BIND not updating the root servers
Daniel J. Luke
dluke at geeklair.net
Mon Aug 18 13:49:27 PDT 2014
I've updated the db.cache file that comes with the port - but FYI the only differences in the file are two new AAAA records (IPv6 addresses) for B.ROOT-SERVERS.NET and C.ROOT-SERVERS.NET
Note that while it's good practice to have an updated root server hints file, even an extremely old one would still work, from http://www.zytrax.com/books/dns/ch7/:
"Numerous commentators advise that this file be updated periodically. This is not essential - root server IP addresses change rarely. The first thing that BIND does when loaded with a hint zone' is to update the root-server list from one of the locations in the root.server file. It will log any discrepancies from the supplied file but carry on using its retrieved list. Other than extra log messages there seems little advantage in updating the root.server file unless BIND load time is vital."
On Aug 18, 2014, at 4:39 PM, Daniel J. Luke <dluke at geeklair.net> wrote:
>
> On Aug 16, 2014, at 3:46 PM, Bill Christensen <billc_lists at greenbuilder.com> wrote:
>>
>> Replying to myself....
>>
>> On further inspection (examining the results of what files BIND installs using port contents bind9) I'm seeing a Jan 3, 2013 version of the root servers in /opt/local/var/named/db.cache.dist. And the June 2, 2014 version is at /opt/local/var/named/db.cache . I have no idea if it's really in use though,
>
> your named.conf determines which root hint file is used (bind9 also has built-in hints in case you misconfigure your server and don't have one specified).
>
> If you follow the bind9 notes, you'll get a conf that uses the db.cache that comes with the port (which is a Jan 3, 2013 version - I'll get that updated shortly).
>
>> and WebMin at least thinks it's not.
>>
>> Any pointers appreciated.
>
> see also below
>
>> On 8/15/14 10:01 PM, Bill Christensen wrote:
>>> Hi all,
>>>
>>> I recently noticed that the MacPorts version of BIND (I'm running the
>>> latest - BIND 9.10.0-P2) is apparently not updating the root servers.
>>>
>>> Looking at the logs to correct another problem, I'm seeing:
>>>
>>> 14-Aug-2014 13:14:08.142 info: host unreachable resolving
>>> 'd.gtld-servers.net/AAAA/IN': 2001:503:ba3e::2:30#53
>>> 14-Aug-2014 13:14:08.215 info: host unreachable resolving
>>> 'b.gtld-servers.net/A/IN': 2001:503:231d::2:30#53
>>> 14-Aug-2014 13:14:08.220 info: host unreachable resolving
>>> 'c.gtld-servers.net/A/IN': 2001:503:231d::2:30#53
>>> 14-Aug-2014 13:14:08.522 info: host unreachable resolving
>>> 'd.gtld-servers.net/AAAA/IN': 2001:503:83eb::2:31#53
>>> 14-Aug-2014 13:14:08.595 info: host unreachable resolving
>>> 'c.gtld-servers.net/A/IN': 2001:503:a83e::2:31#53
>>> 14-Aug-2014 13:14:08.793 info: host unreachable resolving
>>> 'b.gtld-servers.net/AAAA/IN': 2001:503:c27::2:30#53
>>> 14-Aug-2014 13:14:08.794 info: host unreachable resolving
>>> 'b.gtld-servers.net/AAAA/IN': 2001:dc3::35#53
>>> 14-Aug-2014 13:14:08.795 info: host unreachable resolving
>>> 'c.gtld-servers.net/AAAA/IN': 2001:503:c27::2:30#53
>>> 14-Aug-2014 13:14:08.796 info: host unreachable resolving
>>> 'c.gtld-servers.net/AAAA/IN': 2001:dc3::35#53
>
> You've misdiagnosed the problem. You're most likely seeing these errors because the host you're running bind9 on does not have IPv6 access.
--
Daniel J. Luke
+========================================================+
| *---------------- dluke at geeklair.net ----------------* |
| *-------------- http://www.geeklair.net -------------* |
+========================================================+
| Opinions expressed are mine and do not necessarily |
| reflect the opinions of my employer. |
+========================================================+
More information about the macports-users
mailing list