Исходное сообщение
"Зависает bind" Отправлено Vladimir, 06-Мрт-17 15:23
Hi, Since I have seen this issue resolved nowhere within Google results, I would like to post it here for future reference - its cause, how to work around it. Thanks for rwatson@ for his expertise. This is what I have seen on my own system: Nov 11 19:13:02 tarsier named[21464]: client 211.166.10.255#38500: error sending response: permission denied Which happens very frequently. ====== The cause: Some other system on the same subnet produced a DNS query, claiming it from the IP broadcast address (either full 1's or full 0's from the same subnet), and unicast to the system running a DNS service. named(8), in turn, attempts to respond the DNS query.  When sending out the response packet, the destination IP address would be that IP broadcast address.  The FreeBSD implementation (also other TCP/IP stacks I am aware of) does not permit this unless the socket have SO_BROADCAST, according to sendmsg(2) manual page. This EACCES would result in the messsage "error sending response: permission denied". Basically our TCP/IP stack is doing the right thing. ====== The workaround is to filter out the traffic from the offending host.  I am not yet aware of which operating system did that. Another workaround is to patch named (contrib/bind9/bin/named/client.c) around the log and disable the whole log thing. ====== The fix is to either fix the offending host or remove it. Cheers,

Ваше сообщение
Имя*:
EMail:	Для отправки новых сообщений в текущей нити на email укажите знак ! перед адресом, например, !user@host.ru (!! - не показывать email). Более тонкая настройка отправки ответов производится в профиле зарегистрированного участника форума.
Заголовок*:
Сообщение*:	> Hi, > Since I have seen this issue resolved nowhere within Google results, I > would like to post it here for future reference - its cause, > how to work > around it. > Thanks for rwatson@ for his expertise. > This is what I have seen on my own system: > Nov 11 19:13:02 tarsier named[21464]: client 211.166.10.255#38500: error > sending response: permission denied > Which happens very frequently. > ====== > The cause: > Some other system on the same subnet produced a DNS query, claiming > it > from the IP broadcast address (either full 1's or full 0's from > the same > subnet), and unicast to the system running a DNS service. > named(8), in turn, attempts to respond the DNS query. When sending > out > the response packet, the destination IP address would be that IP > broadcast address. The FreeBSD implementation (also other TCP/IP stacks > I am aware of) does not permit this unless the socket have > SO_BROADCAST, > according to sendmsg(2) manual page. > This EACCES would result in the messsage "error sending response: > permission denied". > Basically our TCP/IP stack is doing the right thing. > ====== > The workaround is to filter out the traffic from the offending host. > I > am not yet aware of which operating system did that. > Another workaround is to patch named (contrib/bind9/bin/named/client.c) > around the log and disable the whole log thing. > ====== > The fix is to either fix the offending host or remove it. > Cheers,
	Введите код, изображенный на картинке: