Solved

what is the problem?

Posted on 2001-07-27
3
274 Views
Last Modified: 2008-02-01
hi linux experts,

my server is down sometimes, i need to reboot it everytime!

the following is the message log:

Jul 27 22:27:10 ns1 named[503]: Lame server on 'hkusua.hku.com' (in 'hku.com'?): [216.99.40.3].53 'NS1.NATIONAL-NET.com'
Jul 27 22:27:10 ns1 named[503]: Lame server on 'htomail.com' (in 'htomail.com'?): [207.46.138.12].53 'DNS5.CP.MSFT.NET'
Jul 27 22:27:11 ns1 named[503]: Lame server on 'htomail.com' (in 'htomail.com'?): [207.46.138.11].53 'DNS4.CP.MSFT.NET'

Jul 27 22:36:21 ns1 named[503]: Lame server on '75.248.168.203.in-addr.arpa' (in '248.168.203.in-addr.arpa'?): [210.80.60.2].53 'ns2.hkcable
.com'
Jul 27 22:36:21 ns1 named[503]: ns_forw: query(75.248.168.203.in-addr.arpa) All possible A RR's lame
Jul 27 22:36:30 ns1 named[503]: Cleaned cache of 114 RRsets
Jul 27 22:36:50 ns1 PAM_pwdb[796]: (su) session opened for user root by tsimtung(uid=502)
Jul 27 22:40:06 ns1 named[503]: USAGE 996244806 995980875 CPU=67.26u/31.47s CHILDCPU=0u/0s
Jul 27 22:40:06 ns1 named[503]: NSTATS 996244806 995980875 A=215152 CNAME=27 SOA=2034 PTR=19708 MX=3185 TXT=2 AAAA=60 38=41 ANY=9838
Jul 27 22:40:06 ns1 named[503]: XSTATS 996244806 995980875 RR=13253 RNXD=923 RFwdR=7154 RDupR=46 RFail=99 RFErr=0 RErr=6 RAXFR=0 RLame=1018
ROpts=0 SSysQ=4647 SAns=247577 SFwdQ=6665 SDupQ=3184 SErr=0 RQ=250325 RIQ=5 RFwdQ=6665 RDupQ=66 RTCP=1541 SFwdR=7154 SFail=0 SFErr=0 SNaAns=
32286 SNXD=6923 RUQ=0 RURQ=0 RUXFR=0 RUUpd=0
Jul 27 23:03:50 ns1 -- MARK --
Jul 27 23:23:50 ns1 -- MARK --
Jul 27 23:33:06 ns1 syslogd 1.3-3: restart.
Jul 27 23:33:06 ns1 syslog: syslogd startup succeeded
Jul 27 23:33:06 ns1 syslog: klogd startup succeeded


I don't know what is the meaning of those lines. Any one can explain them?
it seems the name service making the server down!
(i found several times that the named uses 9x% cpu usage)

What should i do?

thanks.
Stanley
0
Comment
Question by:stanleyhuen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 

Expert Comment

by:Normal
ID: 6329332
it seems good to me .... update your root serers in the DNS
what distribution r u using ?
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 6329537
named does not make your server down, usually.
But the 9x% cpu usage forces that it looks like down, 'cause it did not respond in required time.

The reason for the 9x% seem to be the the forwarder (hotmail.com).
I suggest to switch over to bind 9.1.x, where you can configure to avoid such "Lame server"s in the named.conf
category section (see man named.conf).

For a detailed description of name server messages, have a look at:
   http://www.acmebw.com/askmrdns/bind-messages.htm
0
 
LVL 40

Accepted Solution

by:
jlevie earned 50 total points
ID: 6332270
My guess would be that either your named config & zone files are not right,  or that your named server is being attacked. A faulty nameserver configuration can cause this, and it'll tell you that it isn't well by logging messages to that affect at startup.  Another cause of named consuming large amounts of CPU time (and becoming unresponsive) is doing zone transfers to/from other servers that have botched configurations.

The other credible possibility would be that you are running a vulnerable copy of bind and it is being attacked.  To avoid that you need to be running either Bind 8.2.4 or Bind 9.1.3. And you need to include restrictions in your named.conf file to prevent zone transfers except to your slave servers.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
wifi not working on Raspberry Pi 3? 2 108
PHP error function not working on AWS 10 121
Linux 3 33
Enable SPF on IMSVA 6 17
SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question