun 27, 2008 5:16 am

Kalimari wrote:I just checked /etc/sysconfig/rhn/up2date and noticed that kernel* was in pkgSkipList. So removed it and ran up2date --dry-run, this was the result:
Code: Select all
Testing package set / solving RPM inter-dependencies...
########################################

Name                                    Version        Rel
kernel-smp                              2.6.9          67.0.20.EL        i686
kernel-utils                            2.4            13.1.105          i386
I take it that these updates should be added and won't cause any issues with Atomic on RHEL4/Plesk 8.4 running on a single Intel Core2 Duo processor?

This is the current RHEL kernel, so no, that shouldn't cause any problem with RHEL.

Should /etc/yum.conf exclude sendmail bind-chroot caching-nameserver as suggested on the KB?

As long as you don't install these packages you won't have any problems. You could explicitly exclude them to protect yourself from installing them, but you can also just not install them.

It has entries as follows:

Code: Select all

installonlypkgs=kernel kernel-smp kernel-devel kernel-smp-devel kernel-largesmp kernel-largesmp-devel kernel-hugemem kernel-hugemem-devel

See the man page for yum.conf. The exclude and installonlypkgs directives are not the same (quite the opposite actually). Do you use both up2date and yum?

Kalimari · Unread post by **Kalimari** » Fri Jun 27, 2008 5:27 am

I only use yum which explains why I never spotted the up2date exclusions notice. The RH system uses up2date and runs updates automatically... I'll remove kernel*; from /etc/sysconfig/rhn/up2date... Just wanted to check first

Thanks breun!

breun · Unread post by **breun** » Fri Jun 27, 2008 5:30 am

If you don't mind your OS slowly changing into CentOS (which doesn't come with paid support, but is 100% compatible with RHEL otherwise) you could move everything to yum, which can also install updates automatically if you like, and deal with all updates through one program.

Kalimari · Unread post by **Kalimari** » Fri Jun 27, 2008 7:05 am

I have 12 months of RH subscription with my dedi box, but will discuss not renewing this with host and if possible (gradually) move over to CentOS. Thanks again for your advice breun!