Malformed transaction errors

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Malformed transaction errors

@lbutlr
I am getting the following error on one specific domain and I am unsure how to fi it. Searching for the error lead to suggestions about not running multiple copies of bind on the same machine, but that is not the case here (and it is only affecting one domain).

named[652] malformed transaction: example.com.signed.jnl last serial 2018022385 != transaction first serial 2018022384
named[652] zone example.com/IN: zone_resigninc:dns_journal_write_transaction -> unexpected error
named[652] malformed transaction: example.com.signed.jnl last serial 2018022385 != transaction first serial 2018022384
named[652] zone example.com/IN: zone_resigninc:dns_journal_write_transaction -> unexpected error

If I put aside the jnl file and stop/start bind the error goes away, but eventually it comes back, always for the same domain.

(Setup is DNS primary on on machine and a secondary server on a separate machine. Errors are on the primary server.)

--
Thunder rolled... It rolled a six.

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: Malformed transaction errors

Matus UHLAR - fantomas
On 18.10.20 11:00, @lbutlr wrote:

>I am getting the following error on one specific domain and I am unsure how to fi it. Searching for the error lead to suggestions about not running multiple copies of bind on the same machine, but that is not the case here (and it is only affecting one domain).
>
>named[652] malformed transaction: example.com.signed.jnl last serial 2018022385 != transaction first serial 2018022384
>named[652] zone example.com/IN: zone_resigninc:dns_journal_write_transaction -> unexpected error
>named[652] malformed transaction: example.com.signed.jnl last serial 2018022385 != transaction first serial 2018022384
>named[652] zone example.com/IN: zone_resigninc:dns_journal_write_transaction -> unexpected error
>
>If I put aside the jnl file and stop/start bind the error goes away, but eventually it comes back, always for the same domain.
>
>(Setup is DNS primary on on machine and a secondary server on a separate machine. Errors are on the primary server.)

what's the primary server? maybe broken DNS implementation

--
Matus UHLAR - fantomas, [hidden email] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Remember half the people you know are below average.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: Malformed transaction errors

@lbutlr
On 19 Oct 2020, at 00:54, Matus UHLAR - fantomas <[hidden email]> wrote:

> On 18.10.20 11:00, @lbutlr wrote:
>> I am getting the following error on one specific domain and I am unsure how to fi it. Searching for the error lead to suggestions about not running multiple copies of bind on the same machine, but that is not the case here (and it is only affecting one domain).
>>
>> named[652] malformed transaction: example.com.signed.jnl last serial 2018022385 != transaction first serial 2018022384
>> named[652] zone example.com/IN: zone_resigninc:dns_journal_write_transaction -> unexpected error
>> named[652] malformed transaction: example.com.signed.jnl last serial 2018022385 != transaction first serial 2018022384
>> named[652] zone example.com/IN: zone_resigninc:dns_journal_write_transaction -> unexpected error
>>
>> If I put aside the jnl file and stop/start bind the error goes away, but eventually it comes back, always for the same domain.
>>
>> (Setup is DNS primary on on machine and a secondary server on a separate machine. Errors are on the primary server.)
>
> what's the primary server? maybe broken DNS implementation

Bind $CURRENT ((9.16.7)), though this has been happening sporadically for months.

Stopping and starting bind after removing the jnl files seems to fix it for quite awhile

Other than the logged error there seems to be no other side-effect of this, the domain continues to resolve. I suspect it might have something to do with the DNSEC self-updating, but that is only a guess based on the fact it takes a long time to recur.

--
Mirrors contain infinity. Infinity contains more things than you
        think. Everything, for a start. Including hunger. Because there's
        a million billion images, but only one soul to go around.
        --Witches Abroad

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: Malformed transaction errors

Bob McDonald
In reply to this post by @lbutlr
When you talk about "putting the .jnl file aside" what are you doing? Stopping named THEN deleting the .jnl file? Using rndc sync -clean <domain name> ? In the case of the rndc command, you don't need to cycle named.

What user is named running as? Are the directory permissions for the directory housing the .jnl file correct?

> I am getting the following error on one specific domain and I am unsure how to fi it. Searching for the error lead to suggestions about not running 
> multiple copies of bind on the same machine, but that is not the case here (and it is only affecting one domain).

> named[652] malformed transaction: example.com.signed.jnl last serial 2018022385 != transaction first serial 2018022384
> named[652] zone example.com/IN: zone_resigninc:dns_journal_write_transaction -> unexpected error
named[652] malformed transaction: example.com.signed.jnl last serial 2018022385 != transaction first serial 2018022384
> named[652] zone example.com/IN: zone_resigninc:dns_journal_write_transaction -> unexpected error

> If I put aside the jnl file and stop/start bind the error goes away, but eventually it comes back, always for the same domain.

> (Setup is DNS primary on on machine and a secondary server on a separate machine. Errors are on the primary server.)

> --
> Thunder rolled... It rolled a six.  

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: Malformed transaction errors

@lbutlr
On 19 Oct 2020, at 08:57, Bob McDonald <[hidden email]> wrote:
> When you talk about "putting the .jnl file aside" what are you doing? Stopping named THEN deleting the .jnl file?

I did not delete the file. I stopped named and moved the file, then restarted named. After everything seemed to be working, then I removed the file.

> Using rndc sync -clean <domain name> ? In the case of the rndc command, you don't need to cycle named.

That's good to know, will try the next time if goes pear-shaped.

> What user is named running as? Are the directory permissions for the directory housing the .jnl file correct?

There are many domains, all with same permissions (bind/bind).

--
And what rough beast, its hour come round at last,
Slouches towards Bethlehem to be born?

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users