[Freeipa-users] DNS portion of IPA Server randomly crashing

Mon May 21 17:17:30 UTC 2012

Hi Petr
I'm running bind-dyndb-ldap-0.2.0-7el6.x86_64

rndc reload doesn't work as "neither /etc/rndc.conf nor /etc/rndc.key was
found"

Logrotate is weekly

Kerberos ticket lifetime is
Max life: 86400
Max renew: 604800

Looking at the time between errors it's very infrequent but of course it's
quite serious
ipa1 - Apr 1st then Apr 5th
ipa2 - Apr 13th then Apr 26th
ipa3 - Mar 26th then May 18th

Worst of all I can't reproduce it. It just works, until it doesn't

Regards
Charlie

On Mon, May 21, 2012 at 9:44 AM, Petr Spacek <pspacek at redhat.com> wrote:

> Hello,
>
> please provide your version of bind-dyndb-ldap package. It is interface
> between BIND and LDAP database. Latest version is 0.2.0-7.el6.
> # rpm -q bind-dyndb-ldap
>
> If you reload BIND manually, it crashes also? Every time?
> # rndc reload
>
> How long is log rotation period?
>
> What is Kerberos ticket lifetime?
> # ipa krbtpolicy-show
>
> If you can reproduce it (in worst case wait a day ...), please install
> debug informations:
> # debuginfo-install bind bind-dyndb-ldap
>
> and then send logs again.
>
>
> Thanks for your time.
>
> Petr^2 Spacek
>
>
> On 05/20/2012 11:46 AM, Charlie Derwent wrote:
>
>> Hi
>> I'm running IPA server 2.1.3 on RHEL 6.2 and have been experiencing
>> random DNS
>> failures on my Master and Replica servers. I thought it may have been
>> down to
>> the version of bind I was running and updated it it to
>> bind-9.7.3-8.P3.el6_2.2.x86_64 yet the error still occurs it looks like
>> there
>> is an automated process to reload zones as the log files show it working
>> the
>> day before at the exact same time.
>> I've included the log files below. If anyone can help me get to the
>> bottom of
>> the problem it would be greatly appreciated.
>> Thanks,
>> Charlie.
>> ***Working zone reload***
>> ------------------------------**--------
>> May 17 03:46:01 ipa named[6938]: received SIGHUP signal to reload zones
>> May 17 03:46:01 ipa named[6938]: loading configuration from
>> '/etc/named.conf'
>> May 17 03:46:01 ipa named[6938]: using default UDP/IPv4 port range:
>> [1024, 65535]
>> May 17 03:46:01 ipa named[6938]: using default UDP/IPv6 port range:
>> [1024, 65535]
>> May 17 03:46:01 ipa named[6938]: no IPv6 interfaces found
>> May 17 03:46:01 ipa logrotate: ALERT exited abnormally with [1]
>> May 17 03:46:01 ipa named[6938]: /etc/named.conf:12: no forwarders seen;
>> disabling forwarding
>> May 17 03:46:01 ipa named[6938]: /etc/named.conf:12: no forwarders seen;
>> disabling forwarding
>> May 17 03:46:01 ipa named[6938]: none:0: open: /etc/rndc.key: file not
>> found
>> May 17 03:46:01 ipa named[6938]: couldn't add command channel
>> 127.0.0.1#953:
>> file not found
>> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN: (master)
>> removed
>> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN: (master)
>> removed
>> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN: (master)
>> removed
>> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN: (master)
>> removed
>> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN: (master)
>> removed
>> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN: (master)
>> removed
>> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN: (master)
>> removed
>> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN: (master)
>> removed
>> May 17 03:46:01 ipa named[6938]: zone [REMOVED]/IN: (master) removed
>> May 17 03:46:01 ipa named[6938]: reloading configuration succeeded
>> May 17 03:46:01 ipa named[6938]: reloading zones succeeded
>> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN: sending
>> notifies (serial [REMOVED])
>> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN: sending
>> notifies (serial [REMOVED])
>> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN: sending
>> notifies (serial [REMOVED])
>> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN: sending
>> notifies (serial [REMOVED])
>> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN: sending
>> notifies (serial [REMOVED])
>> May 17 03:46:01 ipa named[6938]: zone [REMOVED]/IN: sending notifies
>> (serial[REMOVED])
>> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN: sending
>> notifies (serial [REMOVED])
>> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN: sending
>> notifies (serial [REMOVED])
>> May 17 03:46:01 ipa named[6938]: zone [REMOVED].in-addr.arpa/IN: sending
>> notifies (serial [REMOVED])
>> ------------------------------**--------
>> ***Failed zone reload***
>> ------------------------------**--------
>> May 18 03:46:01 ipa named[6938]: received SIGHUP signal to reload zones
>> May 18 03:46:01 ipa named[6938]: loading configuration from
>> '/etc/named.conf'
>> May 18 03:46:01 ipa named[6938]: using default UDP/IPv4 port range:
>> [1024, 65535]
>> May 18 03:46:01 ipa named[6938]: using default UDP/IPv6 port range:
>> [1024, 65535]
>> May 18 03:46:01 ipa named[6938]: no IPv6 interfaces found
>> May 18 03:46:01 ipa logrotate: ALERT exited abnormally with [1]
>> May 18 03:46:01 ipa named[6938]: GSSAPI Error: The referenced context has
>> expired (Unknown error)
>> May 18 03:46:01 ipa named[6938]: bind to LDAP server failed: Local error
>> May 18 03:46:01 ipa named[6938]: reloading configuration failed: failure
>> May 18 03:46:01 ipa named[6938]: rbt.c:694: REQUIRE((((rbt) != ((void
>> *)0)) &&
>> (((const isc__magic_t *)(rbt))->magic == ((('R') << 24 | ('B') << 16 |
>> ('T')
>> << 8 | ('+')))))) failed, back trace
>> May 18 03:46:01 ipa named[6938]: #0 0x7f18f791632f in ??
>> May 18 03:46:01 ipa named[6938]: #1 0x7f18f62e373a in ??
>> May 18 03:46:01 ipa named[6938]: #2 0x7f18f71af880 in ??
>> May 18 03:46:01 ipa named[6938]: #3 0x7f18f71afbf3 in ??
>> May 18 03:46:01 ipa named[6938]: #4 0x7f18f11621fc in ??
>> May 18 03:46:01 ipa named[6938]: #5 0x7f18f1164379 in ??
>> May 18 03:46:01 ipa named[6938]: #6 0x7f18f791d597 in ??
>> May 18 03:46:01 ipa named[6938]: #7 0x7f18f792119a in ??
>> May 18 03:46:01 ipa named[6938]: #8 0x7f18f790d129 in ??
>> May 18 03:46:01 ipa named[6938]: #9 0x7f18f6301fe8 in ??
>> May 18 03:46:01 ipa named[6938]: #10 0x7f18f5ebc7f1 in ??
>> May 18 03:46:01 ipa named[6938]: #11 0x7f18f540e70d in ??
>> May 18 03:46:01 ipa named[6938]: exiting (due to assertion failure)
>>
>
> ______________________________**_________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/**mailman/listinfo/freeipa-users<https://www.redhat.com/mailman/listinfo/freeipa-users>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120521/dc77db1f/attachment.htm>