NSD 3: updates stop after one week

Wouter Wijngaards wouter at NLnetLabs.nl
Fri Jan 12 09:50:01 CET 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Stephane Bortzmeyer wrote:
> After one week of normal operations, our experimental instance of nsd
> 3.0.3 no longer process updates (whatever the master and the
> nameserver serves hundreds of zones).
> 
> There are no errors logged and tcpdump sees normal communication with
> the master (nsd is 192.93.0.4):
> 
> 10:24:27.558813 IP 192.93.0.4.38104 > 193.176.144.2.domain:  25782 [1n] [1au] IXFR? nl. (191)
> 10:24:27.576046 IP 193.176.144.2.domain > 192.93.0.4.38104:  25782- 1/0/1 SOA[|domain]
> 
> Cold-restarting the name server solves the problem (proving that there
> is no connectivity issues). But I'm looking for a better solution.
> 
> The log only shows the success:
> 
> [1167127347] nsd[10495]: info: Zone tf serial 2006122100 is updated to 2006122200.
> 
> Not the failures or attempts. Is there a way to make the log more
> talkative? I do not see the NOTIFY reception. I do not see the IXFR
> queries. I find no "verbosity" parameter in nsd.conf?

verbosity feature is on the TODO, but not in the next release.

Thanks to your assistance in debugging (log files and dumps), I could
determine the cause and the fix will be in NSD 3.0.4.

The problem was 'out of memory, reload failed, continuing with old
database' errors embedded in your extensive logfile. This caused all
updates to stop. I have changed the error handling in this case. Instead
of never doing updates again, it will try to do it again (and again and
again) every xfrd-reload-timeout seconds. Two advantages: it is more
prominently visible in the logfile (every xfrd-reload-timeout seconds)
and if the error condition goes away (like in your case) it will recover
from the error.

If you have the same thing, please note there is a manual fix: perform a
manual reload of the database (kill -HUP, nsdc reload), this will cause
updates to resume for NSD 3.0.3 when you are affected with this bug.

Best regards,
   Wouter
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFFp0u4kDLqNwOhpPgRAhSnAJoDpDlc6YXfb1NevFaETdJXmyGFPgCfYThh
1kHMbgr3xg4dNvgDvLFXsTo=
=1+qH
-----END PGP SIGNATURE-----


More information about the nsd-users mailing list