On 12/24/23 18:09, David C. Rankin wrote:
On 12/23/23 13:09, Marc Chamberlin via openSUSE Users wrote:
Hi OpenSuSE, Can any expert on named (bind) tell me why I am getting the following warnings whenever I restart my named.service, and how to fix?
Operating System: openSUSE Leap 15.4 KDE Plasma Version: 5.24.4 KDE Frameworks Version: 5.90.0 Qt Version: 5.15.2 Kernel Version: 5.14.21-150400.24.100-default (64-bit) Graphics Platform: X11 Processors: 12 × Intel® Xeon® CPU E5-1650 v3 @ 3.50GHz Memory: 62.7 GiB of RAM Graphics Processor: Quadro K420/PCIe/SSE2
Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.150 general: warning: checkhints: view external: b.root-servers.net/A (170.247.170.2) missing from hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.150 general: warning: checkhints: view external: b.root-servers.net/A (199.9.14.201) extra record in hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.150 general: warning: checkhints: view external: b.root-servers.net/AAAA (2801:1b8:10::b) missing from hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.150 general: warning: checkhints: view external: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.526 general: warning: checkhints: view internal: b.root-servers.net/A (170.247.170.2) missing from hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.526 general: warning: checkhints: view internal: b.root-servers.net/A (199.9.14.201) extra record in hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.526 general: warning: checkhints: view internal: b.root-servers.net/AAAA (2801:1b8:10::b) missing from hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.526 general: warning: checkhints: view internal: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints
Thanks as always, in advance, for helping me solve this puzzle... Marc...
That is because several years ago, bind dropped the requirement for a root.hint file (or named.ca) and provides a compiled-in set of addresses. See: https://bind9.readthedocs.io/en/stable/reference.html under "type hint". All newer versions of bind no longer need it, but can use it if you provide one. In the past you had to provide root.hint that contained, e.g.
. 3600000 IN NS A.ROOT-SERVERS.NET. A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:BA3E::2:30 ; ; FORMERLY NS1.ISI.EDU ; . 3600000 NS B.ROOT-SERVERS.NET. B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 ; ; FORMERLY C.PSI.NET ; . 3600000 NS C.ROOT-SERVERS.NET. C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 <snip>
That file was eliminated from being included in many distro packages for that reason. I haven't checked openSUSE lately, but Arch no longer provides one. Basically, when named runs now, it is smart enough to figure out what the root servers are an caches the information.
You can generate a new cashe file if your build requires it with, e.g.
dig +bufsize=1200 +norec NS . @a.root-servers.net > named.ca
It's probably been 10 years since it went away on Arch.
Thanks David, I regenerated the roots.hints file as you suggested and restarted named.service both with the new roots.hints file and without it. Didn't make any difference. Sigh... Marc... -- *"The Truth is out there" - Spooky* -- *_ _ . . . . . . _ _ . _ _ _ _ . . . . _ . . . . _ _ . _ _ _ . . . . _ _ . _ . . _ . _ _ _ _ . _ . _ . _ . _ . * Computers: the final frontier. These are the voyages of the user Marc. His mission: to explore strange new hardware. To seek out new software and new applications. To boldly go where no Marc has gone before! (/This email is digitally signed. My public key for sending encrypted email to me can be found at - https://keys.openpgp.org/search?q=marc@domesweetdome.us.com or just ask me for it and I will send it to you as an attachment. If you don't understand, no worries, just ignore it and/or ask me to explain it further./)