A little help with named needed
Hi OpenSuSE, Can any expert on named (bind) tell me why I am getting the following warnings whenever I restart my named.service, and how to fix? Operating System: openSUSE Leap 15.4 KDE Plasma Version: 5.24.4 KDE Frameworks Version: 5.90.0 Qt Version: 5.15.2 Kernel Version: 5.14.21-150400.24.100-default (64-bit) Graphics Platform: X11 Processors: 12 × Intel® Xeon® CPU E5-1650 v3 @ 3.50GHz Memory: 62.7 GiB of RAM Graphics Processor: Quadro K420/PCIe/SSE2 Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.150 general: warning: checkhints: view external: b.root-servers.net/A (170.247.170.2) missing from hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.150 general: warning: checkhints: view external: b.root-servers.net/A (199.9.14.201) extra record in hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.150 general: warning: checkhints: view external: b.root-servers.net/AAAA (2801:1b8:10::b) missing from hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.150 general: warning: checkhints: view external: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.526 general: warning: checkhints: view internal: b.root-servers.net/A (170.247.170.2) missing from hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.526 general: warning: checkhints: view internal: b.root-servers.net/A (199.9.14.201) extra record in hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.526 general: warning: checkhints: view internal: b.root-servers.net/AAAA (2801:1b8:10::b) missing from hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.526 general: warning: checkhints: view internal: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints Thanks as always, in advance, for helping me solve this puzzle... Marc... -- --... ...-- .----. ... -.. . .-- .- --... .--. -..- .-- -- .- .-. -.-. <b>Computers: the final frontier. These are the voyages of the user Marc.<br> His mission: to explore strange new hardware. To seek out new software and new applications.<br> To boldly go where no Marc has gone before!<br></b>
On 2023-12-23 20:09, Marc Chamberlin via openSUSE Users wrote:
Hi OpenSuSE, Can any expert on named (bind) tell me why I am getting the following warnings whenever I restart my named.service, and how to fix?
Operating System: openSUSE Leap 15.4 KDE Plasma Version: 5.24.4 KDE Frameworks Version: 5.90.0 Qt Version: 5.15.2 Kernel Version: 5.14.21-150400.24.100-default (64-bit) Graphics Platform: X11 Processors: 12 × Intel® Xeon® CPU E5-1650 v3 @ 3.50GHz Memory: 62.7 GiB of RAM Graphics Processor: Quadro K420/PCIe/SSE2
Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.150 general: warning: checkhints: view external: b.root-servers.net/A (170.247.170.2) missing from hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.150 general: warning: checkhints: view external: b.root-servers.net/A (199.9.14.201) extra record in hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.150 general: warning: checkhints: view external: b.root-servers.net/AAAA (2801:1b8:10::b) missing from hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.150 general: /> warning: checkhints: view external: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.526 general: warning: checkhints: view internal: b.root-servers.net/A (170.247.170.2) missing from hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.526 general: warning: checkhints: view internal: b.root-servers.net/A (199.9.14.201) extra record in hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.526 general: warning: checkhints: view internal: b.root-servers.net/AAAA (2801:1b8:10::b) missing from hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.526 general: warning: checkhints: view internal: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints
I see that error, too. File "/var/lib/named/root.hint" provided by distro must have an error. ; FORMERLY NS1.ISI.EDU ; . 3600000 NS B.ROOT-SERVERS.NET. B.ROOT-SERVERS.NET. 3600000 A 199.9.14.201 B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:200::b Address 2001:500:200::b probably has changed to 2801:1b8:10::b, and 199.9.14.201 to 170.247.170.2. This is worth a bugzilla, but it is is Leap 15.4 -- Cheers / Saludos, Carlos E. R. (from 15.4 x86_64 at Telcontar)
On 12/23/23 13:09, Marc Chamberlin via openSUSE Users wrote:
Hi OpenSuSE, Can any expert on named (bind) tell me why I am getting the following warnings whenever I restart my named.service, and how to fix?
Operating System: openSUSE Leap 15.4 KDE Plasma Version: 5.24.4 KDE Frameworks Version: 5.90.0 Qt Version: 5.15.2 Kernel Version: 5.14.21-150400.24.100-default (64-bit) Graphics Platform: X11 Processors: 12 × Intel® Xeon® CPU E5-1650 v3 @ 3.50GHz Memory: 62.7 GiB of RAM Graphics Processor: Quadro K420/PCIe/SSE2
Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.150 general: warning: checkhints: view external: b.root-servers.net/A (170.247.170.2) missing from hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.150 general: warning: checkhints: view external: b.root-servers.net/A (199.9.14.201) extra record in hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.150 general: warning: checkhints: view external: b.root-servers.net/AAAA (2801:1b8:10::b) missing from hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.150 general: warning: checkhints: view external: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.526 general: warning: checkhints: view internal: b.root-servers.net/A (170.247.170.2) missing from hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.526 general: warning: checkhints: view internal: b.root-servers.net/A (199.9.14.201) extra record in hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.526 general: warning: checkhints: view internal: b.root-servers.net/AAAA (2801:1b8:10::b) missing from hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.526 general: warning: checkhints: view internal: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints
Thanks as always, in advance, for helping me solve this puzzle... Marc...
That is because several years ago, bind dropped the requirement for a root.hint file (or named.ca) and provides a compiled-in set of addresses. See: https://bind9.readthedocs.io/en/stable/reference.html under "type hint". All newer versions of bind no longer need it, but can use it if you provide one. In the past you had to provide root.hint that contained, e.g. . 3600000 IN NS A.ROOT-SERVERS.NET. A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:BA3E::2:30 ; ; FORMERLY NS1.ISI.EDU ; . 3600000 NS B.ROOT-SERVERS.NET. B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 ; ; FORMERLY C.PSI.NET ; . 3600000 NS C.ROOT-SERVERS.NET. C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 <snip> That file was eliminated from being included in many distro packages for that reason. I haven't checked openSUSE lately, but Arch no longer provides one. Basically, when named runs now, it is smart enough to figure out what the root servers are an caches the information. You can generate a new cashe file if your build requires it with, e.g. dig +bufsize=1200 +norec NS . @a.root-servers.net > named.ca It's probably been 10 years since it went away on Arch. -- David C. Rankin, J.D.,P.E.
On 2023-12-25 03:09, David C. Rankin wrote:
On 12/23/23 13:09, Marc Chamberlin via openSUSE Users wrote:
...
That file was eliminated from being included in many distro packages for that reason. I haven't checked openSUSE lately, but Arch no longer provides one. Basically, when named runs now, it is smart enough to figure out what the root servers are an caches the information.
Leap 15.4 includes it officially: cer@Isengard:~> rpm -ql bind | grep hint /usr/share/factory/var/lib/named/root.hint /var/lib/named/root.hint cer@Isengard:~> cer@Isengard:~> rpm -qf /var/lib/named/root.hint bind-9.16.44-150400.5.37.2.x86_64 cer@Isengard:~> AFAIK, the error is only printed during startup. cer@Isengard:~> grep checkhints: /var/log/warn | tail ... <3.4> 2023-12-20T19:19:29.235130+01:00 Isengard named 1989 - - checkhints: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints -- Cheers / Saludos, Carlos E. R. (from 15.4 x86_64 at Telcontar)
On 12/25/23 04:48, Carlos E. R. wrote:
On 2023-12-25 03:09, David C. Rankin wrote:
On 12/23/23 13:09, Marc Chamberlin via openSUSE Users wrote:
...
That file was eliminated from being included in many distro packages for that reason. I haven't checked openSUSE lately, but Arch no longer provides one. Basically, when named runs now, it is smart enough to figure out what the root servers are an caches the information.
Leap 15.4 includes it officially:
cer@Isengard:~> rpm -ql bind | grep hint /usr/share/factory/var/lib/named/root.hint /var/lib/named/root.hint cer@Isengard:~>
cer@Isengard:~> rpm -qf /var/lib/named/root.hint bind-9.16.44-150400.5.37.2.x86_64 cer@Isengard:~>
AFAIK, the error is only printed during startup.
Thanks Carlos for responding, much appreciated. Yeah the error is only printed during startup, I am delivering a system to a client and I just don't like delivering something that has startup warnings or errors. It is not critical, just not professional is all... I am prototyping on one of my own systems and after installing bind I noticed these warnings on startup and was just trying to clean things up for him. I will trying upgrading to 15.5 and see if that makes a difference but that may bring about an number of new errors/problems so am a bit hesitant to do so.. Upgrades always do that to me.... Marc...
cer@Isengard:~> grep checkhints: /var/log/warn | tail ... <3.4> 2023-12-20T19:19:29.235130+01:00 Isengard named 1989 - - checkhints: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints
-- *"The Truth is out there" - Spooky* -- *_ _ . . . . . . _ _ . _ _ _ _ . . . . _ . . . . _ _ . _ _ _ . . . . _ _ . _ . . _ . _ _ _ _ . _ . _ . _ . _ . * Computers: the final frontier. These are the voyages of the user Marc. His mission: to explore strange new hardware. To seek out new software and new applications. To boldly go where no Marc has gone before! (/This email is digitally signed. My public key for sending encrypted email to me can be found at - https://keys.openpgp.org/search?q=marc@domesweetdome.us.com or just ask me for it and I will send it to you as an attachment. If you don't understand, no worries, just ignore it and/or ask me to explain it further./)
On 12/24/23 18:09, David C. Rankin wrote:
On 12/23/23 13:09, Marc Chamberlin via openSUSE Users wrote:
Hi OpenSuSE, Can any expert on named (bind) tell me why I am getting the following warnings whenever I restart my named.service, and how to fix?
Operating System: openSUSE Leap 15.4 KDE Plasma Version: 5.24.4 KDE Frameworks Version: 5.90.0 Qt Version: 5.15.2 Kernel Version: 5.14.21-150400.24.100-default (64-bit) Graphics Platform: X11 Processors: 12 × Intel® Xeon® CPU E5-1650 v3 @ 3.50GHz Memory: 62.7 GiB of RAM Graphics Processor: Quadro K420/PCIe/SSE2
Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.150 general: warning: checkhints: view external: b.root-servers.net/A (170.247.170.2) missing from hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.150 general: warning: checkhints: view external: b.root-servers.net/A (199.9.14.201) extra record in hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.150 general: warning: checkhints: view external: b.root-servers.net/AAAA (2801:1b8:10::b) missing from hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.150 general: warning: checkhints: view external: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.526 general: warning: checkhints: view internal: b.root-servers.net/A (170.247.170.2) missing from hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.526 general: warning: checkhints: view internal: b.root-servers.net/A (199.9.14.201) extra record in hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.526 general: warning: checkhints: view internal: b.root-servers.net/AAAA (2801:1b8:10::b) missing from hints Dec 23 10:46:39 quasar named[29164]: 23-Dec-2023 10:46:39.526 general: warning: checkhints: view internal: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints
Thanks as always, in advance, for helping me solve this puzzle... Marc...
That is because several years ago, bind dropped the requirement for a root.hint file (or named.ca) and provides a compiled-in set of addresses. See: https://bind9.readthedocs.io/en/stable/reference.html under "type hint". All newer versions of bind no longer need it, but can use it if you provide one. In the past you had to provide root.hint that contained, e.g.
. 3600000 IN NS A.ROOT-SERVERS.NET. A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:BA3E::2:30 ; ; FORMERLY NS1.ISI.EDU ; . 3600000 NS B.ROOT-SERVERS.NET. B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 ; ; FORMERLY C.PSI.NET ; . 3600000 NS C.ROOT-SERVERS.NET. C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 <snip>
That file was eliminated from being included in many distro packages for that reason. I haven't checked openSUSE lately, but Arch no longer provides one. Basically, when named runs now, it is smart enough to figure out what the root servers are an caches the information.
You can generate a new cashe file if your build requires it with, e.g.
dig +bufsize=1200 +norec NS . @a.root-servers.net > named.ca
It's probably been 10 years since it went away on Arch.
Thanks David, I regenerated the roots.hints file as you suggested and restarted named.service both with the new roots.hints file and without it. Didn't make any difference. Sigh... Marc... -- *"The Truth is out there" - Spooky* -- *_ _ . . . . . . _ _ . _ _ _ _ . . . . _ . . . . _ _ . _ _ _ . . . . _ _ . _ . . _ . _ _ _ _ . _ . _ . _ . _ . * Computers: the final frontier. These are the voyages of the user Marc. His mission: to explore strange new hardware. To seek out new software and new applications. To boldly go where no Marc has gone before! (/This email is digitally signed. My public key for sending encrypted email to me can be found at - https://keys.openpgp.org/search?q=marc@domesweetdome.us.com or just ask me for it and I will send it to you as an attachment. If you don't understand, no worries, just ignore it and/or ask me to explain it further./)
participants (3)
-
Carlos E. R. -
David C. Rankin -
Marc Chamberlin