Re: on to letsencrypt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



post reboot

systemctl status named
● named.service - Berkeley Internet Name Domain (DNS)
     Loaded: loaded (/usr/lib/systemd/system/named.service; disabled; vendor preset: disabled)
     Active: active (running) since Fri 2021-04-23 17:51:14 PDT; 5s ago
    Process: 3507 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS)
    Process: 3509 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=0/SUCCESS)
   Main PID: 3510 (named)
      Tasks: 11 (limit: 38336)
     Memory: 66.0M
        CPU: 94ms
     CGroup: /system.slice/named.service
             └─3510 /usr/sbin/named -u named -c /etc/named.conf

Apr 23 17:51:14 ws.linuxlighthouse.com named[3510]: network unreachable resolving './DNSKEY/IN': 2001:500:2f::f#53
Apr 23 17:51:14 ws.linuxlighthouse.com named[3510]: network unreachable resolving './NS/IN': 2001:500:2f::f#53
Apr 23 17:51:14 ws.linuxlighthouse.com named[3510]: network unreachable resolving './DNSKEY/IN': 2001:7fd::1#53
Apr 23 17:51:14 ws.linuxlighthouse.com named[3510]: network unreachable resolving './NS/IN': 2001:7fd::1#53
Apr 23 17:51:14 ws.linuxlighthouse.com named[3510]: network unreachable resolving './DNSKEY/IN': 2001:503:ba3e::2:30#53
Apr 23 17:51:14 ws.linuxlighthouse.com named[3510]: network unreachable resolving './NS/IN': 2001:503:ba3e::2:30#53
Apr 23 17:51:14 ws.linuxlighthouse.com named[3510]: network unreachable resolving './DNSKEY/IN': 2001:500:12::d0d#53
Apr 23 17:51:14 ws.linuxlighthouse.com named[3510]: network unreachable resolving './NS/IN': 2001:500:12::d0d#53
Apr 23 17:51:14 ws.linuxlighthouse.com named[3510]: managed-keys-zone: Key 20326 for zone . acceptance timer complete: key … trusted
Apr 23 17:51:14 ws.linuxlighthouse.com named[3510]: resolver priming query complete
Hint: Some lines were ellipsized, use -l to show in full.
[root@ws jackc$ journalctl -b 0 | grep -i listen | grep named
Apr 23 17:51:14 ws.linuxlighthouse.com named[3510]: using 7 UDP listeners per interface
Apr 23 17:51:14 ws.linuxlighthouse.com named[3510]: listening on IPv4 interface lo, 127.0.0.1#53
Apr 23 17:51:14 ws.linuxlighthouse.com named[3510]: listening on IPv6 interface lo, ::1#53
Apr 23 17:51:14 ws.linuxlighthouse.com named[3510]: command channel listening on 127.0.0.1#953
Apr 23 17:51:14 ws.linuxlighthouse.com named[3510]: command channel listening on ::1#953



On Fri, Apr 23, 2021 at 5:47 PM Jack Craig <jack.craig.aptos@xxxxxxxxx> wrote:
since you've been guiding, i have  changed only as guided,...  rebooting, ...

On Fri, Apr 23, 2021 at 5:20 PM Ed Greshko <ed.greshko@xxxxxxxxxxx> wrote:
On 24/04/2021 08:00, Jack Craig wrote:
> ps -ax | grep named
> 1814955 pts/4    S+     0:00 sudo vi /etc/named.conf
> 1814962 pts/4    S+     0:00 /usr/bin/vim /etc/named.conf
> 1815795 ?        Ssl    0:09 /usr/sbin/named -u named -c /etc/named.conf
> 1825164 pts/0    S+     0:00 grep --color=auto named
> [root@ws named$
> [root@ws named$ ncat -l 10.0.0.101 53
>
> it does 'hang'

OK....  Had you left it hanging then had I run "nmap -sS 108.220.213.1" should have shown the
port "open"

See the comments below.

This series on 4/13 is "good".  Listening on all interfaces

> journalctl -b 0 | grep -i listen | grep named
> Apr 13 22:42:48 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[905]: using 7 UDP listeners per interface
> Apr 13 22:42:48 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[905]: listening on IPv6 interfaces, port 53
> Apr 13 22:42:48 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[905]: listening on IPv4 interface lo, 127.0.0.1#53
> Apr 13 22:42:48 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[905]: command channel listening on 127.0.0.1#953
> Apr 13 22:42:53 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[905]: listening on IPv4 interface eno1, 10.0.0.101#53
> Apr 13 22:42:54 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[905]: listening on IPv4 interface virbr0, 192.168.122.1#53
> Apr 15 07:55:08 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[905]: client @0x7f50600e6060 89.39.107.167#39720 (mailgate.listen.com <http://mailgate.listen.com>): view external-wan-view: query: mailgate.listen.com <http://mailgate.listen.com> IN A +T (10.0.0.101)
> Apr 15 09:24:02 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[905]: client @0x7f505c0ef630 91.191.209.122#44020 (mx.foodamentalisten.de <http://mx.foodamentalisten.de>): view external-wan-view: query: mx.foodamentalisten.de <http://mx.foodamentalisten.de> IN A +T (10.0.0.101)

Probably a "systemctl restart named" issued.  PID 905 is shutting down.

> Apr 15 11:29:22 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[905]: no longer listening on ::#53
> Apr 15 11:29:22 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[905]: no longer listening on 127.0.0.1#53
> Apr 15 11:29:22 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[905]: no longer listening on 10.0.0.101#53
> Apr 15 11:29:22 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[905]: no longer listening on 192.168.122.1#53

And a new PID 309193 is starting.  Also 309193 shows "good"


> Apr 15 11:29:22 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[309193]: using 7 UDP listeners per interface
> Apr 15 11:29:22 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[309193]: listening on IPv6 interfaces, port 53
> Apr 15 11:29:22 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[309193]: listening on IPv4 interface lo, 127.0.0.1#53
> Apr 15 11:29:22 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[309193]: listening on IPv4 interface eno1, 10.0.0.101#53
> Apr 15 11:29:22 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[309193]: listening on IPv4 interface virbr0, 192.168.122.1#53
> Apr 15 11:29:22 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[309193]: command channel listening on 127.0.0.1#953
> Apr 15 12:57:26 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[309193]: no longer listening on ::#53
> Apr 15 12:57:26 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[309193]: no longer listening on 127.0.0.1#53
> Apr 15 12:57:26 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[309193]: no longer listening on 10.0.0.101#53
> Apr 15 12:57:26 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[309193]: no longer listening on 192.168.122.1#53

<SNIP>

Here named is getting shutdown.

>
> Apr 15 19:02:47 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[336009]: no longer listening on ::#53
> Apr 15 19:02:47 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[336009]: no longer listening on 127.0.0.1#53
> Apr 15 19:02:47 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[336009]: no longer listening on 10.0.0.101#53
> Apr 15 19:02:47 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> named[336009]: no longer listening on 192.168.122.1#53

The next day when name is started again we no longer see....

listening on IPv4 interface eno1, 10.0.0.101#53

So, what happened?  What changed?  All subsequent entries are "bad".

For "fun" how about rebooting the system?

--
Remind me to ignore comments which aren't germane to the thread.

_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux