The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Bind broken after CentOS 5.4 update

Discussion in 'Bind / DNS / Nameserver Issues' started by smoge, Oct 22, 2009.

  1. smoge

    smoge Well-Known Member

    Joined:
    Jul 2, 2004
    Messages:
    52
    Likes Received:
    0
    Trophy Points:
    6
    Broken system(s)

    Name : bind-libs
    Arch : i386
    Epoch : 30
    Version : 9.3.6
    Release : 4.P1.el5

    Name : bind-libs
    Arch : x86_64
    Epoch : 30
    Version : 9.3.6
    Release : 4.P1.el5

    Working system(s)

    Name : bind-libs
    Arch : i386
    Epoch : 30
    Version : 9.3.4
    Release : 10.P1.el5_3.3

    Name : bind-libs
    Arch : x86_64
    Epoch : 30
    Version : 9.3.4
    Release : 10.P1.el5_3.3

    Name : bind
    Arch : x86_64
    Epoch : 30
    Version : 9.3.4
    Release : 10.P1.el5_3.3
     
  2. smoge

    smoge Well-Known Member

    Joined:
    Jul 2, 2004
    Messages:
    52
    Likes Received:
    0
    Trophy Points:
    6
    Doing stuff mentioned before hand in this ticket - does not help... so trying some things myself....

    I turned off AUTO UPDATES on all our other servers as I assume this was something that came through in recent updates...
     
  3. smoge

    smoge Well-Known Member

    Joined:
    Jul 2, 2004
    Messages:
    52
    Likes Received:
    0
    Trophy Points:
    6
    Softlayer ( Welcome to SoftLayer ) - which is an excellent hosting company, by the way, and I , figured out a temp fix for this... I have a ticket open with CPANEL to see if they approve of it - but it does seem to work...

    We seem to have fixed this - by adding in /usr/lib64

    the following symlinks

    ln -s libisc.so libisc.so.11
    ln -s libdns.so libdns.so.22

    Smoge
     
  4. Varial

    Varial Member

    Joined:
    Oct 17, 2008
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Saskatoon, Saskatchewan, Canada
    Bind appears to be broken after tonight's automatic upgrade to CentOS 5.4. Any quick fixes?
     
  5. Varial

    Varial Member

    Joined:
    Oct 17, 2008
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Saskatoon, Saskatchewan, Canada
    I wasn't able to get this working by symlinking like you have suggested. It appears the new version of Bind in CentOS 5.4 breaks things.
     
  6. Solokron

    Solokron Well-Known Member

    Joined:
    Aug 8, 2003
    Messages:
    849
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Seattle
    cPanel Access Level:
    DataCenter Provider
    We are seeing the same thing. I have tried the sym links as well with a service named restart to no avail.
     
  7. jagfly

    jagfly Registered

    Joined:
    Mar 7, 2004
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Same Issue here. Bind died at 4AM after an update and has been unable to restart despite trying all the usual fixes. Eagerly awaiting a resolution.
     
  8. Solokron

    Solokron Well-Known Member

    Joined:
    Aug 8, 2003
    Messages:
    849
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Seattle
    cPanel Access Level:
    DataCenter Provider
    /scripts/fixndc
    Named could not be restarted, any obvious config errors should show up below this line.
    No critical problems found, will attempt to regenerate keys regardless.
    warn [fixrndc] /usr/sbin/rndc status failed: rndc: connect failed: 127.0.0.1#953: connection refused
    Creating rndc.conf
    Creating /etc/rndc.key
    warn [fixrndc] /usr/sbin/rndc status failed: rndc: connect failed: 127.0.0.1#953: connection refused
    Restarting named
    warn [fixrndc] /usr/sbin/rndc status failed: rndc: connect failed: 127.0.0.1#953: connection refused
    /scripts/fixrndc failed to fix the rndc key (or named is otherwise broken), please investigate manually
     
  9. smoge

    smoge Well-Known Member

    Joined:
    Jul 2, 2004
    Messages:
    52
    Likes Received:
    0
    Trophy Points:
    6
    We seem to have fixed this - by adding in /usr/lib64

    the following symlinks

    ln -s libisc.so libisc.so.11
    ln -s libdns.so libdns.so.22

    Smoge
     
  10. smoge

    smoge Well-Known Member

    Joined:
    Jul 2, 2004
    Messages:
    52
    Likes Received:
    0
    Trophy Points:
    6
    We just had another server go down... and the

    and a

    did the trick.
     
  11. Solokron

    Solokron Well-Known Member

    Joined:
    Aug 8, 2003
    Messages:
    849
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Seattle
    cPanel Access Level:
    DataCenter Provider
    cd /usr/lib64
    ln -s libisc.so libisc.so.11
    ln -s libdns.so libdns.so.22

    service named restart

    if still broken backup /etc/named.conf and disable bind in WHM, save and then re-enable.
     
    #11 Solokron, Oct 22, 2009
    Last edited: Oct 22, 2009
  12. darren.nolan

    darren.nolan Well-Known Member

    Joined:
    Oct 4, 2007
    Messages:
    259
    Likes Received:
    0
    Trophy Points:
    16
    Same issue with only 1 of my cPanel servers.

    Support Request ID 510973.
     
  13. darren.nolan

    darren.nolan Well-Known Member

    Joined:
    Oct 4, 2007
    Messages:
    259
    Likes Received:
    0
    Trophy Points:
    16
    cPanel (being awesome as always) tracked down my particular issue to invalid zone files.

    /etc/init.d/named start | grep -v "loaded serial"

    On the previous version of Bind, these little mistakes in the zone files were ignored, latest version - not so much. Zone files updated/fixed and everything works fine.

    This would explain why only one out of several of my servers were affected by the update.
     
  14. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    Darren is correct; the new BIND update ensures more strict RFC compliance, where BIND configuration and DNS zone entries must have proper syntax.

    The command shown by Darren was used to help filter some of the output during BIND/named startup so that the errors could be discerned and investigated with more precision and efficiency.
    Code:
    # /etc/init.d/named start | grep -v "loaded serial"
    Note: I have merged posts from another topic into this thread where they can receive more relevant discussion.

    If anyone else is experiencing difficulty tracking down why BIND is not restarting please consider submitting a ticket; we are here 24/7 and will be able to assist with corrective measures where applicable. You may submit a ticket via the link in my forums signature.
     
  15. VeZoZ

    VeZoZ Well-Known Member

    Joined:
    Dec 14, 2002
    Messages:
    248
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    DataCenter Provider
    What is causing it to check more is in /etc/init.d/named there is this line:

    Code:
    ckcf_options='-z'; # enable named-checkzone for each zone (9.3.1+) !
    
    So you could fix the zones or alternatively comment out that line so the broken zones do not prevent bind from starting.
     
    #15 VeZoZ, Oct 22, 2009
    Last edited: Oct 22, 2009
  16. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,458
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Thank you for that information.
     
  17. darren.nolan

    darren.nolan Well-Known Member

    Joined:
    Oct 4, 2007
    Messages:
    259
    Likes Received:
    0
    Trophy Points:
    16
    I am curious, and without fiddling;

    The original break down for us was some invalid entries in the DNS zones. Is it not possible for these invalid entries to be entered by Resellers that have access to editing DNS information?

    While I would rather have a DNS system that adheres to the new/latest RFC standards, I won't do so if it's possible to wrongly edit DNS zone files through cPanel.

    It may end up being for the best to use that option listed in a previous post, to relax BIND at fear of any particular one entry causing the system to become unstable once more?
     
  18. eglwolf

    eglwolf Well-Known Member

    Joined:
    Jan 1, 2004
    Messages:
    168
    Likes Received:
    0
    Trophy Points:
    16
    I disabled through WHM, then ran /scripts/fixdnc, services named restart and everything was fixed.
     
Loading...

Share This Page