NSD 3: updates stop after one week
wouter at NLnetLabs.nl
Fri Jan 12 09:50:01 CET 2007
-----BEGIN PGP SIGNED MESSAGE-----
Stephane Bortzmeyer wrote:
> After one week of normal operations, our experimental instance of nsd
> 3.0.3 no longer process updates (whatever the master and the
> nameserver serves hundreds of zones).
> There are no errors logged and tcpdump sees normal communication with
> the master (nsd is 184.108.40.206):
> 10:24:27.558813 IP 220.127.116.11.38104 > 18.104.22.168.domain: 25782 [1n] [1au] IXFR? nl. (191)
> 10:24:27.576046 IP 22.214.171.124.domain > 126.96.36.199.38104: 25782- 1/0/1 SOA[|domain]
> Cold-restarting the name server solves the problem (proving that there
> is no connectivity issues). But I'm looking for a better solution.
> The log only shows the success:
>  nsd: info: Zone tf serial 2006122100 is updated to 2006122200.
> Not the failures or attempts. Is there a way to make the log more
> talkative? I do not see the NOTIFY reception. I do not see the IXFR
> queries. I find no "verbosity" parameter in nsd.conf?
verbosity feature is on the TODO, but not in the next release.
Thanks to your assistance in debugging (log files and dumps), I could
determine the cause and the fix will be in NSD 3.0.4.
The problem was 'out of memory, reload failed, continuing with old
database' errors embedded in your extensive logfile. This caused all
updates to stop. I have changed the error handling in this case. Instead
of never doing updates again, it will try to do it again (and again and
again) every xfrd-reload-timeout seconds. Two advantages: it is more
prominently visible in the logfile (every xfrd-reload-timeout seconds)
and if the error condition goes away (like in your case) it will recover
from the error.
If you have the same thing, please note there is a manual fix: perform a
manual reload of the database (kill -HUP, nsdc reload), this will cause
updates to resume for NSD 3.0.3 when you are affected with this bug.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the nsd-users