Submitted by imcdona on Sat, 03/10/2018 - 13:37
Modifying a zone file, eg adding a DNS record, results in BIND reloading ALL zone files, clearing the cache and sending notifies to slave servers for all zones.
Modifications to a zone should result in an 'rndc reload domain.tld'
Adding a new zone should result in an 'rndc reconfig'
Status:
Closed (fixed)
Comments
Submitted by JamieCameron on Sat, 03/10/2018 - 13:59 Comment #1
That's what should happen already. Which page in Webmin / Virtualmin are you editing the DNS records on?
Submitted by imcdona on Sun, 03/11/2018 - 16:52 Comment #2
On the virtualmin tab, server configuration - - - > dns records.
Submitted by JamieCameron on Sun, 03/11/2018 - 17:11 Comment #3
If you run
rndc reload domain.tldfrom the command line, does it successfully reload this zone?Submitted by imcdona on Sun, 03/11/2018 - 17:25 Comment #4
Yes it does.
Submitted by imcdona on Mon, 03/12/2018 - 16:46 Comment #5
FWIW I tested adding a DNS record to a domain on a new install of Virtualmin and it's doing the same thing.
Submitted by JamieCameron on Mon, 03/12/2018 - 23:22 Comment #6
I'm not seeing this on my test CentOS 7 systems. What gets logged to
/var/log/messageswhen you update a DNS record?Submitted by imcdona on Tue, 03/13/2018 - 15:13 Comment #7
Here's the output when adding a record to example.com on a clean install of Virtualmin on Centos 7:
Mar 13 13:08:47 aricept systemd: Stopping Berkeley Internet Name Domain (DNS)...Mar 13 13:08:47 aricept named[3435]: received control channel command 'stop'
Mar 13 13:08:47 aricept named[3435]: shutting down: flushing changes
Mar 13 13:08:47 aricept named[3435]: stopping command channel on 127.0.0.1#953
Mar 13 13:08:47 aricept named[3435]: stopping command channel on ::1#953
Mar 13 13:08:47 aricept named[3435]: no longer listening on ::#53
Mar 13 13:08:47 aricept named[3435]: no longer listening on 127.0.0.1#53
Mar 13 13:08:47 aricept named[3435]: no longer listening on 10.30.31.5#53
Mar 13 13:08:47 aricept named[3435]: no longer listening on 10.4.96.5#53
Mar 13 13:08:47 aricept named[3435]: exiting
Mar 13 13:08:47 aricept systemd: Stopped Berkeley Internet Name Domain (DNS).
Mar 13 13:08:48 aricept systemd: Starting Generate rndc key for BIND (DNS)...
Mar 13 13:08:48 aricept systemd: Started Generate rndc key for BIND (DNS).
Mar 13 13:08:48 aricept systemd: Starting Berkeley Internet Name Domain (DNS)...
Mar 13 13:08:48 aricept bash: zone localhost.localdomain/IN: loaded serial 0
Mar 13 13:08:48 aricept bash: zone localhost/IN: loaded serial 0
Mar 13 13:08:48 aricept bash: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
Mar 13 13:08:48 aricept bash: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
Mar 13 13:08:48 aricept bash: zone 0.in-addr.arpa/IN: loaded serial 0
Mar 13 13:08:48 aricept bash: zone example.com/IN: loaded serial 1520971693
Mar 13 13:08:48 aricept named[3778]: starting BIND 9.9.4-RedHat-9.9.4-51.el7_4.2 -u named -c /etc/named.conf
Mar 13 13:08:48 aricept named[3778]: built with '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '--program-prefix=' '--disable-dependency-tracking' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--sharedstatedir=/var/lib' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-libtool' '--localstatedir=/var' '--enable-threads' '--with-geoip' '--enable-ipv6' '--enable-filter-aaaa' '--enable-rrl' '--with-pic' '--disable-static' '--disable-openssl-version-check' '--enable-exportlib' '--with-export-libdir=/usr/lib64' '--with-export-includedir=/usr/include' '--includedir=/usr/include/bind9' '--enable-native-pkcs11' '--with-pkcs11=/usr/lib64/pkcs11/libsofthsm2.so' '--with-dlopen=yes' '--with-dlz-ldap=yes' '--with-dlz-postgres=yes' '--with-dlz-mysql=yes' '--with-dlz-filesystem=yes' '--with-dlz-bdb=yes' '--with-gssapi=yes' '--disable-isc-spnego' '--enable-fixed-rrset' '--with-docbook-xsl=/usr/share/sgml/docbook/xsl-stylesheets' 'build_alias=x86_64-redhat-linux-gnu' 'host_alias=x86_64-redhat-linux-gnu' 'CFLAGS= -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic' 'LDFLAGS=-Wl,-z,relro ' 'CPPFLAGS= -DDIG_SIGCHASE'
Mar 13 13:08:48 aricept named[3778]: ----------------------------------------------------
Mar 13 13:08:48 aricept named[3778]: BIND 9 is maintained by Internet Systems Consortium,
Mar 13 13:08:48 aricept named[3778]: Inc. (ISC), a non-profit 501(c)(3) public-benefit
Mar 13 13:08:48 aricept named[3778]: corporation. Support and training for BIND 9 are
Mar 13 13:08:48 aricept named[3778]: available at https://www.isc.org/support
Mar 13 13:08:48 aricept named[3778]: ----------------------------------------------------
Mar 13 13:08:48 aricept named[3778]: adjusted limit on open files from 4096 to 1048576
Mar 13 13:08:48 aricept named[3778]: found 1 CPU, using 1 worker thread
Mar 13 13:08:48 aricept named[3778]: using 1 UDP listener per interface
Mar 13 13:08:48 aricept named[3778]: using up to 4096 sockets
Mar 13 13:08:48 aricept named[3778]: loading configuration from '/etc/named.conf'
Mar 13 13:08:48 aricept named[3778]: reading built-in trusted keys from file '/etc/named.iscdlv.key'
Mar 13 13:08:48 aricept named[3778]: initializing GeoIP Country (IPv4) (type 1) DB
Mar 13 13:08:48 aricept named[3778]: GEO-106FREE 20160607 Build 1 Copyright (c) 2016 MaxMind
Mar 13 13:08:48 aricept named[3778]: initializing GeoIP Country (IPv6) (type 12) DB
Mar 13 13:08:48 aricept named[3778]: GEO-106FREE 20160607 Build 1 Copy
Mar 13 13:08:48 aricept named[3778]: GeoIP City (IPv4) (type 2) DB not available
Mar 13 13:08:48 aricept named[3778]: GeoIP City (IPv4) (type 6) DB not available
Mar 13 13:08:48 aricept named[3778]: GeoIP City (IPv6) (type 30) DB not available
Mar 13 13:08:48 aricept named[3778]: GeoIP City (IPv6) (type 31) DB not available
Mar 13 13:08:48 aricept named[3778]: GeoIP Region (type 3) DB not available
Mar 13 13:08:48 aricept named[3778]: GeoIP Region (type 7) DB not available
Mar 13 13:08:48 aricept named[3778]: GeoIP ISP (type 4) DB not available
Mar 13 13:08:48 aricept named[3778]: GeoIP Org (type 5) DB not available
Mar 13 13:08:48 aricept named[3778]: GeoIP AS (type 9) DB not available
Mar 13 13:08:48 aricept named[3778]: GeoIP Domain (type 11) DB not available
Mar 13 13:08:48 aricept named[3778]: GeoIP NetSpeed (type 10) DB not available
Mar 13 13:08:48 aricept named[3778]: using default UDP/IPv4 port range: [1024, 65535]
Mar 13 13:08:48 aricept named[3778]: using default UDP/IPv6 port range: [1024, 65535]
Mar 13 13:08:48 aricept named[3778]: listening on IPv6 interfaces, port 53
Mar 13 13:08:48 aricept named[3778]: listening on IPv4 interface lo, 127.0.0.1#53
Mar 13 13:08:48 aricept named[3778]: listening on IPv4 interface eth0, 10.30.31.5#53
Mar 13 13:08:48 aricept named[3778]: listening on IPv4 interface eth1, 10.4.96.5#53
Mar 13 13:08:48 aricept named[3778]: generating session key for dynamic DNS
Mar 13 13:08:48 aricept named[3778]: sizing zone task pool based on 7 zones
Mar 13 13:08:48 aricept named[3778]: set up managed keys zone for view _default, file '/var/named/dynamic/managed-keys.bind'
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 10.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 16.172.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 17.172.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 18.172.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 19.172.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 20.172.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 21.172.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 22.172.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 23.172.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 24.172.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 25.172.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 26.172.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 27.172.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 28.172.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 29.172.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 30.172.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 31.172.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 168.192.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 64.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 65.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 66.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 67.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 68.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 69.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 70.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 71.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 72.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 73.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 74.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 75.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 76.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 77.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 78.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 79.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 80.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 81.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 82.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 83.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 84.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 85.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 86.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 87.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 88.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 89.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 90.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 91.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 92.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 93.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 94.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 95.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 96.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 97.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 98.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 99.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 100.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 101.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 102.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 103.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 104.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 105.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 106.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 107.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 108.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 109.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 110.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 111.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 112.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 113.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 114.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 115.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 116.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 117.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 118.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 119.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 120.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 121.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 122.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 123.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 124.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 125.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 126.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 127.100.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 127.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 254.169.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 100.51.198.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 113.0.203.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: D.F.IP6.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 8.E.F.IP6.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 9.E.F.IP6.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: A.E.F.IP6.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: B.E.F.IP6.ARPA
Mar 13 13:08:48 aricept named[3778]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
Mar 13 13:08:48 aricept named[3778]: command channel listening on 127.0.0.1#953
Mar 13 13:08:48 aricept named[3778]: command channel listening on ::1#953
Mar 13 13:08:48 aricept named[3778]: managed-keys-zone: loaded serial 5
Mar 13 13:08:48 aricept named[3778]: zone 0.in-addr.arpa/IN: loaded serial 0
Mar 13 13:08:48 aricept named[3778]: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
Mar 13 13:08:48 aricept systemd: Started Berkeley Internet Name Domain (DNS).
Mar 13 13:08:48 aricept named[3778]: zone localhost/IN: loaded serial 0
Mar 13 13:08:48 aricept named[3778]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
Mar 13 13:08:48 aricept named[3778]: zone localhost.localdomain/IN: loaded serial 0
Mar 13 13:08:48 aricept named[3778]: zone example.com/IN: loaded serial 1520971693
Mar 13 13:08:48 aricept named[3778]: all zones loaded
Mar 13 13:08:48 aricept named[3778]: running
Submitted by imcdona on Tue, 03/13/2018 - 16:25 Comment #8
I got it to do a proper "rndc reload" on a zone file change by clicking the "Setup RNDC" button in the BIND module which created /etc/rndc.conf and added the key to /etc/named.conf.
This shouldn't have been required though since /etc/rndc.key was already present and working properly (I tested by doing a "rndc reload" at the command line). The module didn't think I needed to setup RNDC either because it asked if I still wanted to proceed before setting up rndc with a warning that read in part
RNDC appears to be setup properly already, so you probably do not need to use this form.It appears that if /etc/rndc.key OR /etc/rndc.conf exists the module assumes that rndc is setup. Meanwhile in the bind module setup there'sFull path to the rndc.conf file /etc/rndc.confAdding a new domain still causes bind to restart though.
Submitted by JamieCameron on Wed, 03/14/2018 - 00:05 Comment #9
Ok, I suspect the issue is that Virtualmin runs
rndc -c /etc/rndc.conf, and before doing the setup that file wasn't actually valid.We'll update the check to test rndc properly.
Submitted by imcdona on Wed, 03/14/2018 - 08:46 Comment #10
That doesn't explain why bind is reloading when adding new zones though. Is that normal behavior?
Submitted by imcdona on Wed, 03/28/2018 - 10:15 Comment #11
Is this change slated for inclusion into Virtualmin at some point:
https://github.com/webmin/webmin/issues/870
Submitted by JamieCameron on Sat, 03/31/2018 - 13:15 Comment #12
Yes, BIND updates made by Virtualmin will be frozen and thawed in the next release.
Submitted by JamieCameron on Sat, 04/14/2018 - 17:37 Comment #13
This has been implemented for the next Webmin/Virtualmin releases
Submitted by IssueBot on Thu, 10/11/2018 - 20:07 Comment #14
Automatically closed - issue fixed for 2 weeks with no activity.