bind listening on UDP port 53 using 2 fd

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

bind listening on UDP port 53 using 2 fd

Bernardo
Hi all,

Is it normal to see bind listening on UDP port 53 using 2 fd?

udp     UNCONN   0        0          192.168.10.100:53            0.0.0.0:*      users:(("named",pid=4205,fd=512))
udp     UNCONN   0        0          192.168.10.100:53            0.0.0.0:*      users:(("named",pid=4205,fd=15))
tcp     LISTEN   0        10         192.168.10.100:53            0.0.0.0:*      users:(("named",pid=4205,fd=17))
tcp     LISTEN   0        128             127.0.0.1:953           0.0.0.0:*      users:(("named",pid=4205,fd=21))

Does this make any sense?

According to "rndc status" command "UDP listeners per interface: 1"

# rndc status
version: BIND 9.16.6 (Stable Release) <id:25846cf>
running on ns2: Linux x86_64 5.3.18-lp152.60-default #1 SMP Tue Jan 12 23:10:31 UTC 2021 (9898712)
boot time: Sat, 23 Jan 2021 10:14:09 GMT
last configured: Sat, 23 Jan 2021 10:14:09 GMT
configuration file: /etc/named.conf (/var/lib/named/etc/named.conf)
CPUs found: 1
worker threads: 1
UDP listeners per interface: 1
number of zones: 156 (0 automatic)
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is ON
recursive clients: 0/900/1000
tcp clients: 0/150
TCP high-water: 1
server is up and running




-- 
Bernardo


Libre de virus. www.avast.com

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

[SOLVED] Re: bind listening on UDP port 53 using 2 fd

Bernardo
Hi all,

Finally I've found the solution.
The problem seems to be caused by a known issue since BIND version 9.16.1

Commenting out these lines in /etc/named.conf solves the issue:

query-source address 192.168.10.100;
notify-source 192.168.10.100 port 53;
transfer-source 192.168.10.100 port 53;

This problem causes other major problems with BIND (notify messages get lost, zone changes propagation takes longer, dynamic updates get lost, etc...)

Other related posts at [hidden email]:  
- See my post ( BIND ignores "packets received correctly" ) from January 2020
- Look also the post ( No response from localhost with "allow-query { any; };"  ) from September 2020

Notes for BIND 9.16.1
Known Issues
UDP network ports used for listening can no longer simultaneously be used for sending traffic. An example configuration which triggers this issue would be one which uses the same address:port pair for listen-on(-v6) statements as for notify-source(-v6) or transfer-source(-v6). While this issue affects all operating systems, it only triggers log messages (e.g. “unable to create dispatch for reserved port”) on some of them. There are currently no plans to make such a combination of settings work again.

Hope this helps someone else to avoid loosing a lot of time.

Regards,

-- 
Bernardo

El sáb, 23 ene 2021 a las 11:35, Bernardo (<[hidden email]>) escribió:
Hi all,

Is it normal to see bind listening on UDP port 53 using 2 fd?

udp     UNCONN   0        0          192.168.10.100:53            0.0.0.0:*      users:(("named",pid=4205,fd=512))
udp     UNCONN   0        0          192.168.10.100:53            0.0.0.0:*      users:(("named",pid=4205,fd=15))
tcp     LISTEN   0        10         192.168.10.100:53            0.0.0.0:*      users:(("named",pid=4205,fd=17))
tcp     LISTEN   0        128             127.0.0.1:953           0.0.0.0:*      users:(("named",pid=4205,fd=21))

Does this make any sense?

According to "rndc status" command "UDP listeners per interface: 1"

# rndc status
version: BIND 9.16.6 (Stable Release) <id:25846cf>
running on ns2: Linux x86_64 5.3.18-lp152.60-default #1 SMP Tue Jan 12 23:10:31 UTC 2021 (9898712)
boot time: Sat, 23 Jan 2021 10:14:09 GMT
last configured: Sat, 23 Jan 2021 10:14:09 GMT
configuration file: /etc/named.conf (/var/lib/named/etc/named.conf)
CPUs found: 1
worker threads: 1
UDP listeners per interface: 1
number of zones: 156 (0 automatic)
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is ON
recursive clients: 0/900/1000
tcp clients: 0/150
TCP high-water: 1
server is up and running




-- 
Bernardo


Libre de virus. www.avast.com


--
Bernardo

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: [SOLVED] Re: bind listening on UDP port 53 using 2 fd

Matus UHLAR - fantomas
On 23.01.21 12:44, Bernardo wrote:
>Finally I've found the solution.
>The problem seems to be caused by a known issue since BIND version 9.16.1
>
>Commenting out these lines in /etc/named.conf solves the issue:
>
>query-source address 192.168.10.100;
>notify-source 192.168.10.100 port 53;
>transfer-source 192.168.10.100 port 53;

this should not cause a problem and may cause troubles when 192.168.10.100
is not the primary address.

the "port 53" is usually useless (unless you have stateless firewall) and
may be what caused your problem.

--
Matus UHLAR - fantomas, [hidden email] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Support bacteria - they're the only culture some people have.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: [SOLVED] Re: bind listening on UDP port 53 using 2 fd

Bernardo
Hi Matus,

Yes. This causes serious problems.

The problem is that these perfectly valid configuration lines in /etc/named.conf file (provided that 192.168.10.100 is the IPv4 address of your DNS server, it doesn't matter if it is a primary or secondary) will cause you a lot of trouble.

query-source address 192.168.10.100;
notify-source 192.168.10.100 port 53;
transfer-source 192.168.10.100 port 53;

These configuration lines will cause you problems as described in my post ( BIND ignores "packets received correctly" ) from January 2020.

It seems that this is a know issue since BIND 9.16.1 version: UDP network ports used for listening can no longer simultaneously be used for sending traffic.

Prior to this BIND version these very same configuration lines worked fine.

As I said, I hope this warning helps someone else to avoid loosing a lot of time trying to find out what is happening to their DNS servers running BIND 9.16.1+

Regards,

Libre de virus. www.avast.com

El lun, 25 ene 2021 a las 11:13, Matus UHLAR - fantomas (<[hidden email]>) escribió:
On 23.01.21 12:44, Bernardo wrote:
>Finally I've found the solution.
>The problem seems to be caused by a known issue since BIND version 9.16.1
>
>Commenting out these lines in /etc/named.conf solves the issue:
>
>query-source address 192.168.10.100;
>notify-source 192.168.10.100 port 53;
>transfer-source 192.168.10.100 port 53;

this should not cause a problem and may cause troubles when 192.168.10.100
is not the primary address.

the "port 53" is usually useless (unless you have stateless firewall) and
may be what caused your problem.

--
Matus UHLAR - fantomas, [hidden email] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Support bacteria - they're the only culture some people have.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users


--
Bernardo

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: [SOLVED] Re: bind listening on UDP port 53 using 2 fd

Matus UHLAR - fantomas
On 25.01.21 14:05, Bernardo wrote:

>Yes. This causes serious problems.
>
>The problem is that these perfectly valid configuration lines in
>/etc/named.conf file (provided that 192.168.10.100 is the IPv4 address of
>your DNS server, it doesn't matter if it is a primary or secondary) will
>cause you a lot of trouble.
>
>query-source address 192.168.10.100;
>notify-source 192.168.10.100 port 53;
>transfer-source 192.168.10.100 port 53;
>
>These configuration lines will cause you problems as described in my post (
>BIND ignores "packets received correctly" ) from January 2020.
>
>It seems that this is a know issue since BIND 9.16.1 version: UDP network
>ports used for listening can no longer simultaneously be used for sending
>traffic.

which means, that the "port 53" is what causes problems and the rest can
stay there.

If you only have interace address "192.168.10.100" (except loopback, if
course), or if that is the primary address of your interface, those
defitions are useless, otherwise you should keep them there.

>El lun, 25 ene 2021 a las 11:13, Matus UHLAR - fantomas (<[hidden email]>)
>escribió:
>
>> On 23.01.21 12:44, Bernardo wrote:
>> >Finally I've found the solution.
>> >The problem seems to be caused by a known issue since BIND version 9.16.1
>> >
>> >Commenting out these lines in /etc/named.conf solves the issue:
>> >
>> >query-source address 192.168.10.100;
>> >notify-source 192.168.10.100 port 53;
>> >transfer-source 192.168.10.100 port 53;
>>
>> this should not cause a problem and may cause troubles when 192.168.10.100
>> is not the primary address.
>>
>> the "port 53" is usually useless (unless you have stateless firewall) and
>> may be what caused your problem.


--
Matus UHLAR - fantomas, [hidden email] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Fucking windows! Bring Bill Gates! (Southpark the movie)
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: [SOLVED] Re: bind listening on UDP port 53 using 2 fd

Bernardo
Again, the problem here is that perfectly valid configuration lines in /etc/named.conf would cause serious trouble.

BIND 9.16.1.+ DNS admins should be aware of it.

So that's the reason I wrote this post.

Regards,

Libre de virus. www.avast.com

El lun, 25 ene 2021 a las 14:33, Matus UHLAR - fantomas (<[hidden email]>) escribió:
On 25.01.21 14:05, Bernardo wrote:
>Yes. This causes serious problems.
>
>The problem is that these perfectly valid configuration lines in
>/etc/named.conf file (provided that 192.168.10.100 is the IPv4 address of
>your DNS server, it doesn't matter if it is a primary or secondary) will
>cause you a lot of trouble.
>
>query-source address 192.168.10.100;
>notify-source 192.168.10.100 port 53;
>transfer-source 192.168.10.100 port 53;
>
>These configuration lines will cause you problems as described in my post (
>BIND ignores "packets received correctly" ) from January 2020.
>
>It seems that this is a know issue since BIND 9.16.1 version: UDP network
>ports used for listening can no longer simultaneously be used for sending
>traffic.

which means, that the "port 53" is what causes problems and the rest can
stay there.

If you only have interace address "192.168.10.100" (except loopback, if
course), or if that is the primary address of your interface, those
defitions are useless, otherwise you should keep them there.

>El lun, 25 ene 2021 a las 11:13, Matus UHLAR - fantomas (<[hidden email]>)
>escribió:
>
>> On 23.01.21 12:44, Bernardo wrote:
>> >Finally I've found the solution.
>> >The problem seems to be caused by a known issue since BIND version 9.16.1
>> >
>> >Commenting out these lines in /etc/named.conf solves the issue:
>> >
>> >query-source address 192.168.10.100;
>> >notify-source 192.168.10.100 port 53;
>> >transfer-source 192.168.10.100 port 53;
>>
>> this should not cause a problem and may cause troubles when 192.168.10.100
>> is not the primary address.
>>
>> the "port 53" is usually useless (unless you have stateless firewall) and
>> may be what caused your problem.


--
Matus UHLAR - fantomas, [hidden email] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Fucking windows! Bring Bill Gates! (Southpark the movie)
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users


--
Bernardo

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: [SOLVED] Re: bind listening on UDP port 53 using 2 fd

Matus UHLAR - fantomas
On 26.01.21 12:04, Bernardo wrote:
>Again, the problem here is that perfectly valid configuration lines in
>/etc/named.conf would cause serious trouble.

again, the "port 53" is what causes the problem.

The rest is okay.
Using those options without "port 53" is okay too.


>El lun, 25 ene 2021 a las 14:33, Matus UHLAR - fantomas (<[hidden email]>)
>escribió:
>
>> On 25.01.21 14:05, Bernardo wrote:
>> >Yes. This causes serious problems.
>> >
>> >The problem is that these perfectly valid configuration lines in
>> >/etc/named.conf file (provided that 192.168.10.100 is the IPv4 address of
>> >your DNS server, it doesn't matter if it is a primary or secondary) will
>> >cause you a lot of trouble.
>> >
>> >query-source address 192.168.10.100;
>> >notify-source 192.168.10.100 port 53;
>> >transfer-source 192.168.10.100 port 53;
>> >
>> >These configuration lines will cause you problems as described in my post
>> (
>> >BIND ignores "packets received correctly" ) from January 2020.
>> >
>> >It seems that this is a know issue since BIND 9.16.1 version: UDP network
>> >ports used for listening can no longer simultaneously be used for sending
>> >traffic.
>>
>> which means, that the "port 53" is what causes problems and the rest can
>> stay there.
>>
>> If you only have interace address "192.168.10.100" (except loopback, if
>> course), or if that is the primary address of your interface, those
>> defitions are useless, otherwise you should keep them there.
>>
>> >El lun, 25 ene 2021 a las 11:13, Matus UHLAR - fantomas (<
>> [hidden email]>)
>> >escribió:
>> >
>> >> On 23.01.21 12:44, Bernardo wrote:
>> >> >Finally I've found the solution.
>> >> >The problem seems to be caused by a known issue since BIND version
>> 9.16.1
>> >> >
>> >> >Commenting out these lines in /etc/named.conf solves the issue:
>> >> >
>> >> >query-source address 192.168.10.100;
>> >> >notify-source 192.168.10.100 port 53;
>> >> >transfer-source 192.168.10.100 port 53;
>> >>
>> >> this should not cause a problem and may cause troubles when
>> 192.168.10.100
>> >> is not the primary address.
>> >>
>> >> the "port 53" is usually useless (unless you have stateless firewall)
>> and
>> >> may be what caused your problem.


--
Matus UHLAR - fantomas, [hidden email] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
"They say when you play that M$ CD backward you can hear satanic messages."
"That's nothing. If you play it forward it will install Windows."
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users