[nsd-users] NSD4 beta2

W.C.A. Wijngaards wouter at nlnetlabs.nl
Mon Jan 21 09:24:22 UTC 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Andreas,

On 01/21/2013 10:09 AM, Andreas Schulze wrote:
> Am 10.01.2013 10:33 schrieb W.C.A. Wijngaards:
>> The new beta for NSD4 is available, NSD4.0.0b2:
> 
> first of all: I updated some nameservers to nsd4b2 and they still
> run fine. So thanks for such good software...
> 
> 1. is there a separate mailinglist for developement?

No, this list is it.

> 2. when comiling 4.0.0b2 I gave no special --with-xfrdir so it
> defaults to /tmp
> 
> $CHROOT/tmp did not exist and I got this:
> 
> Jan 19 14:29:10 nsd[24553]: error: /tmp/nsd.24553.task.0: No such
> file or directory Jan 19 14:29:10 nsd[24553]: error:
> /tmp/nsd.24553.task.1: No such file or directory Segmentation
> fault
> 
> short fix: install -d $CHROOT/tmp
> 
> note the segfault, that should be alarm us.

Yes, I'll get on that.  And do the install thing.

> 3. my nsd.db was not writeable for the nsd user: "server
> preparation failed, nsd could not be started"
> 
> that also leaves two taksfiles in  $CHROOT/tmp which should be
> deleted before nsd is exiting.

Yes, nsd.db needs to be writable (it does the nsd-patch operation
during reloads to keep nsd.db updated).

> 4. I played arround with the rrl feature and set "rrl-ratelimit:
> 2" now I fire some "dig @$(NSD) example.org. ANY" I found "info:
> ratelimit block example.org any target $mynetwork/64" and
> "ratelimit unblock"
> 
> but then the server starts logging this : nsd[19065]: warning:
> server 27369 died unexpectedly with status 6, restarting nsd:
> ./buffer.h:252: buffer_write_at: Assertion
> `buffer_available_at(buffer, at, count)' failed.
> 
> nsd[19065] is the parent, nsd[27369] looks like the child that
> died.

This is a spurious assertion failure in the RRL code, that I have
already fixed in the svn trunk.  If you run without --enable-checking,
it does not happen.  I have also fixed it for the NSD_3_2 branch.

> btw. I never noticed that a query was not anwered!?
> 
> 5. I run nsd from a superviser and use option -d to start nsd. Now
> I see three processes: # ps afx | grep nsd | grep -v grep 7434 ?
> S      0:00  |   \_ supervise nsd 18899 ?        S      0:00  |   |
> \_ /usr/sbin/nsd -d 19065 ?        S      0:01  |   |       \_
> /usr/sbin/nsd -d 31565 ?        S      0:00  |   |           \_
> /usr/sbin/nsd -d
> 
> is there a better solution to run nsd supervised?

NSD runs these processes (and more if you increase num-server and
while it is performing some tasks).
18899 is the process that handles zone transfers and accepts remote
control connections from nsd-control.
19065 coordinates IPC (has copy-on-write shared memory with 31565).
31565 is the process that serves PORT 53.

So, what you do now, is the best way to run NSD supervised.

Best regards,
   Wouter

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBAgAGBQJQ/QlBAAoJEJ9vHC1+BF+N/vUQAKvuw34h3xRkMLfXPzL3NeLD
TPPmaJv3Qpghi2l9plMK/fvjm1rn79w+CVjwVk//bmnwlL4//EY8HXz7uaRj6tG2
VLFJPphtxQySw5tcJMzyhiji80JiRc9CDKJcYF9hVJaTRaum2X+3/xiN4+3/+NzV
xVr21xAGzc1srA8e/pKriWI2kRaG3+HJKqt1kZPtFCNnoSyYsIF73nYCL0wYqjkM
WQTJftDcLNehub0scamEq/bXveykbTXtz4IcWpz0T3pkfIOZp51byOrq4McDy7fk
2/WLDMyATs0AflcIANTkKudq4fab1FjQOBhRCHIa6y1Mc0nyjSKRlneovkVfxO5X
5uy57djwrIUItjVCI+BVAUH/H2CPg4QRXwUwydXr/1tWxmYz/RoESIQsxjhiPrDQ
Oxz/rB6xC49YmwUnsm7lwXaXUqlU+cZ0iRtmScflpQu1FU2MZ7eR/upGlpiHWjQM
OxRlH8e5vclSa49uVIsFjXG+RDkrWH+Wkvwsy9d0CD4/p7Ve9lLmIcW0dH1Q07+I
uVYeYMVsk9qQNDftAhSz6I4lV+YJlhzFXjN90/+GmnIFM0/878dzeX742nLjGA3Z
z61qgGjsz4P2IEoa1kYjH7WDrr63fYkCN+cabaF4T+cZvGa7YF6hucALGGd1H15k
LRHdWYz8gQW1ZRrmV0fk
=3OW9
-----END PGP SIGNATURE-----



More information about the nsd-users mailing list