Hi Michael,
Did the interface address change? The IP address is listed in nsd.conf.
Perhaps the interface is down or unusable during early system startup,
the options ip-freebind and ip-transparent allow you to bind to the
address even though it does not (yet) exist. Perhaps one of these
options can solve your problem?
Best regards, Wouter
On 13/02/17 14:35, Michael A. Peters wrote:> First from /var/log/messages -
>
> Feb 13 13:22:29 li354-217 systemd: Cannot add dependency job for unit
> microcode.service, ignoring: Unit is not loaded properly: Invalid argument.
> Feb 13 13:22:29 li354-217 systemd: Started NSD DNS Server.
> Feb 13 13:22:29 li354-217 systemd: Starting NSD DNS Server...
> Feb 13 13:22:29 li354-217 nsd[30882]: nsd starting (NSD 4.1.14)
> Feb 13 13:22:29 li354-217 nsd: [2017-02-13 13:22:29.498] nsd[30882]:
> notice: nsd starting (NSD 4.1.14)
> Feb 13 13:22:29 li354-217 nsd[30882]: can't bind udp socket: Cannot
> assign requested address
> Feb 13 13:22:29 li354-217 nsd: [2017-02-13 13:22:29.500] nsd[30882]:
> error: can't bind udp socket: Cannot assign requested address
> Feb 13 13:22:29 li354-217 nsd[30882]: server initialization failed, nsd
> could not be started
> Feb 13 13:22:29 li354-217 nsd: [2017-02-13 13:22:29.518] nsd[30882]:
> error: server initialization failed, nsd could not be started
> Feb 13 13:22:29 li354-217 systemd: nsd.service: main process exited,
> code=exited, status=1/FAILURE
> Feb 13 13:22:29 li354-217 systemd: Unit nsd.service entered failed state.
> Feb 13 13:22:29 li354-217 systemd: nsd.service failed.
>
> I assume the microcode.service is an unrelated CentOS 7 bug, based on
> google searches, seems to be harmless noise caused by a bad regex and
> doesn't cause services to fail. The rest though is NSD not starting.
>
> NSD 4.1.14
>
> The host is a Linode VM that was running just fine for a long time. All
> the host does is NSD. Another just like it still running fine.
>
> This host that is not starting, a few days ago Linode migrated the VM to
> a different machine and I suspect that is the cause.
>
> It's not firewall, I turned it off and tried just to make sure.
>
> It's not anything else using port 53 - no bind or unbound, and an nmap
> of the host shoes port 53 closed, not listening or blocked.
>
> I suspect something to do with how the image was migrated resulted in
> port 53 no longer working. My ssh still works (only other service
> listening) but I use a custom high port above 1024 for that.
>
> linode uses KVM - I really only have experiences as a client running an
> image, not in the KVM side of things itself.
>
> Anyone know what might be possibly NSD on an image that ran well for
> over a year to suddenly no longer be able to bind to port 53? The two
> suggestions I got from linode support staff I had already checked and
> weren't the issue (first suggested I had started bind, second suggested
> my firewall was the issue, I verified both were not the cause BEFORE I
> filed a ticket) so I think they are clueless.
>
> Same setup on another host that wasn't migrated is still working
peachy.
>
> This is my third nameserver, so with this not running I only have two
> and I do not like to only have two.
>
> It's a slave, not a master.
>
> Thank you for any suggestions.
> _______________________________________________
> nsd-users mailing list
> nsd-users at NLnetLabs.nl
> https://open.nlnetlabs.nl/mailman/listinfo/nsd-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL:
<http://lists.nlnetlabs.nl/pipermail/nsd-users/attachments/20170213/8b6079d5/attachment.bin>