[nsd-users] NSD4 beta2
wouter at nlnetlabs.nl
Mon Jan 21 10:24:22 CET 2013
-----BEGIN PGP SIGNED MESSAGE-----
On 01/21/2013 10:09 AM, Andreas Schulze wrote:
> Am 10.01.2013 10:33 schrieb W.C.A. Wijngaards:
>> The new beta for NSD4 is available, NSD4.0.0b2:
> first of all: I updated some nameservers to nsd4b2 and they still
> run fine. So thanks for such good software...
> 1. is there a separate mailinglist for developement?
No, this list is it.
> 2. when comiling 4.0.0b2 I gave no special --with-xfrdir so it
> defaults to /tmp
> $CHROOT/tmp did not exist and I got this:
> Jan 19 14:29:10 nsd: error: /tmp/nsd.24553.task.0: No such
> file or directory Jan 19 14:29:10 nsd: error:
> /tmp/nsd.24553.task.1: No such file or directory Segmentation
> short fix: install -d $CHROOT/tmp
> note the segfault, that should be alarm us.
Yes, I'll get on that. And do the install thing.
> 3. my nsd.db was not writeable for the nsd user: "server
> preparation failed, nsd could not be started"
> that also leaves two taksfiles in $CHROOT/tmp which should be
> deleted before nsd is exiting.
Yes, nsd.db needs to be writable (it does the nsd-patch operation
during reloads to keep nsd.db updated).
> 4. I played arround with the rrl feature and set "rrl-ratelimit:
> 2" now I fire some "dig @$(NSD) example.org. ANY" I found "info:
> ratelimit block example.org any target $mynetwork/64" and
> "ratelimit unblock"
> but then the server starts logging this : nsd: warning:
> server 27369 died unexpectedly with status 6, restarting nsd:
> ./buffer.h:252: buffer_write_at: Assertion
> `buffer_available_at(buffer, at, count)' failed.
> nsd is the parent, nsd looks like the child that
This is a spurious assertion failure in the RRL code, that I have
already fixed in the svn trunk. If you run without --enable-checking,
it does not happen. I have also fixed it for the NSD_3_2 branch.
> btw. I never noticed that a query was not anwered!?
> 5. I run nsd from a superviser and use option -d to start nsd. Now
> I see three processes: # ps afx | grep nsd | grep -v grep 7434 ?
> S 0:00 | \_ supervise nsd 18899 ? S 0:00 | |
> \_ /usr/sbin/nsd -d 19065 ? S 0:01 | | \_
> /usr/sbin/nsd -d 31565 ? S 0:00 | | \_
> /usr/sbin/nsd -d
> is there a better solution to run nsd supervised?
NSD runs these processes (and more if you increase num-server and
while it is performing some tasks).
18899 is the process that handles zone transfers and accepts remote
control connections from nsd-control.
19065 coordinates IPC (has copy-on-write shared memory with 31565).
31565 is the process that serves PORT 53.
So, what you do now, is the best way to run NSD supervised.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
-----END PGP SIGNATURE-----
More information about the nsd-users