Link to home
Start Free TrialLog in
Avatar of dsimco
dsimco

asked on

BIND 9.2 on RH box keeps stopping with 'message.c:809: REQUIRE(*rdataset == ((void *)0)) failed - exiting (due to assertion failure)

I have 2 namesserver running same OS and same version of BIND 9.2. These nameservers have been running for a year or so without incident. Recently we changed circuit providers and our IP range changed. I made all the necessary changes on both nameservers and they ran fine for about a week or two. But now BIND stops running randomly on the primary server which in turn appears to kill the secondary nameserver. I have deleted and rewritten the /etc/named.conf and all zones on both servers thinking it might be a corrupt file. This did not resolve the problem. I have scoured the web for answers but find very little information on the error stated in the subject line. I will post my /etc/named.conf file and my zone file if needed. But I am confident that they are correct. I do see alot of 'lameserver resolving...' messages in my log but none of them are my servers so I don't believe I need to worry about them.

Any ideas???? I am hoping jlevie will weigh in on this topic as I have seen a similar open topic on the boards.

Thanks to all who contribute.
Avatar of jlevie
jlevie

That sounds like a old RH bug (see https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=65470)
What version of RedHat are you running and is up to date w/respect to the errata?
Hi,

   It indeed is kind of denial of service bug on BIND. You might want to download the patches here:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/bind-9.2.1-1.7x.2.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/bind-devel-9.2.1-1.7x.2.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/bind-utils-9.2.1-1.7x.2.i386.rpm

   Besides, it seems like you run the DNS server for your own domain. So you might want to update
most latest patches for your DNS box for security. Those patches applies on all RH 7.x.
http://download.fedoralegacy.org/redhat/7.3/updates/i386/

Regards,

Wesly
Avatar of dsimco

ASKER

First of all, thanks for your response jlevie. Now on to the real issue. I read the thread you suggested and it does sound like my problem. Up until now I have been able to load and configure all the services I needed. I am really a newbie when it comes to Linux even though I have been using it for a little more than a year. My position has always been "If it ain't broke, don't fix it." So know it is broke and the dark cloud of upgrading an OS that I am less than comletely comfortable with looms on the horizon. You asked, "What version of RedHat are you running and is up to date w/respect to the errata?" I am 7.3. I tried 9.2 which I believe to be Mandrake but I did not like it as well. What is errata? Please forgive my ignorance.
> What is errata?
Errata is the bug report.

> I am 7.3.
Then download those 3 patches, (as root)
wget http://download.fedoralegacy.org/redhat/7.3/updates/i386/bind-9.2.1-1.7x.2.i386.rpm
wget http://download.fedoralegacy.org/redhat/7.3/updates/i386/bind-devel-9.2.1-1.7x.2.i386.rpm
wget http://download.fedoralegacy.org/redhat/7.3/updates/i386/bind-utils-9.2.1-1.7x.2.i386.rpm
rpm -Fvh bind*.rpm  <==== This won't break other service

Then restart named:
service named restart
to see if the problem goes away.

Wesly
Is your 7.3 OS up to date w/respect to all of the published errata? RedHat no longer supports that version, but the errata updates are available from http://www.fedoralegacy.org. From what I see in bugzilla an errata update was published to correct that problem.

> What is errata?

Those are updates to a given release to correct problems or add functionality to a given RedHat release. Linux, like any other OS, may have problems with things on the distribution CD's that aren't discovered until after the release has been distributed. The errata for a release is the way those faults are corrected.
Avatar of dsimco

ASKER

Ok, I have dl'd the patches Wesly directed me to and am having a go at it. Now I just need to remember how to run the patches. Is there any docs in the rpm's?
Avatar of dsimco

ASKER

Thanks Wesly. I keep replying simultaneously to yours. I will give it a go.
> how to run the patches
rpm -Fvh bind*.rpm  

> any docs in the rpm's
man rpm
info rpm

Wesly
My recollection is that you need more than just the bind updates. There is an updated Glibc that is also part of the fix. You really need to update the entire system, not just Bind. There are a number of security updates for other things in the errata that you really need to have on the system.
This looks like we're getting somewhere at last. =)
Wesly, post a comment on this question & when it seems the problem is solved, I will split the points with both u & J for his past help & some info on this question too.

https://www.experts-exchange.com/questions/21148712/Named-BIND-'spontaneously'-dying.html

J, there is some reason that we can't upgrade the OS on our system, can't entirely remember what the reason was, but we did try and because of our netwroking setup (we go through a complex set of routers straight into the local backbone) we can't run our servers with anything more than RH7.3 - one day we may try again & succeed, but for the time being, is there a way to patch those security issues without a complete kernel overhaul?
Hi,

   Since RedHat discontinues the support on RedHat 7.3 but you can still download the latest patches from:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/

   Besides, you can use apt-get to automate the update process:
As root:
wget http://ftp.freshrpms.net/pub/freshrpms/redhat/7.3/apt/apt-0.5.5cnc5-fr0.rh73.2.i386.rpm
rpm -ivh apt-0.5.5cnc5-fr0.rh73.2.i386.rpm
apt-get dist-upgrade

   By the way, upgrade kernel doesn't mean upgrade OS to RH 9 or Fedora. The latest kernel for RH7.3 is:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/kernel-2.4.20-37.7.legacy.i686.rpm
Well, kernel upgrade need to be reboot to load that kernel.

Regards,

Wesly
Avatar of dsimco

ASKER

Ok. "There is an updated Glibc that is also part of the fix. You really need to update the entire system, not just Bind." I went to the http://download.fedoralegacy.org/redhat/7.3/updates/i386/ site and there are a lot of rpm files there. Are you saying that I need to install all of them individually? Obviously exluding the packages I am not using. And what does Glauson mean about a "complete kernal overhaul" That sounds like something I would like to avoid right now.
Avatar of dsimco

ASKER

The BIND update I was able to do remotely without rebooting. I can go to the NOC if I have to but I'd rather not. Can I do the updates using the 'apt-get' method remotely without a reboot? Or can I do it in such a way where the server reboots automatically?
SOLUTION
Avatar of wesly_chen
wesly_chen
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of dsimco

ASKER

Ok, I will wait on the kernel update until tomorrow. I have installed the BIND updates and will wait to see the results before I close this question.

Thank you wesly and jlevie.
jlevie, do u want to post a comment in the other question ( links above )
with a link to this question for answers; so when others look for the "Accepted Answer" they get directed to this page with more info plz?

Then I'll accept that & throw some points around to the others.

Ta.
Avatar of dsimco

ASKER

Ok, closing this question. Both jlevie and wesly gave Great information. wesly's was a little more "newbie-friendly" but they should each get an equal share of the points for their help.

Thanks guys,