The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

BIND error named[431]: could not listen on UDP socket: permission denied

Discussion in 'Bind / DNS / Nameserver Issues' started by hicom, Mar 26, 2006.

  1. hicom

    hicom Well-Known Member

    Joined:
    May 23, 2003
    Messages:
    272
    Likes Received:
    0
    Trophy Points:
    16
    We are noticing on FreeBSD 5.4 i386 with the latest cPanel (stable and release).

    This happens on ALL our cPanel servers and backup DNS servers, no matter what release. In /var/log/messages we see the following error:

    Mar 26 10:25:32 ns3 named[431]: could not listen on UDP socket: permission denied
    Mar 26 10:25:32 ns3 named[431]: creating IPv4 interface de0 failed; interface ignored
    Mar 26 10:25:32 ns3 named[431]: could not listen on UDP socket: permission denied
    Mar 26 10:25:32 ns3 named[431]: creating IPv4 interface lo0 failed; interface ignored
    Mar 26 10:25:32 ns3 named[431]: not listening on any interfaces

    Mar 26 11:25:32 ns3 named[431]: could not listen on UDP socket: permission denied
    Mar 26 11:25:32 ns3 named[431]: creating IPv4 interface de0 failed; interface ignored
    Mar 26 11:25:32 ns3 named[431]: could not listen on UDP socket: permission denied
    Mar 26 11:25:32 ns3 named[431]: creating IPv4 interface lo0 failed; interface ignored
    Mar 26 11:25:32 ns3 named[431]: not listening on any interfaces

    Notice this occurs EVERY hour. This is not a cron scheduled, something is causing BIND to do this, but I couldn't put my hand on it.

    The servers seem work fine, and they respond to DNS requests (except to the few seconds when it happens).

    On different servers this happens at different times. I'm not sure if this is wide spread, but we noticed it on ALL our FreeBSD servers running cPanel.

    Any ideas ? As I said DNS remains working fine except to the seconds this happen.

    Thanks,

    Tamouh
     
  2. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Minneapolis, MN
    Are you using a firewall? Is it configured properly?
     
  3. hicom

    hicom Well-Known Member

    Joined:
    May 23, 2003
    Messages:
    272
    Likes Received:
    0
    Trophy Points:
    16
    Some servers have Firewalls, others do not have. It won't matter. Now I need to note this has been exhibited on FreeBSD 5.4, I should probably get a test machine up with different FreeBSD version and see if this still occurs.

    The BIND service is running and responding fine, but this error is very weird:

    > netstat -na | grep 53
    tcp4 0 0 20.0.0.149.53 *.* LISTEN
    tcp4 0 0 20.0.0.148.53 *.* LISTEN
    tcp4 0 0 20.0.0.156.53 *.* LISTEN

    udp4 0 0 20.0.0.149.53 *.*
    udp4 0 0 20.0.0.148.53 *.*
    udp4 0 0 20.0.0.156.53 *.*

    hmmm, it seems udp port 53 has nothing listening on it. Is DNS TCP only or UDP ?

    Tamouh
     
  4. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Minneapolis, MN
    Port 53 , UDP and TCP should be open and listening.
     
  5. hicom

    hicom Well-Known Member

    Joined:
    May 23, 2003
    Messages:
    272
    Likes Received:
    0
    Trophy Points:
    16
    I checked the firewall and addde allowing udp just in case:

    Code:
    soho2# ipfw list
    00100 allow ip from any to any via lo0
    00101 allow tcp from any to me dst-port 25
    00102 allow tcp from any to me
    00103 allow udp from any to me
    00104 allow udp from any to any
    00200 deny ip from any to 127.0.0.0/8
    00300 deny ip from 127.0.0.0/8 to any
    65000 allow ip from any to any
    65535 deny ip from any to any
    
    But that made no difference, still not listening on port 53
     
  6. bking

    bking Well-Known Member

    Joined:
    Mar 1, 2004
    Messages:
    206
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Sydney
    You dont have portsentry or anything similar running do you?
     
  7. hicom

    hicom Well-Known Member

    Joined:
    May 23, 2003
    Messages:
    272
    Likes Received:
    0
    Trophy Points:
    16
    Nope, nothing at all that firewalls or blocks access. The weird thing it happens on ALL servers even a basic server setup with cPanel DNS only
     
  8. hicom

    hicom Well-Known Member

    Joined:
    May 23, 2003
    Messages:
    272
    Likes Received:
    0
    Trophy Points:
    16
    Anybody with FreeBSD 5.4 noticed the same thing in /var/log/messages ?
     
  9. hicom

    hicom Well-Known Member

    Joined:
    May 23, 2003
    Messages:
    272
    Likes Received:
    0
    Trophy Points:
    16
    Resolution

    Found the problem with the help of cPanel team:

    check the named script in /etc/rc.d/init.d/named

    change the line:

    /var/run/named.pid

    to

    /var/run/named/named.pid

    save the file

    then do:

    ./named stop
    ./named start

    It appears the named startup scripts has the wrong path to the PID file
     
  10. hillbilly1980

    hillbilly1980 Member

    Joined:
    Apr 25, 2005
    Messages:
    21
    Likes Received:
    0
    Trophy Points:
    1
    I dunno why but on my freebsd server the pid is

    /var/run/named/pid
     
Loading...

Share This Page