-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Paul,
Do you still have the ixfr.db and required files to reproduce this? If
so, is it possible to mail them, so we can investigate it further. If
not, can you save the files the next time this happens?
Thanks,
Matthijs
On 01/28/2012 03:14 AM, Paul Wouters wrote:>
> Hi,
>
> I had a failed nsd server that was not running. The logs showed
> after I issued a "service nsd restart"
>
> Jan 27 18:04:18 ns1 nsd[29792]: ...stale pid file from process
> 29516 Jan 27 18:04:18 ns1 nsd[29793]: fallback to UDP4, no IPv6:
> not supported Jan 27 18:04:18 ns1 nsd[29793]: fallback to TCP4, no
> IPv6: not supported Jan 27 18:04:18 ns1 nsd[29793]: xfr: zone
> XXXXXX.org. not in config. Jan 27 18:04:18 ns1 nsd[29793]: no zone
> exists Jan 27 18:04:18 ns1 nsd[29793]: bad ixfr packet part 0 in
> /var/lib/nsd/ixfr.db Jan 27 18:04:18 ns1 nsd[29793]: marked xfr as
> failed: xfrd: zone XXXXXX.org received update to serial 2011121916
> at time 1324285447 from 193.110.157.135 in 1 parts Jan 27 18:04:18
> ns1 nsd[29793]: marked xfr so that next reload can succeed
>
> Running nsdc rebuild did not help. I had to rm
> /var/lib/nsd/ixfr.db before nsd would run again.
>
> Note that the server involved (193.110.157.135) had ceased to be,
> so any XFR was impossible.
>
> Looking back further in the logs, I think this is what happened.
>
> IXFR/AXFR's were failing due to the primary no longer allowing or
> running. Some state of these failures for those domains were stored
> in the ixfr.db. The operator (me) logged in, and edited the nsd
> config to remove those dead zones. Furthermore, the operator (me)
> ran "service nsd restart" without further looking, and logged
out.
> nsd failed to start due to various:
>
> Jan 15 18:06:50 ns1 nsd[14746]: marked xfr as failed: xfrd: zone
> xxxxxxxxx.org received update to serial 2011121916 at time
> 1324285408 from 193.110.157.135 in 2 parts
>
> Paul _______________________________________________ nsd-users
> mailing list nsd-users at NLnetLabs.nl
> http://open.nlnetlabs.nl/mailman/listinfo/nsd-users
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJPOQf1AAoJEA8yVCPsQCW5FR0IALJbgeJpijbVLCgqp3H0KUvS
ibnWwKR8JSAjxD/REodT0aIXlNv903E/pdCPqxzUEUlhkvX6kI2OKiB92TsAW9kN
/aB/Noqa4D+ywmcV+S//EODZ5E51wWFzqfRvmGbksIRdeUuMT6V0Gpxs//SHCxKk
R68hNhyDW2NQ7yIyfxcyXshC4I7S3AMv6oKzQh0vnQiAYXnLUCniwDiMkGk6w43u
F6OLOkHdL2UII9Qtl3Yx+HtS7vDTfVt84aOCG8qNTmsCpAqAnZvcjh9t2uZjI4wS
pQE7sRUyGISQuQiM2nl4rzm5Xg4cmiIUye2m7Kcvs20FoLvFP787n54f/3eg0is=Tn1R
-----END PGP SIGNATURE-----