-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, The new beta for NSD4 is available, NSD4.0.0b2: http://nlnetlabs.nl/downloads/nsd/nsd-4.0.0b2.tar.gz sha1 e093d1519bf2e3f3c458ccf41aec45dce6a84a84 sha256 966bd0a7cdc29654df6579904d6833abfcd913428d68801f49853db7867e86a5 This software is in beta. NSD4 includes a ratelimiting implementation (with --enable-ratelimit) which is the same as in NSD3. This is an update from beta1, which pulls it with bugfixes closer to NSD3, and also fixes NSD4 specific issues. It implements that repattern picks up zone changes (added and removed, and also the options) from nsd.conf. Changes: - - Fix for use with libev. - - 'nsd-control start' runs an absolute path to start sbin/nsd. - - Fix for use with libevent-2.1.2. - - --with-logfile sets the logfile inside the example documentation. - - Fixed addzone and delzone inside chroot (thanks Will Pressly). - - repattern also rereads the zones in the config file and applies that to the running server. - - Fix make outside of source directory. - - Merge changes from 3.2.15 (such as xname-rcode fix). Please report user experiences, bugs and omitted features. Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iQIcBAEBAgAGBQJQ7or0AAoJEJ9vHC1+BF+Nf1YP/1ujHk8fHP3nWYJHqoNhRbIt M1ECtTOItyc9rdRJ4U73jra8jKyYg6Gfg4YEmsgsM+G1JmXN+VuZ9IrAHqGz+7XG PbHnwnDv+1wSXFX+DUPy7dZ1wsnQvqktc9F6ki6MMKidEGXTzZB3S8IFfrq7tVLL Zr9GY7BNhRm4utNxwPgTTeMcmY28kgrozCeqfksMv1sAhXz3q1XGTbZy+JU0V/7N pnRSXLaYRYWeWeUfC+qJizxfpOVHN2T+SWY2o8jFTzdMm1rEeo1Kuesl/q3nNTFW ZlxinI63Lzm+rJmIuyiK0O4S64iFR6ayQfyIYDOmRxz+htQuMcPNGVNMfsxDa54S gjLa1D1IDvcAv7GvAAt+PzoTLc26DKa8dM+AWjKffM7PubZE6ZfxnCu/6TC22V3h 4bvC/ngzsbunAy0PBKMK04lKGZN/szu1P/JHGpVdV5naNbEF24vSrpWO4aYzzA4U PWiguI4Vdmi7wQ6Kvki7/ZNQexSdWpr0Iaf/T6arMOYjL7sM+pgU5AlpiSE3lxPW 2d05PEXBP/VaSBIFuV3kKqdMIdCwno2bmBvV8AfT+YvQ/rwcF6j4UBqwwjFUozK1 CYcWbpG48wnpHG2XaZGTl7u/IuTmRBCtpnZLxveLpGQN//wmUNKT4LvV2q106/ai TM1CQnk1yyQsEt5JVu/3 =XKPm -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 10-01-13 10:33, W.C.A. Wijngaards wrote:> Hi, > > The new beta for NSD4 is available, NSD4.0.0b2: > > Please report user experiences, bugs and omitted features. >1) No mention of libevent/libev support in README. 2) I'm running into the issue described in http://open.nlnetlabs.nl/pipermail/nsd-users/2011-March/001219.html This is on Gentoo linux, using gcc 4.5.2 (hardened). Using -fno-inline also fixes it, switching to gcc 4.6.3 too. The thread isn't completed with a resolution, and I can't seem to find a related bug in bugzilla either. 3) Nitpick: nsd.conf.sample has a mix of tabs and spaces in indentation, which ruins formatting when you set tabsize to anything else than 4 spaces. Got really really confused reading pattern: and key: sections with tabsize=2 :) Kind regards, Tom -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCAAGBQJQ9yl3AAoJEJPfMZ19VO/15y4QAKKuLWq3lMAyVhl7/Xvf0eP2 PTqar0oRn5IxFnMLTmC/Ih8NBTUEMzrv47XpyJ24+5Ia9JWmSeYcWalKPfmYdBE2 kJgTFH3lQ6qaXcwGpsx13M9O/K6jGaDVtJKdtBE0PZBbnvYa7m8LDDNZjMNTjfW1 GqKQ/HidfTXmCoel7TfTWo65uwXSDluqosjM69IAwV4yLvI1T65fJ5dRiMYRQZHl ZZx7NQqf+zWcnl0YQNQpDexyUY9gcGXSnY72saeO4oPiSDfaJiyt19t/3dL2c5YC G1eXdLfFucpOgfdRHEzAZ1TfYfyWDibl2h74iv9sJAeSFphCl+VTom3agW9MJCVa PS31NjToxVcZySepKGuzfRWzj3zsb5EzQJGTjZ9PbEJX2ofa+dPwhjeFX35SLUYa ie3fDE8YMb65LUC+r0y7ycSfJswPvtcmxZEr5h0nfCDAPQ8vJUZLQVf4jQo/nwHi YEC4OjFJDE197jepyfEgzZ/tozkhHBBpLMZ0T4qaEh2ItLgpmE7wEi5qYbOeVWL3 lDNIcaskLqU5Z7xwDvVt70uRmbBzwXXKegquAM4cBuhSwW+JMw1rqPMJN7JNM5Y/ /5qggNbIkyDrbrTHpCg0WGLAhhpXx9jgsW7oin/AQn3oJZt4Zd36MA+kjklWU5zf VJHWXzVVEB3SiYEgx4rC =Iz1U -----END PGP SIGNATURE-----
Am 10.01.2013 10:33 schrieb W.C.A. Wijngaards:> The new beta for NSD4 is available, NSD4.0.0b2:first of all: I updated some nameservers to nsd4b2 and they still run fine. So thanks for such good software... 1. is there a separate mailinglist for developement? 2. when comiling 4.0.0b2 I gave no special --with-xfrdir so it defaults to /tmp $CHROOT/tmp did not exist and I got this: Jan 19 14:29:10 nsd[24553]: error: /tmp/nsd.24553.task.0: No such file or directory Jan 19 14:29:10 nsd[24553]: error: /tmp/nsd.24553.task.1: No such file or directory Segmentation fault short fix: install -d $CHROOT/tmp note the segfault, that should be alarm us. 3. my nsd.db was not writeable for the nsd user: "server preparation failed, nsd could not be started" that also leaves two taksfiles in $CHROOT/tmp which should be deleted before nsd is exiting. 4. I played arround with the rrl feature and set "rrl-ratelimit: 2" now I fire some "dig @$(NSD) example.org. ANY" I found "info: ratelimit block example.org any target $mynetwork/64" and "ratelimit unblock" but then the server starts logging this : nsd[19065]: warning: server 27369 died unexpectedly with status 6, restarting nsd: ./buffer.h:252: buffer_write_at: Assertion `buffer_available_at(buffer, at, count)' failed. nsd[19065] is the parent, nsd[27369] looks like the child that died. btw. I never noticed that a query was not anwered!? 5. I run nsd from a superviser and use option -d to start nsd. Now I see three processes: # ps afx | grep nsd | grep -v grep 7434 ? S 0:00 | \_ supervise nsd 18899 ? S 0:00 | | \_ /usr/sbin/nsd -d 19065 ? S 0:01 | | \_ /usr/sbin/nsd -d 31565 ? S 0:00 | | \_ /usr/sbin/nsd -d is there a better solution to run nsd supervised? Thanks Andreas -- Andreas Schulze Internetdienste | P252 DATEV eG 90329 N?rnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail info @datev.de | Internet www.datev.de Sitz: 90429 N?rnberg, Paumgartnerstr. 6-14 | Registergericht N?rnberg, GenReg Nr.70 Vorstand Prof. Dieter Kempf (Vorsitzender) Dipl.-Kfm. Wolfgang Stegmann (stellvertretender Vorsitzender) Dipl.-Kfm. Michael Leistenschneider Dipl.-Kfm. Dr. Robert Mayr J?rg Rabe v. Pappenheim Dipl.-Vw. Eckhard Schwarzer Vorsitzender des Aufsichtsrates: Reinhard Verholen
Am 10.01.2013 10:33 schrieb W.C.A. Wijngaards:> The new beta for NSD4 is available, NSD4.0.0b2:I see some errors I do not unserstand. master & slave: 4.0b2, verbosity 2 master.conf: ------------------------------------------------- zone: name: "example.org." zonefile: "/etc/nsd/zones/example.org" notify: $slave_ipv6 NOKEY provide-xfr: $slave_ipv6/128 NOKEY slave.conf: ------------------------------------------------- zone: name: "example.org." zonefile: "/etc/nsd/zones/example.org" allow-notify: $master_ipv6/128 NOKEY request-xfr: $master_ipv6 NOKEY starting the "empty" slave: nsd[27825]: info: zonefile /etc/nsd/zones/example.org does not exist nsd[27825]: notice: nsd started (NSD 4.0.0b2), pid 27792 nsd[27792]: info: xfrd: zone example.org. written received XFR from $master_ipv6 with serial 1358734044 to disk nsd[27792]: info: xfrd: zone example.org. written received XFR from $master_ipv6 with serial 1358734044 to disk nsd[27792]: info: xfrd: zone example.org. written received XFR from $master_ipv6 with serial 1358734044 to disk nsd[27792]: info: xfrd: zone example.org. committed "received update to serial 1358734044 at 2013-01-21T12:25:36 from $master_ipv6" nsd[27827]: info: rehash of zone example.org. with parameters 1 0 1 - nsd[27827]: info: zone example.org. received update to serial 1358734044 at 2013-01-21T12:25:36 from $master_ipv6 of 32745 bytes in 4295.4 seconds nsd[27792]: info: Zone example.org. serial 0 is updated to 1358734044. -> why "in 4295.4 seconds" master log nothing. while the masterzone has not changed the serialnumber I run "nsd-control transfer". Output: "ok, 1 zones" Returncode: 0 Slave start logging: nsd[27792]: info: new control connection from ::1 nsd[27792]: info: control cmd: transfer nsd[27792]: info: Handle incoming notify for zone example.org. nsd[27792]: error: xfrd: zone example.org. received error code NOT IMPL from $master_ipv6 nsd[27792]: info: xfrd: zone example.org. bad transfer 0 from $master_ipv6 nsd[27792]: info: xfrd: zone example.org. bad transfer 0 from $master_ipv6 nsd[27792]: info: xfrd: zone example.org. bad transfer 0 from $master_ipv6 same time @master: nsd[7414]: error: failed reading from tcp: Connection reset by peer nsd[7414]: error: failed reading from tcp: Connection reset by peer -> would be helpfull to log the client ip here. If I run "nsd-control force_transfer" I get the same logs as if I started with an empty slave. Is this normal? Andreas -- Andreas Schulze Internetdienste | P252 DATEV eG 90329 N?rnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail info @datev.de | Internet www.datev.de Sitz: 90429 N?rnberg, Paumgartnerstr. 6-14 | Registergericht N?rnberg, GenReg Nr.70 Vorstand Prof. Dieter Kempf (Vorsitzender) Dipl.-Kfm. Wolfgang Stegmann (stellvertretender Vorsitzender) Dipl.-Kfm. Michael Leistenschneider Dipl.-Kfm. Dr. Robert Mayr J?rg Rabe v. Pappenheim Dipl.-Vw. Eckhard Schwarzer Vorsitzender des Aufsichtsrates: Reinhard Verholen