[Freeipa-users] [SOLVED] IPA DNS response issue
Petr Spacek
pspacek at redhat.com
Fri Oct 31 13:44:31 UTC 2014
On 19.3.2014 15:12, David wrote:
> On Wed, Mar 19, 2014 at 01:57:24PM +0100, Petr Spacek wrote:
>> On 18.3.2014 15:26, David wrote:
>>> We have an installation of FreeIPA (through CentOS 6.5) that's exhibiting some
>>> odd behavior with respect to serving DNS. Periodically (interval at random)
>>> named running on a replica will stop serving requests from the LDAP server but
>>> continue to respond with recursive requests. This type of failure causes us
>>> problems, as you could imagine. (It doesn't fail cleanly so it won't request
>>> from another server.) We've adjusted the amount of connections each named
>>> makes to 389, but it doesn't seem to make a difference. We're not seeing
>>> anything in the logs so troubleshooting this is becoming a bit of a
>>> (high-visibility) puzzle to us.
>>>
>>> I do happen to have a core file that I grabbed last night before sending a
>>> SIGKILL to named and restarting. (A SIGTERM has no effect.)
>>>
>>> Hopefully there's an easy answer here that we can get rolled into the
>>> environment quickly. FreeIPA has treated us extraordinarily well so far!
>
> <snip>
>
>> Note that David (I guess :-) added logs to the ticket
>> https://fedorahosted.org/bind-dyndb-ldap/ticket/131
>> and I'm looking into it.
>
> Actually, that's not me! I don't have anywhere near as much logging...
> At least I'm not alone...
>
> Our failures also seem to happen around log rotation time.
>
> The Kerberos ticket expiring is interesting. I'll poke around on my
> installation and see what I see on this side.
>
> If you need any other information, please let me know.
FYI the problem was discovered & fixed a while ago but I did not sent reply to
you. It was fixed in all maintained branches (v2+) of bind-dyndb-ldap.
All supported versions of Fedora were patched so it should not happen again.
You can watch RHEL status on:
RHEL 6.y:
https://bugzilla.redhat.com/show_bug.cgi?id=1142176
https://bugzilla.redhat.com/show_bug.cgi?id=1142152
RHEL 7.y:
https://bugzilla.redhat.com/show_bug.cgi?id=1142150
Have a nice day!
--
Petr^2 Spacek
More information about the Freeipa-users
mailing list