ISC Open Source Projects issues
https://gitlab.isc.org/groups/isc-projects/-/issues
2020-12-05T19:23:20Z
https://gitlab.isc.org/isc-projects/bind9/-/issues/2339
netmgr memory - assertion failed
2020-12-05T19:23:20Z
Štefan Bosák
netmgr memory - assertion failed
### Summary
Bind9 netmgr memory - assertion failed
### BIND version used
BIND 9.17.7 (Development Release) <id:ed85d06>
running on Windows 10 0 build 19041 662 for x64
built by MSVC 1916 with 'with-tools-version=15.0 with-platform-to...
### Summary
Bind9 netmgr memory - assertion failed
### BIND version used
BIND 9.17.7 (Development Release) <id:ed85d06>
running on Windows 10 0 build 19041 662 for x64
built by MSVC 1916 with 'with-tools-version=15.0 with-platform-toolset=v141 with-platform-version=10.0.17763.0 with-vcredist=C:/Program\ Files\ (x86)/Microsoft\ Visual\ Studio/2017/BuildTools/VC/Redist/MSVC/14.16.27012/vcredist_x64.exe with-openssl=C:/OpenSSL with-libxml2=C:/libxml2 with-libuv=C:/libuv without-python with-system-tests x64'
compiled by MSVC 1916
compiled with OpenSSL version: OpenSSL 1.1.1h 22 Sep 2020
linked to OpenSSL version: OpenSSL 1.1.1h 22 Sep 2020
compiled with libuv version: 1.40.0
linked to libuv version: 1.40.0
compiled with libxml2 version: 2.9.10
linked to libxml2 version: 20910
threads support is enabled
default paths:
named configuration: C:\var\bind\etc\named.conf
rndc configuration: C:\var\bind\etc\rndc.conf
DNSSEC root key: C:\var\bind\etc\bind.keys
nsupdate session key: C:\var\bind\etc\session.key
named PID file: C:\var\bind\etc\named.pid
named lock file: C:\var\bind\etc\named.lock
### Steps to reproduce
Running Bind9 on Windows 10 Pro Version 20H2 (OS Build 19042.662)
on localhost as local resolver in forwarder mode to optimize traffic, latences, ...
### What is the current *bug* behavior?
Bind9 service crashed (is not running).
### What is the expected *correct* behavior?
BIND 9.17.7 should run without any problems.
BIND 9.17.6 worked without problems using the similar configuration
except DOT (DNS over TLS) which is supported from version 9.17.7.
### Relevant configuration files
Running bind9 using following configurations (keys and similar privacy stuff have been removed):
Note: I do not know why code markdowns are not used correcly.
``
include "c:\var\bind\etc\named.conf.acl";
include "c:\var\bind\etc\named.conf.controls";
include "c:\var\bind\etc\named.conf.options";
include "c:\var\bind\etc\named.conf.logging";
include "c:\var\bind\etc\named.conf.localhost";
include "c:\var\bind\etc\named.conf.chaos";
include "c:\var\bind\etc\named.conf.root";
tls "localhost-tls" {
cert-file "C:\var\bind\etc\server.crt";
key-file "C:\var\bind\etc\server.key";
};
options {
hostname "null";
version "not disclosed";
directory "C:\\var\\bind\\etc\\";
listen-on {
localhost_ipv4;
};
listen-on tls "localhost-tls" {
localhost_ipv4;
};
listen-on-v6 {
none;
};
listen-on-v6 tls "localhost-tls" {
none;
};
recursion no;
recursive-clients 64;
forwarders {
// Quad9 (with EDNS, support DOH)
9.9.9.11; //dns11.quad9.net
149.112.112.11; //dns11.quad9.net
//2620:fe::11; //dns11.quad9.net
//2620:fe::fe:11; //dns11.quad9.net
// OpenDNS (with EDNS, no support for DOH - need to use doh.opendns.com)
//208.67.222.222; //resolver1.opendns.com
//208.67.220.220; //resolver2.opendns.com
//2620:119:35::35; //resolver1.opendns.com
//2620:119:53::53; //resolver2.opendns.com
// Cloudflare (with EDNS, support for DOH)
//1.1.1.1; //one.one.one.one
//1.0.0.1; //one.one.one.one
//2606:4700:4700::1111; //one.one.one.one
//2606:4700:4700::1001; //one.one.one.one
// Google DNS (with EDNS, support for DOH)
//8.8.8.8; //dns.google
//8.8.4.4; //dns.google
//2001:4860:4860::8888; //dns.google
//2001:4860:4860::8844; //dns.google
};
forward only;
allow-notify { none; };
allow-recursion { none; };
allow-recursion-on { none; };
allow-query { none; };
allow-query-on { none; };
allow-query-cache { none; };
allow-query-cache-on { none; };
allow-transfer { none; };
allow-update { none; };
allow-update-forwarding { none; };
deny-answer-addresses {
0.0.0.0/8;
10.0.0.0/8;
127.0.0.0/8;
172.16.0.0/12;
192.168.0.0/16;
169.254.0.0/16;
192.0.0.0/24;
192.0.2.0/24;
192.0.0.0/29;
192.0.0.8/32;
192.0.0.170/32;
192.0.0.171/32;
192.52.193.0/24;
198.18.0.0/15;
198.51.100.0/24;
203.0.113.0/24;
224.0.0.0/4;
240.0.0.0/4;
255.255.255.255/32;
::/128;
::1/128;
::ffff:0:0/96;
100::/64;
64:ff9b::/96;
2001:2::/48;
2001:3::/32;
2001:db8::/32;
2001:10::/28;
2001:20::/28;
fc00::/7;
fe80::/10;
ff00::/8;
} except-from {"<obfuscated>";};
blackhole {
!127.0.0.1/32;
0.0.0.0/8;
10.0.0.0/8;
127.0.0.0/8;
172.16.0.0/12;
169.254.0.0/16;
192.168.0.0/16;
192.0.0.0/24;
192.0.2.0/24;
192.0.0.0/29;
192.0.0.8/32;
192.0.0.170/32;
192.0.0.171/32;
192.168.0.0/16;
192.52.193.0/24;
198.18.0.0/15;
198.51.100.0/24;
203.0.113.0/24;
224.0.0.0/4;
240.0.0.0/4;
255.255.255.255/32;
::/128;
::1/128;
::ffff:0:0/96;
100::/64;
64:ff9b::/96;
2001:2::/48;
2001:3::/32;
2001:db8::/32;
2001:10::/28;
2001:20::/28;
fc00::/7;
fe80::/10;
ff00::/8;
};
rate-limit {
responses-per-second 16;
log-only yes;
};
zone-statistics true;
minimal-any yes;
minimal-responses yes;
transfer-format many-answers;
provide-ixfr yes;
ixfr-from-differences yes;
qname-minimization relaxed;
dnssec-validation auto;
empty-zones-enable no;
max-cache-size 512m;
max-cache-ttl 60;
max-ncache-ttl 60;
tcp-listen-queue 0;
interface-interval 0;
heartbeat-interval 0;
};
controls {
inet 127.0.0.1 port 953 allow { localhost_ipv4; } keys { "rndc-key"; };
};
acl "recursion-chaos" {
localhost_ipv4;
};
acl "recursion-on-chaos" {
localhost_ipv4;
};
acl "transfer-chaos" {
none;
};
acl "update-chaos" {
none;
};
acl "query-chaos" {
localhost_ipv4;
};
acl "query-on-chaos" {
localhost_ipv4;
};
view "chaos" chaos {
match-clients { query-chaos; };
match-destinations {
localhost_ipv4;
};
recursion no;
match-recursive-only no;
allow-notify { none; };
allow-query { none; };
allow-query-on { none; };
allow-transfer { none; };
allow-update { none; };
allow-update-forwarding { none; };
allow-query-cache { query-chaos; };
allow-query-cache-on { query-on-chaos; };
zone "." {
type hint;
file "nul";
};
zone "bind" {
type master;
file "C:\\var\\bind\\etc\\empty\\bind.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
};
acl "recursion-root" {
none;
};
acl "recursion-on-root" {
none;
};
acl "transfer-root" {
none;
};
acl "update-root" {
none;
};
acl "query-root" {
none;
};
acl "query-on-root" {
none;
};
// Running Root on Loopback (RFC 7706)
view "root" {
match-clients { query-root; };
match-destinations {
localhost_ipv4;
};
recursion no;
match-recursive-only no;
allow-notify { none; };
allow-query { none; };
allow-query-on { none; };
allow-transfer { none; };
allow-update { none; };
allow-update-forwarding { none; };
allow-query-cache { query-root; };
allow-query-cache-on { query-on-root; };
// root zone
zone "." {
type slave;
file "C:\\var\\bind\\etc\\sec\\root.zone";
masters {
192.5.5.241; //f.root-servers.net.
192.33.4.12; //c.root-servers.net.
193.0.14.129; //k.root-servers.net.
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
// Reserved exclusively to support operationally-critical infrastructural identifier spaces as advised by the Internet Architecture Board (RFC 3172)
zone "arpa" {
type slave;
file "C:\\var\\bind\\etc\\sec\\arpa.zone";
masters {
192.5.5.241; //f.root-servers.net.
192.33.4.12; //c.root-servers.net.
193.0.14.129; //k.root-servers.net.
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
// RFC 8375
// zone "home.arpa" {
// type slave;
// file "C:\\var\\bind\\etc\\sec\\home.arpa.zone";
// masters {
// 192.175.48.6; // blackhole-1.iana.org.
// 192.175.48.42; // blackhole-2.iana.org.
// };
// allow-query { query-root; };
// allow-query-on { query-on-root; };
// allow-transfer { transfer-root; };
// notify no;
// };
// For mapping E.164 numbers to Internet URIs (RFC 6116)
zone "e164.arpa" {
type slave;
file "C:\\var\\bind\\etc\\sec\\e164.arpa.zone";
masters {
193.0.9.5; //PRI.AUTHDNS.RIPE.NET
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
// For hosting authoritative name servers for the in-addr.arpa domain (RFC 5855)
zone "in-addr-servers.arpa" {
type slave;
file "C:\\var\\bind\\etc\\sec\\in-addr-servers.arpa.zone";
masters {
193.0.9.1; //F.IN-ADDR-SERVERS.ARPA
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
// For mapping IPv4 addresses to Internet domain names (RFC 1035)
zone "in-addr.arpa" {
type slave;
file "C:\\var\\bind\\etc\\sec\\in-addr.arpa.zone";
masters {
193.0.9.1; //F.IN-ADDR-SERVERS.ARPA
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
// For hosting authoritative name servers for the ip6.arpa domain (RFC 5855)
zone "ip6-servers.arpa" {
type slave;
file "C:\\var\\bind\\etc\\sec\\ip6-servers.arpa.zone";
masters {
193.0.9.2; //F.IP6-SERVERS.ARPA
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
// For mapping IPv6 addresses to Internet domain names (RFC 3152)
zone "ip6.arpa" {
type slave;
file "C:\\var\\bind\\etc\\sec\\ip6.arpa.zone";
masters {
193.0.9.2; //F.IP6-SERVERS.ARPA
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
zone "ipv4only.arpa" {
type slave;
file "C:\\var\\bind\\etc\\sec\\ipv4only.arpa.zone";
masters {
192.0.47.132; //iad.xfr.dns.icann.org
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
zone "root-servers.net." {
type slave;
file "C:\\var\\bind\\etc\\sec\\root-servers.net.zone";
masters {
192.0.47.132; //iad.xfr.dns.icann.org
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
// Multicast (RFC 3171)
zone "mcast.net" {
type slave;
file "C:\\var\\bind\\etc\\sec\\mcast.net.zone";
masters {
192.0.47.132; //iad.xfr.dns.icann.org
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
zone "224.in-addr.arpa" {
type slave;
file "C:\\var\\bind\\etc\\sec\\224.in-addr.zone";
masters {
192.0.47.132; //iad.xfr.dns.icann.org
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
zone "225.in-addr.arpa" {
type slave;
file "C:\\var\\bind\\etc\\sec\\225.in-addr.zone";
masters {
192.0.47.132; //iad.xfr.dns.icann.org
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
zone "226.in-addr.arpa" {
type slave;
file "C:\\var\\bind\\etc\\sec\\226.in-addr.zone";
masters {
192.0.47.132; //iad.xfr.dns.icann.org
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
zone "227.in-addr.arpa" {
type slave;
file "C:\\var\\bind\\etc\\sec\\227.in-addr.zone";
masters {
192.0.47.132; //iad.xfr.dns.icann.org
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
zone "228.in-addr.arpa" {
type slave;
file "C:\\var\\bind\\etc\\sec\\228.in-addr.zone";
masters {
192.0.47.132; //iad.xfr.dns.icann.org
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
zone "229.in-addr.arpa" {
type slave;
file "C:\\var\\bind\\etc\\sec\\229.in-addr.zone";
masters {
192.0.47.132; //iad.xfr.dns.icann.org
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
zone "230.in-addr.arpa" {
type slave;
file "C:\\var\\bind\\etc\\sec\\230.in-addr.zone";
masters {
192.0.47.132; //iad.xfr.dns.icann.org
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
zone "231.in-addr.arpa" {
type slave;
file "C:\\var\\bind\\etc\\sec\\231.in-addr.zone";
masters {
192.0.47.132; //iad.xfr.dns.icann.org
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
zone "232.in-addr.arpa" {
type slave;
file "C:\\var\\bind\\etc\\sec\\232.in-addr.zone";
masters {
192.0.47.132; //iad.xfr.dns.icann.org
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
zone "233.in-addr.arpa" {
type slave;
file "C:\\var\\bind\\etc\\sec\\233.in-addr.zone";
masters {
192.0.47.132; //iad.xfr.dns.icann.org
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
zone "234.in-addr.arpa" {
type slave;
file "C:\\var\\bind\\etc\\sec\\234.in-addr.zone";
masters {
192.0.47.132; //iad.xfr.dns.icann.org
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
zone "235.in-addr.arpa" {
type slave;
file "C:\\var\\bind\\etc\\sec\\235.in-addr.zone";
masters {
192.0.47.132; //iad.xfr.dns.icann.org
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
zone "236.in-addr.arpa" {
type slave;
file "C:\\var\\bind\\etc\\sec\\236.in-addr.zone";
masters {
192.0.47.132; //iad.xfr.dns.icann.org
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
zone "237.in-addr.arpa" {
type slave;
file "C:\\var\\bind\\etc\\sec\\237.in-addr.zone";
masters {
192.0.47.132; //iad.xfr.dns.icann.org
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
zone "238.in-addr.arpa" {
type slave;
file "C:\\var\\bind\\etc\\sec\\238.in-addr.zone";
masters {
192.0.47.132; //iad.xfr.dns.icann.org
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
zone "239.in-addr.arpa" {
type slave;
file "C:\\var\\bind\\etc\\sec\\239.in-addr.zone";
masters {
192.0.47.132; //iad.xfr.dns.icann.org
};
allow-query { query-root; };
allow-query-on { query-on-root; };
allow-transfer { transfer-root; };
notify no;
};
};
acl localhost_ipv4 { 127.0.0.1; };
acl "recursion-localhost" {
localhost_ipv4;
};
acl "recursion-on-localhost" {
localhost_ipv4;
};
acl "transfer-localhost" {
none;
};
acl "update-localhost" {
none;
};
acl "query-localhost" {
localhost_ipv4;
};
acl "query-on-localhost" {
localhost_ipv4;
};
view "localhost" {
match-clients { query-localhost; };
match-destinations {
localhost_ipv4;
};
recursion yes;
match-recursive-only yes;
allow-notify { none; };
allow-query { none; };
allow-query-on { none; };
allow-transfer { none; };
allow-update { none; };
allow-update-forwarding { none; };
allow-query-cache { query-localhost; };
allow-query-cache-on { query-on-localhost; };
allow-recursion { recursion-localhost; };
allow-recursion-on { recursion-on-localhost; };
empty-zones-enable no;
// This host on this network (RFC 1122)
disable-empty-zone "0.in-addr.arpa";
// IPv4 Loopback Network (RFC 1122)
// SPECIAL-IPV4-LOOPBACK-IANA-RESERVED
disable-empty-zone "127.in-addr.arpa";
// Private Use Networks (RFC 1918)
// PRIVATE-ADDRESS-ABLK-RFC1918-IANA-RESERVE
disable-empty-zone "10.in-addr.arpa";
// PRIVATE-ADDRESS-BBLK-RFC1918-IANA-RESERVED
disable-empty-zone "16.172.in-addr.arpa";
disable-empty-zone "17.172.in-addr.arpa";
disable-empty-zone "18.172.in-addr.arpa";
disable-empty-zone "19.172.in-addr.arpa";
disable-empty-zone "20.172.in-addr.arpa";
disable-empty-zone "21.172.in-addr.arpa";
disable-empty-zone "22.172.in-addr.arpa";
disable-empty-zone "23.172.in-addr.arpa";
disable-empty-zone "24.172.in-addr.arpa";
disable-empty-zone "25.172.in-addr.arpa";
disable-empty-zone "26.172.in-addr.arpa";
disable-empty-zone "27.172.in-addr.arpa";
disable-empty-zone "28.172.in-addr.arpa";
disable-empty-zone "29.172.in-addr.arpa";
disable-empty-zone "30.172.in-addr.arpa";
disable-empty-zone "31.172.in-addr.arpa";
// PRIVATE-ADDRESS-CBLK-RFC1918-IANA-RESERVED
disable-empty-zone "168.192.in-addr.arpa";
// Link local (RFC 3927)
// LINKLOCAL-RFC3927-IANA-RESERVED
disable-empty-zone "254.169.in-addr.arpa";
// IETF Protocol Assignments (RFC 5736)
// SPECIAL-IPV4-REGISTRY-IANA-RESERVED
disable-empty-zone "0.0.192.in-addr.arpa";
// TEST-NET-[1-3] for Documentation (RFC 5737)
// TEST-NET-1
disable-empty-zone "2.0.192.in-addr.arpa";
// TEST-NET-2
disable-empty-zone "100.51.198.in-addr.arpa";
// TEST-NET-3
disable-empty-zone "113.0.203.in-addr.arpa";
// RESERVED-19252192C
disable-empty-zone "193.52.192.in-addr.arpa";
// 6to4 Relay Anycast (RFC 3068)
// 6TO4-RELAY-ANYCAST-IANA-RESERVED
disable-empty-zone "192.88.99.in-addr.arpa";
// Network Interconnect Device Benchmark Testing (RFC 2544)
// SPECIAL-IPV4-BENCHMARK-TESTING-IANA-RESERVED
disable-empty-zone "18.198.in-addr.arpa";
disable-empty-zone "19.198.in-addr.arpa";
// Multicast (RFC 3171)
disable-empty-zone "224.in-addr.arpa";
disable-empty-zone "225.in-addr.arpa";
disable-empty-zone "226.in-addr.arpa";
disable-empty-zone "227.in-addr.arpa";
disable-empty-zone "228.in-addr.arpa";
disable-empty-zone "229.in-addr.arpa";
disable-empty-zone "230.in-addr.arpa";
disable-empty-zone "231.in-addr.arpa";
disable-empty-zone "232.in-addr.arpa";
disable-empty-zone "233.in-addr.arpa";
disable-empty-zone "234.in-addr.arpa";
disable-empty-zone "235.in-addr.arpa";
disable-empty-zone "236.in-addr.arpa";
disable-empty-zone "237.in-addr.arpa";
disable-empty-zone "238.in-addr.arpa";
disable-empty-zone "239.in-addr.arpa";
// Reserved for Future Use (RFC 1112)
disable-empty-zone "240.in-addr.arpa";
disable-empty-zone "241.in-addr.arpa";
disable-empty-zone "242.in-addr.arpa";
disable-empty-zone "243.in-addr.arpa";
disable-empty-zone "244.in-addr.arpa";
disable-empty-zone "245.in-addr.arpa";
disable-empty-zone "246.in-addr.arpa";
disable-empty-zone "247.in-addr.arpa";
disable-empty-zone "248.in-addr.arpa";
disable-empty-zone "249.in-addr.arpa";
disable-empty-zone "250.in-addr.arpa";
disable-empty-zone "251.in-addr.arpa";
disable-empty-zone "252.in-addr.arpa";
disable-empty-zone "253.in-addr.arpa";
disable-empty-zone "254.in-addr.arpa";
// Limited Broadcast (RFC0919 and RFC0922)
disable-empty-zone "255.in-addr.arpa";
// (RFC 4291)
// Unspecified address
disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa";
// Unspecified address
disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa";
// IPv4-mapped addresses
disable-empty-zone "f.f.f.f.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa";
disable-empty-zone "0.0.ip6.arpa";
// (RFC 4048)
disable-empty-zone "2.0.ip6.arpa";
// (RFC 4291)
disable-empty-zone "1.ip6.arpa";
disable-empty-zone "4.ip6.arpa";
disable-empty-zone "6.ip6.arpa";
disable-empty-zone "8.ip6.arpa";
disable-empty-zone "a.ip6.arpa";
disable-empty-zone "c.ip6.arpa";
disable-empty-zone "e.ip6.arpa";
disable-empty-zone "f.ip6.arpa";
disable-empty-zone "1.0.ip6.arpa";
disable-empty-zone "4.0.ip6.arpa";
disable-empty-zone "8.0.ip6.arpa";
disable-empty-zone "8.f.ip6.arpa";
disable-empty-zone "e.f.ip6.arpa";
// Multicast
disable-empty-zone "f.f.ip6.arpa";
disable-empty-zone "8.e.f.ip6.arpa";
disable-empty-zone "9.e.f.ip6.arpa";
disable-empty-zone "a.e.f.ip6.arpa";
disable-empty-zone "b.e.f.ip6.arpa";
disable-empty-zone "d.e.f.ip6.arpa";
disable-empty-zone "e.e.f.ip6.arpa";
disable-empty-zone "f.e.f.ip6.arpa";
// Unique-Local (RFC 4193)
disable-empty-zone "c.f.ip6.arpa";
// (RFC 3879)
disable-empty-zone "c.e.f.ip6.arpa";
disable-empty-zone "0.0.c.f.ip6.arpa";
disable-empty-zone "0.0.d.f.ip6.arpa";
// Overlay Routable Cryptographic Hash IDentifiers (RFC 4843)
disable-empty-zone "1.0.0.1.0.0.2.ip6.arpa";
// Teredo (RFC 4380)
disable-empty-zone "0.0.0.0.1.0.0.2.ip6.arpa";
// Documentation Prefix (RFC 3849)
disable-empty-zone "8.b.d.0.1.0.0.2.ip6.arpa";
// (RFC 5180)
disable-empty-zone "0.0.0.0.2.0.0.0.1.0.0.2.ip6.arpa";
// (RFC 6052)
disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.b.9.f.f.4.6.0.0.ip6.arpa";
// 6to4 (RFC 3056)
disable-empty-zone "2.0.0.2.ip6.arpa";
// 6bone (RFC 3701)
// (RFC 1897)
disable-empty-zone "f.5.ip6.arpa";
// (RFC2471)
disable-empty-zone "e.f.f.3.ip6.arpa";
response-policy {
zone "rpz.local";
} qname-wait-recurse no;
// just note - regarding zone size ~108k "records"
zone "rpz.local" {
type master;
file "C:\\var\\bind\\etc\\empty\\rpz.local.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "localhost" {
type master;
file "C:\\var\\bind\\etc\\empty\localhost.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "0.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\0.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "127.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\127.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "10.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\10.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "224.in-addr.arpa" {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
zone "225.in-addr.arpa" {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
zone "226.in-addr.arpa" {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
zone "227.in-addr.arpa" {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
zone "228.in-addr.arpa" {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
zone "229.in-addr.arpa" {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
zone "230.in-addr.arpa" {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
zone "231.in-addr.arpa" {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
zone "232.in-addr.arpa" {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
zone "233.in-addr.arpa" {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
zone "234.in-addr.arpa" {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
zone "235.in-addr.arpa" {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
zone "236.in-addr.arpa" {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
zone "237.in-addr.arpa" {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
zone "238.in-addr.arpa" {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
zone "239.in-addr.arpa" {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
zone "240.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\240.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "241.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\241.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "242.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\242.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "243.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\243.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "244.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\244.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "245.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\245.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "246.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\246.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "247.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\247.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "248.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\248.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "249.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\249.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "250.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\250.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "251.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\251.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "252.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\252.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "253.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\253.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "254.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\254.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "255.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\255.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "16.172.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\16.172.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "17.172.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\17.172.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "18.172.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\18.172.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "19.172.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\19.172.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "20.172.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\20.172.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "21.172.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\21.172.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "22.172.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\22.172.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "23.172.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\23.172.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "24.172.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\24.172.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "25.172.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\25.172.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "26.172.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\26.172.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "27.172.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\27.172.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "28.172.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\28.172.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "29.172.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\29.172.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "30.172.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\30.172.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "31.172.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\31.172.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "168.192.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\168.192.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "254.169.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\254.169.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "18.198.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\18.198.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "19.198.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\19.198.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "0.0.192.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\0.0.192.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "2.0.192.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\2.0.192.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "193.52.192.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\193.52.192.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "100.51.198.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\100.51.198.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "113.0.203.in-addr.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\113.0.203.in-addr.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "1.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\1.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "4.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\4.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "6.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\6.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "8.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\8.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "a.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\a.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "c.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\c.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "e.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\e.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "f.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\f.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "0.0.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\0.0.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "1.0.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\1.0.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "2.0.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\2.0.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "4.0.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\4.0.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "8.0.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\8.0.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "8.f.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\8.f.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "c.f.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\c.f.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "e.f.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\e.f.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "f.f.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\f.f.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "8.e.f.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\8.e.f.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "9.e.f.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\9.e.f.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "a.e.f.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\a.e.f.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "b.e.f.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\b.e.f.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "c.e.f.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\c.e.f.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "d.e.f.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\d.e.f.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "e.e.f.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\e.e.f.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "f.e.f.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\f.e.f.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "8.b.d.0.1.0.0.2.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\8.b.d.0.1.0.0.2.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "1.0.0.1.0.0.2.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\1.0.0.1.0.0.2.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "0.0.0.0.2.0.0.0.1.0.0.2.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\0.0.0.0.2.0.0.0.1.0.0.2.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.b.9.f.f.4.6.0.0.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.b.9.f.f.4.6.0.0.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "f.f.f.f.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\f.f.f.f.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "2.0.0.2.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\2.0.0.2.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "f.5.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\f.5.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
zone "e.f.f.3.ip6.arpa" {
type master;
file "C:\\var\\bind\\etc\\empty\\e.f.f.3.ip6.arpa.zone";
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
allow-transfer { transfer-localhost; };
allow-update { update-localhost; };
notify no;
};
// root zone
zone "." {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
// Reserved exclusively to support operationally-critical infrastructural identifier spaces as advised by the Internet Architecture Board (RFC 3172)
zone "arpa" {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
// RFC 8375
// zone "home.arpa" {
// type static-stub;
// server-addresses { 127.0.0.1; };
// allow-query { query-localhost; };
// allow-query-on { query-on-localhost; };
// };
// For mapping E.164 numbers to Internet URIs (RFC 6116)
zone "e164.arpa" {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
// For hosting authoritative name servers for the in-addr.arpa domain (RFC 5855)
zone "in-addr-servers.arpa" {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
// For mapping IPv4 addresses to Internet domain names (RFC 1035)
zone "in-addr.arpa" {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
// For hosting authoritative name servers for the ip6.arpa domain (RFC 5855)
zone "ip6-servers.arpa" {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
// For mapping IPv6 addresses to Internet domain names (RFC 3152)
zone "ip6.arpa" {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
zone "ipv4only.arpa" {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
zone "root-servers.net." {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
// Multicast (RFC 3171)
zone "mcast.net" {
type static-stub;
server-addresses { 127.0.0.1; };
allow-query { query-localhost; };
allow-query-on { query-on-localhost; };
};
};
logging {
channel rpz_file { file "c:\var\bind\log\rpz.log" versions 3 size 5m; severity dynamic; print-time yes; print-category yes; print-severity yes; };
channel edns-disabled_file { file "c:\var\bind\log\edns-disabled.log" versions 3 size 5m; severity dynamic; print-time yes; print-category yes; print-severity yes; };
channel default_file { file "c:\var\bind\log\default.log" versions 3 size 5m; severity dynamic; print-time yes; print-category yes; print-severity yes; };
channel general_file { file "c:\var\bind\log\general.log" versions 3 size 5m; severity dynamic; print-time yes; print-category yes; print-severity yes; };
channel database_file { file "c:\var\bind\log\database.log" versions 3 size 5m; severity dynamic; print-time yes; print-category yes; print-severity yes; };
channel spill_file { file "c:\var\bind\log\spill.log" versions 3 size 5m; severity dynamic; print-time yes; print-category yes; print-severity yes; };
channel rate-limit_file { file "c:\var\bind\log\rate-limit.log" versions 3 size 5m; severity dynamic; print-time yes; print-category yes; print-severity yes; };
channel security_file { file "c:\var\bind\log\security.log" versions 3 size 5m; severity dynamic; print-time yes; print-category yes; print-severity yes; };
channel config_file { file "c:\var\bind\log\config.log" versions 3 size 5m; severity dynamic; print-time yes; print-category yes; print-severity yes; };
channel resolver_file { file "c:\var\bind\log\resolver.log" versions 3 size 5m; severity dynamic; print-time yes; print-category yes; print-severity yes; };
channel xfer-in_file { file "c:\var\bind\log\xfer-in.log" versions 3 size 5m; severity dynamic; print-time yes; print-category yes; print-severity yes; };
channel xfer-out_file { file "c:\var\bind\log\xfer-out.log" versions 3 size 5m; severity dynamic; print-time yes; print-category yes; print-severity yes; };
channel notify_file { file "c:\var\bind\log\notify.log" versions 3 size 5m; severity dynamic; print-time yes; print-category yes; print-severity yes; };
channel client_file { file "c:\var\bind\log\client.log" versions 3 size 5m; severity dynamic; print-time yes; print-category yes; print-severity yes; };
channel unmatched_file { file "c:\var\bind\log\unmatched.log" versions 3 size 5m; severity dynamic; print-time yes; print-category yes; print-severity yes; };
channel queries_file { file "c:\var\bind\log\queries.log" versions 3 size 5m; severity dynamic; print-time yes; print-category yes; print-severity yes; };
channel query-errors_file { file "c:\var\bind\log\query-errors.log" versions 3 size 5m; severity dynamic; print-time yes; print-category yes; print-severity yes; };
channel network_file { file "c:\var\bind\log\network.log" versions 3 size 5m; severity dynamic; print-time yes; print-category yes; print-severity yes; };
channel update_file { file "c:\var\bind\log\update.log" versions 3 size 5m; severity dynamic; print-time yes; print-category yes; print-severity yes; };
channel update-security_file { file "c:\var\bind\log\update-security.log" versions 3 size 5m; severity dynamic; print-time yes; print-category yes; print-severity yes; };
channel dispatch_file { file "c:\var\bind\log\dispatch.log" versions 3 size 5m; severity dynamic; print-time yes; print-category yes; print-severity yes; };
channel dnssec_file { file "c:\var\bind\log\dnssec.log" versions 3 size 5m; severity dynamic; print-time yes; print-category yes; print-severity yes; };
channel lame-servers_file { file "c:\var\bind\log\lame-servers.log" versions 3 size 5m; severity dynamic; print-time yes; print-category yes; print-severity yes; };
channel delegation-only_file { file "c:\var\bind\log\delegation-only.log" versions 3 size 5m; severity dynamic; print-time yes; print-category yes; print-severity yes; };
category rpz { rpz_file; };
category edns-disabled { edns-disabled_file; };
category default { default_file; };
category general { general_file; };
category database { database_file; };
category spill { spill_file; };
category rate-limit { rate-limit_file; };
category security { security_file; };
category config { config_file; };
category resolver { resolver_file; };
category xfer-in { xfer-in_file; };
category xfer-out { xfer-out_file; };
category notify { notify_file; };
category client { client_file; };
category unmatched { unmatched_file; };
category queries { queries_file; };
category query-errors { query-errors_file; };
category network { network_file; };
category update { update_file; };
category update-security { update-security_file; };
category dispatch { dispatch_file; };
category dnssec { dnssec_file; };
category lame-servers { lame-servers_file; };
category delegation-only { delegation-only_file; };
category update-security { update-security_file; };
};
options {
default-key "rndc-key";
default-server 127.0.0.1;
default-port 953;
};
``
There are reasons to use above mentioned configuration - optimization of latences to selected entities for zone transfers and so on (instead of build-in mirror zone possibilities for DNS core infrastructure). If any of you would found some possible improvements/hints/comments/etc as kind of bug involved person I would appretiate any feedback (potential additional side-value of this bug report).
### Relevant logs and/or screenshots
example of two cases:
`
03-dec-2020 3:03:26.817 general: critical: c:\builds\isc-private\bind9\lib\isc\netmgr\netmgr.c:1332: REQUIRE(((((*handlep) != ((void *)0)) && (((const isc__magic_t *)(*handlep))->magic == ((('N') << 24 | ('M') << 16 | ('H') << 8 | ('D'))))) && ((sizeof(*(&(*handlep)->references)) == 8 ? (memory_order_seq_cst == memory_order_relaxed ? _InterlockedOr64((atomic_int_fast64_t *)&(*handlep)->references, 0) : (memory_order_seq_cst == memory_order_acquire ? _InterlockedOr64( (atomic_int_fast64_t *)&(*handlep)->references, 0) : (memory_order_seq_cst == memory_order_release ? _InterlockedOr64( (atomic_int_fast64_t *)&(*handlep)->references, 0) : _InterlockedOr64( (atomic_int_fast64_t *)&(*handlep)->references, 0)))) : (sizeof(*(&(*handlep)->references) == 4) ? (memory_order_seq_cst == memory_order_relaxed ? (int32_t)_InterlockedOr((atomic_int_fast32_t *)&(*handlep)->references, 0) : (memory_order_seq_cst == memory_order_acquire ? (int32_t)_InterlockedOr( (atomic_int_fast32_t *)&(*handlep)->references, 0) : (memory_order_seq_cst == memory_order_release ? (int32_t)_InterlockedOr( (atomic_int_fast32_t *)&(*handlep)->references, 0) : (int32_t)_InterlockedOr( (atomic_int_fast32_t *)&(*handlep)->references, 0)))) : (sizeof(*(&(*handlep)->references) == 2) ? (short)_InterlockedOr16((atomic_short *)&(*handlep)->references, 0) : (sizeof(*(&(*handlep)->references) == 1) ? (int8_t) _InterlockedOr8((atomic_int_fast8_t *)&(*handlep)->references, 0) : atomic_load_abort())))) & (sizeof(*(&(*handlep)->references)) == 8 ? 0xffffffffffffffffULL : (sizeof(*(&(*handlep)->references)) == 4 ? 0xffffffffULL : (sizeof(*(&(*handlep)->references)) == 2 ? 0xffffULL : (sizeof(*(&(*handlep)->references)) == 1 ? 0xffULL : atomic_load_abort()))))) > 0)) failed
03-dec-2020 3:03:26.817 general: critical: exiting (due to assertion failure)
05-dec-2020 0:08:04.470 general: critical: c:\builds\isc-private\bind9\lib\isc\netmgr\netmgr.c:1332: REQUIRE(((((*handlep) != ((void *)0)) && (((const isc__magic_t *)(*handlep))->magic == ((('N') << 24 | ('M') << 16 | ('H') << 8 | ('D'))))) && ((sizeof(*(&(*handlep)->references)) == 8 ? (memory_order_seq_cst == memory_order_relaxed ? _InterlockedOr64((atomic_int_fast64_t *)&(*handlep)->references, 0) : (memory_order_seq_cst == memory_order_acquire ? _InterlockedOr64( (atomic_int_fast64_t *)&(*handlep)->references, 0) : (memory_order_seq_cst == memory_order_release ? _InterlockedOr64( (atomic_int_fast64_t *)&(*handlep)->references, 0) : _InterlockedOr64( (atomic_int_fast64_t *)&(*handlep)->references, 0)))) : (sizeof(*(&(*handlep)->references) == 4) ? (memory_order_seq_cst == memory_order_relaxed ? (int32_t)_InterlockedOr((atomic_int_fast32_t *)&(*handlep)->references, 0) : (memory_order_seq_cst == memory_order_acquire ? (int32_t)_InterlockedOr( (atomic_int_fast32_t *)&(*handlep)->references, 0) : (memory_order_seq_cst == memory_order_release ? (int32_t)_InterlockedOr( (atomic_int_fast32_t *)&(*handlep)->references, 0) : (int32_t)_InterlockedOr( (atomic_int_fast32_t *)&(*handlep)->references, 0)))) : (sizeof(*(&(*handlep)->references) == 2) ? (short)_InterlockedOr16((atomic_short *)&(*handlep)->references, 0) : (sizeof(*(&(*handlep)->references) == 1) ? (int8_t) _InterlockedOr8((atomic_int_fast8_t *)&(*handlep)->references, 0) : atomic_load_abort())))) & (sizeof(*(&(*handlep)->references)) == 8 ? 0xffffffffffffffffULL : (sizeof(*(&(*handlep)->references)) == 4 ? 0xffffffffULL : (sizeof(*(&(*handlep)->references)) == 2 ? 0xffffULL : (sizeof(*(&(*handlep)->references)) == 1 ? 0xffULL : atomic_load_abort()))))) > 0)) failed
05-dec-2020 0:08:04.470 general: critical: exiting (due to assertion failure)
`
### Possible fixes
Investigate assertion failure.
Thank you for yourt time and cooperation in advance.
https://gitlab.isc.org/isc-projects/bind9/-/issues/3020
netmgr/netmgr.c:1737: (...) failed
2022-04-26T13:28:04Z
Nelson A. de Oliveira
netmgr/netmgr.c:1737: (...) failed
Hi!
I am seeing this for some internal DNS queries:
```
$ host www.unesp.br 200.145.86.1
Using domain server:
Name: 200.145.86.1
Address: 200.145.86.1#53
Aliases:
www.unesp.br has address 200.145.6.98
netmgr/netmgr.c:1737: REQUIRE(((...
Hi!
I am seeing this for some internal DNS queries:
```
$ host www.unesp.br 200.145.86.1
Using domain server:
Name: 200.145.86.1
Address: 200.145.86.1#53
Aliases:
www.unesp.br has address 200.145.6.98
netmgr/netmgr.c:1737: REQUIRE((((handle) != ((void *)0) && ((const isc__magic_t *)(handle))->magic == ((('N') << 24 | ('M') << 16 | ('H') << 8 | ('D')))) && __extension__ ({ __auto_type __atomic_load_ptr = (&(handle)->references); __typeof__ ((void)0, *__atomic_load_ptr) __atomic_load_tmp; __atomic_load (__atomic_load_ptr, &__atomic_load_tmp, (5)); __atomic_load_tmp; }) > 0)) failed, back trace
/usr/lib/x86_64-linux-gnu/libisc-9.17.20-2-Debian.so(+0x3552f)[0x7fae10e0f52f]
/usr/lib/x86_64-linux-gnu/libisc-9.17.20-2-Debian.so(isc_assertion_failed+0xa)[0x7fae10e0f48a]
/usr/lib/x86_64-linux-gnu/libisc-9.17.20-2-Debian.so(isc__nmhandle_attach+0x63)[0x7fae10df9aa3]
host(+0xe3aa)[0x55c5f12963aa]
host(+0xf2c7)[0x55c5f12972c7]
host(+0x1177b)[0x55c5f129977b]
/usr/lib/x86_64-linux-gnu/libisc-9.17.20-2-Debian.so(isc__nm_async_readcb+0xad)[0x7fae10dfce6d]
/usr/lib/x86_64-linux-gnu/libisc-9.17.20-2-Debian.so(isc__nm_readcb+0x97)[0x7fae10dfcf97]
/usr/lib/x86_64-linux-gnu/libisc-9.17.20-2-Debian.so(+0x30cd0)[0x7fae10e0acd0]
/usr/lib/x86_64-linux-gnu/libisc-9.17.20-2-Debian.so(isc__nm_udp_read_cb+0x46)[0x7fae10e0c4c6]
/usr/lib/x86_64-linux-gnu/libuv.so.1(+0x1ee8d)[0x7fae10956e8d]
/usr/lib/x86_64-linux-gnu/libuv.so.1(+0x22c75)[0x7fae1095ac75]
/usr/lib/x86_64-linux-gnu/libuv.so.1(uv_run+0x114)[0x7fae10947854]
/usr/lib/x86_64-linux-gnu/libisc-9.17.20-2-Debian.so(+0x247da)[0x7fae10dfe7da]
/usr/lib/x86_64-linux-gnu/libisc-9.17.20-2-Debian.so(isc__trampoline_run+0x16)[0x7fae10e36bd6]
/lib/x86_64-linux-gnu/libpthread.so.0(+0x8eae)[0x7fae10b36eae]
/lib/x86_64-linux-gnu/libc.so.6(clone+0x3f)[0x7fae10a66a5f]
zsh: IOT instruction (core dumped) host www.unesp.br 200.145.86.1
```
I hope that some of these files are helpful :-)
[core dump](/uploads/325a587af3cbf8c8862b554c57597f93/core-isc-net-0000.55659.neon.1637667477)
[gdb's "thread apply all bt full"](/uploads/56e9ac73d79041b0ed8606e102813b88/gdb.txt)
[tcpdump output](/uploads/60932dfe55240b848a0ef2902bae3289/tcpdump.txt)
This is also https://bugs.debian.org/1000447
If you need anything else, just let me know, please.
Thank you!
April 2022 (9.16.28, 9.16.28-S1, 9.18.2, 9.19.0)
Arаm Sаrgsyаn
Arаm Sаrgsyаn
https://gitlab.isc.org/isc-projects/bind9/-/issues/2840
netmgr/netmgr.c:2064: fatal error: RUNTIME_CHECK(r == 0) failed in dig on Ope...
2022-02-11T14:07:38Z
Michal Nowak
netmgr/netmgr.c:2064: fatal error: RUNTIME_CHECK(r == 0) failed in dig on OpenBSD
Job [#1895046](https://gitlab.isc.org/isc-projects/bind9/-/jobs/1895046) failed for f563cd570c8a4e24e0c6a1cf7cf6e11da1b090fb:
```
I:doth:checking server quotas for both encrypted and unencrypted HTTP (71)
netmgr/netmgr.c:2064: fatal erro...
Job [#1895046](https://gitlab.isc.org/isc-projects/bind9/-/jobs/1895046) failed for f563cd570c8a4e24e0c6a1cf7cf6e11da1b090fb:
```
I:doth:checking server quotas for both encrypted and unencrypted HTTP (71)
netmgr/netmgr.c:2064: fatal error: RUNTIME_CHECK(r == 0) failed
Abort trap (core dumped)
I:doth:exit status: 0
I:doth:stopping servers
I:doth:Core dump(s) found: doth/dig.core
D:doth:backtrace from doth/dig.core:
D:doth:--------------------------------------------------------------------------------
D:doth:Core was generated by `dig'.
D:doth:Program terminated with signal SIGABRT, Aborted.
D:doth:#0 thrkill () at /tmp/-:3
D:doth:[Current thread is 1 (process 164094)]
D:doth:#0 thrkill () at /tmp/-:3
D:doth:#1 0x00000ee3b008379e in _libc_abort () at /usr/src/lib/libc/stdlib/abort.c:51
D:doth:#2 0x00000ee413f78d30 in isc_error_fatal (file=<optimized out>, line=<optimized out>, format=<optimized out>) at error.c:68
D:doth:#3 0x00000ee413f78d45 in isc_error_runtimecheck (file=0x0, line=6, expression=0xee3b00699ba <thrkill+10> "r\001\303d\211\004% ") at error.c:73
D:doth:#4 0x00000ee413f62522 in isc__nmsocket_timer_restart (sock=<optimized out>) at netmgr/netmgr.c:2064
D:doth:#5 0x00000ee1aa1a9e8b in launch_next_query (query=0xee3b89c1820) at dighost.c:3143
D:doth:#6 0x00000ee1aa1aa339 in tcp_connected (handle=0xee44e611420, eresult=0, arg=<optimized out>) at dighost.c:3280
D:doth:#7 0x00000ee413f63a16 in isc__nm_async_connectcb (worker=<optimized out>, ev0=<optimized out>) at netmgr/netmgr.c:2662
D:doth:#8 0x00000ee413f5fe30 in process_netievent (worker=0xee3b89c1020, ievent=0xee44e611020) at netmgr/netmgr.c:958
D:doth:#9 0x00000ee413f5ae64 in process_queue (worker=0xee3b89c1020, type=<error reading variable: Cannot access memory at address 0x3>) at netmgr/netmgr.c:998
D:doth:#10 process_all_queues (worker=0xee3b89c1020) at netmgr/netmgr.c:746
D:doth:#11 async_cb (handle=0xee3b89c12f8) at netmgr/netmgr.c:775
D:doth:#12 0x00000ee3bb4b39cd in uv.async_io () from /usr/local/lib/libuv.so.3.0
D:doth:#13 0x00000ee3bb4c5a19 in uv.io_poll () from /usr/local/lib/libuv.so.3.0
D:doth:#14 0x00000ee3bb4b40b8 in uv_run () from /usr/local/lib/libuv.so.3.0
D:doth:#15 0x00000ee413f5af4b in nm_thread (worker0=0xee3b89c1020) at netmgr/netmgr.c:681
D:doth:#16 0x00000ee413fac063 in isc__trampoline_run (arg=0xee3b89ae3c0) at trampoline.c:180
D:doth:#17 0x00000ee43eef0f51 in _rthread_start (v=<optimized out>) at /usr/src/lib/librthread/rthread.c:96
D:doth:#18 0x00000ee3b002dd1a in __tfork_thread () at /usr/src/lib/libc/arch/amd64/sys/tfork_thread.S:84
D:doth:--------------------------------------------------------------------------------
D:doth:full backtrace from doth/dig.core saved in doth/dig.core-backtrace.txt
D:doth:core dump doth/dig.core archived as doth/dig.core.gz
R:doth:FAIL
E:doth:2021-07-28T07:20:21+0000
```
#2809 might be triggering this, but I was unable to reproduce this locally (0 out of 6 attempts).
[dig.core.gz](/uploads/47a706783f8bda7af03498fe9d01a5d2/dig.core.gz)
[dig.core-backtrace.txt](/uploads/2e9bf04594dec8804aa790a3245f72f8/dig.core-backtrace.txt)
March 2022 (9.11.37, 9.11.37-S1, 9.16.27, 9.16.27-S1, 9.18.1)
Artem Boldariev
Artem Boldariev
https://gitlab.isc.org/isc-projects/bind9/-/issues/2451
netmgr/tlsdns.c: warning: ‘uv_try_write’ reading 16 bytes from a region of si...
2021-04-07T14:38:08Z
Michal Nowak
netmgr/tlsdns.c: warning: ‘uv_try_write’ reading 16 bytes from a region of size 8
On Fedora 33 with custom experimental gcc snapshot version 11.0.0 20210124 I get the following warning:
```
In function ‘tls_cycle_output’,
inlined from ‘tls_cycle’ at netmgr/tlsdns.c:1425:11:
netmgr/tlsdns.c:1351:23: warning: ‘uv_tr...
On Fedora 33 with custom experimental gcc snapshot version 11.0.0 20210124 I get the following warning:
```
In function ‘tls_cycle_output’,
inlined from ‘tls_cycle’ at netmgr/tlsdns.c:1425:11:
netmgr/tlsdns.c:1351:23: warning: ‘uv_try_write’ reading 16 bytes from a region of size 8 [-Wstringop-overread]
1351 | err = uv_try_write(&sock->uv_handle.stream, &sock->tls.senddata,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1352 | 1);
| ~~
netmgr/tlsdns.c: In function ‘tls_cycle’:
netmgr/tlsdns.c:1351:23: note: referencing argument 2 of type ‘const uv_buf_t *’
In file included from netmgr/tlsdns.c:14:
/usr/include/uv.h:520:15: note: in a call to function ‘uv_try_write’
520 | UV_EXTERN int uv_try_write(uv_stream_t* handle,
| ^~~~~~~~~~~~
In function ‘tls_cycle_output’,
inlined from ‘tls_cycle’ at netmgr/tlsdns.c:1425:11:
netmgr/tlsdns.c:1377:23: warning: ‘uv_write’ reading 16 bytes from a region of size 8 [-Wstringop-overread]
1377 | err = uv_write(&req->uv_req.write, &sock->uv_handle.stream,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1378 | &sock->tls.senddata, 1, tls_write_cb);
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
netmgr/tlsdns.c: In function ‘tls_cycle’:
netmgr/tlsdns.c:1377:23: note: referencing argument 3 of type ‘const uv_buf_t *’
In file included from netmgr/tlsdns.c:14:
/usr/include/uv.h:509:15: note: in a call to function ‘uv_write’
509 | UV_EXTERN int uv_write(uv_write_t* req,
| ^~~~~~~~
```
April 2021 (9.11.30/9.11.31, 9.11.30-S1/9.11.31-S1, 9.16.14/9.16.15, 9.16.14-S1/9.16.15-S1, 9.17.12)
https://gitlab.isc.org/isc-projects/bind9/-/issues/2047
netmgr: REQUIRE(VALID_NMHANDLE(handle)); assertion failures in isc_nm_pausere...
2020-09-30T06:26:32Z
Mark Andrews
netmgr: REQUIRE(VALID_NMHANDLE(handle)); assertion failures in isc_nm_pauseread()
Job [#1039928](https://gitlab.isc.org/isc-projects/bind9/-/jobs/1039928) failed for 45798d1e4e56f0a1ed69c708c8b518e4730ebae6:
```
D:dnstap:Core was generated by `/builds/isc-projects/bind9/bin/rndc/.libs/rndc -p 28359 -c ../common/rndc....
Job [#1039928](https://gitlab.isc.org/isc-projects/bind9/-/jobs/1039928) failed for 45798d1e4e56f0a1ed69c708c8b518e4730ebae6:
```
D:dnstap:Core was generated by `/builds/isc-projects/bind9/bin/rndc/.libs/rndc -p 28359 -c ../common/rndc.conf'.
7419 D:dnstap:Program terminated with signal SIGABRT, Aborted.
7420 D:dnstap:#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
7421 D:dnstap:[Current thread is 1 (Thread 0x7f913f5fe700 (LWP 17908))]
7422 D:dnstap:#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
7423 D:dnstap:#1 0x00007f9142373537 in __GI_abort () at abort.c:79
7424 D:dnstap:#2 0x00007f91425a313f in isc_assertion_failed (file=file@entry=0x7f91425d2000 "netmgr/netmgr.c", line=line@entry=1383, type=type@entry=isc_assertiontype_require, cond=cond@entry=0x7f91425d2760 "((__builtin_expect(!!((handle) != ((void *)0)), 1) && __builtin_expect(!!(((const isc__magic_t *)(handle))->magic == ((('N') << 24 | ('M') << 16 | ('H') << 8 | ('D')))), 1)) && __extension__ ({ __auto"...) at assertions.c:47
7425 D:dnstap:#3 0x00007f914258735a in isc_nm_pauseread (handle=handle@entry=0x7f913f768010) at netmgr/netmgr.c:1392
7426 D:dnstap:#4 0x00007f914256a3bb in recv_data (handle=0x7f913f768010, eresult=<optimized out>, region=<optimized out>, arg=0x55e92eb9d9a0 <rndc_ccmsg>) at ccmsg.c:109
7427 D:dnstap:#5 0x00007f914258b8ba in isc__nm_tcp_shutdown (sock=0x7f913f764010) at netmgr/tcp.c:1094
7428 D:dnstap:#6 0x00007f9142585681 in shutdown_walk_cb (arg=<optimized out>, handle=<optimized out>) at netmgr/netmgr.c:1451
7429 D:dnstap:#7 shutdown_walk_cb (handle=<optimized out>, arg=<optimized out>) at netmgr/netmgr.c:1446
7430 D:dnstap:#8 0x00007f914232aa24 in uv_walk () from /usr/lib/x86_64-linux-gnu/libuv.so.1
7431 D:dnstap:#9 0x00007f9142587496 in isc__nm_async_shutdown (worker=worker@entry=0x55e92fbd5840, ev0=ev0@entry=0x7f913f767430) at netmgr/netmgr.c:1461
7432 D:dnstap:#10 0x00007f9142588d3b in process_queue (worker=worker@entry=0x55e92fbd5840, queue=0x7f913f742080) at netmgr/netmgr.c:640
7433 D:dnstap:#11 0x00007f91425891a1 in async_cb (handle=<optimized out>) at netmgr/netmgr.c:580
7434 D:dnstap:#12 0x00007f914232b7d1 in ?? () from /usr/lib/x86_64-linux-gnu/libuv.so.1
7435 D:dnstap:#13 0x00007f914233c860 in ?? () from /usr/lib/x86_64-linux-gnu/libuv.so.1
7436 D:dnstap:#14 0x00007f914232bf44 in uv_run () from /usr/lib/x86_64-linux-gnu/libuv.so.1
7437 D:dnstap:#15 0x00007f9142588ed3 in nm_thread (worker0=0x55e92fbd5840) at netmgr/netmgr.c:484
7438 D:dnstap:#16 0x00007f9142303ea7 in start_thread (arg=<optimized out>) at pthread_create.c:477
7439 D:dnstap:#17 0x00007f914244bdcf in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
7440 D:dnstap:--------------------------------------------------------------------------------
```
October 2020 (9.11.24, 9.11.24-S1, 9.16.8, 9.16.8-S1, 9.17.6)
Witold Krecicki
Witold Krecicki
https://gitlab.isc.org/isc-projects/bind9/-/issues/1994
netscope.c:23:50: error: unused parameter 'addr' when HAVE_IF_NAMETOINDEX und...
2020-08-05T13:09:26Z
Michal Nowak
netscope.c:23:50: error: unused parameter 'addr' when HAVE_IF_NAMETOINDEX undefined on illumos
On OpenIndiana 2020.04 (an illumos distribution) compilation of BIND `main` commit 78a4ed31322271ff324994ab058b8448ae4a2252 fails in `lib/isc/netscope.c` with:
```
netscope.c: In function 'isc_netscope_pton':
netscope.c:23:50: error: unu...
On OpenIndiana 2020.04 (an illumos distribution) compilation of BIND `main` commit 78a4ed31322271ff324994ab058b8448ae4a2252 fails in `lib/isc/netscope.c` with:
```
netscope.c: In function 'isc_netscope_pton':
netscope.c:23:50: error: unused parameter 'addr' [-Werror=unused-parameter]
isc_netscope_pton(int af, char *scopename, void *addr, uint32_t *zoneid) {
^~~~
cc1: all warnings being treated as errors
```
It seems that `addr` is used only when `HAVE_IF_NAMETOINDEX` is defined.
August 2020 (9.11.22, 9.11.22-S1, 9.16.6, 9.17.4)
https://gitlab.isc.org/isc-projects/bind9/-/issues/2797
network buffer size limits are enforced incorrectly and always overwrite tcp-...
2021-07-08T08:56:35Z
Petr Špaček
pspacek@isc.org
network buffer size limits are enforced incorrectly and always overwrite tcp-receive-buffer
### Summary
When enforcing limits for out of range values on configuration options tcp-send-buffer, udp-receive-buffer, udp-send-buffer, the enforced value always overwrite tcp-receive-buffer instead of the problematic value.
### BIND ...
### Summary
When enforcing limits for out of range values on configuration options tcp-send-buffer, udp-receive-buffer, udp-send-buffer, the enforced value always overwrite tcp-receive-buffer instead of the problematic value.
### BIND version affected
v9.17.13 up to current main (33394f11c387396c06210320b408a6f9ffe93ddc)
### Steps to reproduce
Configure one of tcp-send-buffer, udp-receive-buffer, udp-send-buffer with an out of range value (< 4096, > 2^32).
### What is the current *bug* behavior?
- Limit >= 4096, <= 2^32 is not enforced on these three options.
- Allowed minimal/maximal value overwrites `tcp-receive-buffer` value!
### What is the expected *correct* behavior?
Well, limits are enforced properly.
### Relevant configuration files
```
options {
tcp-send-buffer <an out of range value>;
udp-receive-buffer <an out of range value>;
udp-send-buffer <an out of range value>;
};
```
July 2021 (9.11.34, 9.11.34-S1, 9.16.19, 9.16.19-S1, 9.17.16)
https://gitlab.isc.org/isc-projects/stork/-/issues/205
network connection to agent should be well secured by default
2021-03-08T13:13:07Z
Michal Nowikowski
network connection to agent should be well secured by default
re: https://gitlab.isc.org/isc-projects/stork/-/merge_requests/87#note_116633
design doc: https://gitlab.isc.org/isc-projects/stork/-/wikis/Designs/Agent-Server-Security
There are a couple of aspects to be addressed here:
- [x] confid...
re: https://gitlab.isc.org/isc-projects/stork/-/merge_requests/87#note_116633
design doc: https://gitlab.isc.org/isc-projects/stork/-/wikis/Designs/Agent-Server-Security
There are a couple of aspects to be addressed here:
- [x] confidentiality
- [x] mutual authentication
- [x] authorization
This work has been split to separate issues:
- #479 (keys and certs generation)
- #481 (agent registration in the server)
- #483 (agent deployment and authorization UI)
- #485 (demo update)
- #486 (docs)
- #507 (system tests)
0.15
Michal Nowikowski
Michal Nowikowski
https://gitlab.isc.org/isc-projects/bind9/-/issues/3595
Network-related unit tests became unstable after merging the loopmgr branch
2023-02-27T16:00:39Z
Michał Kępień
Network-related unit tests became unstable after merging the loopmgr branch
Merging !6040 caused the failure rate for network-related unit tests to
become significantly higher on the `main` branch. The
frequently-failing tests include:
- `doh_test`
- `tcp_test`
- `tls_test` - issues #3594 and #3597
- `...
Merging !6040 caused the failure rate for network-related unit tests to
become significantly higher on the `main` branch. The
frequently-failing tests include:
- `doh_test`
- `tcp_test`
- `tls_test` - issues #3594 and #3597
- `tlsdns_test`
- `udp_test` - fixed in !6888 and !6889, and there are cases when the `udp_test` just gets stuck and times out
Sample failures from a single pipeline:
- https://gitlab.isc.org/isc-private/bind9/-/jobs/2819710 (`tcp_test`)
- https://gitlab.isc.org/isc-private/bind9/-/jobs/2819711 (`doh_test`)
- https://gitlab.isc.org/isc-private/bind9/-/jobs/2819748 (`tcp_test`)
These failures should be addressed sooner rather than later as they
wreak havoc in CI results for `main`. Leaving them unfixed might
prevent us from noticing newly-introduced bugs in a timely manner.
March 2023 (9.16.39, 9.16.39-S1, 9.18.13, 9.18.13-S1, 9.19.11)
https://gitlab.isc.org/isc-projects/dhcp/-/issues/79
networking.service doesn't work
2020-01-13T11:54:56Z
Ghost User
networking.service doesn't work
I can't raise my network interface, I'm using debian 10, I only can connect to the internet by my ethernet cable.
Here's what happen when I try to start networking.service:
`systemctl status networking.service
● networking.service...
I can't raise my network interface, I'm using debian 10, I only can connect to the internet by my ethernet cable.
Here's what happen when I try to start networking.service:
`systemctl status networking.service
● networking.service - Raise network interfaces
Loaded: loaded (/lib/systemd/system/networking.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Sun 2020-01-12 19:59:07 -03; 46min ago
Docs: man:interfaces(5)
Process: 629 ExecStart=/sbin/ifup -a --read-environment (code=exited, status=1/FAILURE)
Main PID: 629 (code=exited, status=1/FAILURE)
jan 12 19:59:07 L0stH0st dhclient[704]: than a configuration issue please read the section on submitting
jan 12 19:59:07 L0stH0st dhclient[704]: bugs on either our web page at www.isc.org or in the README file
jan 12 19:59:07 L0stH0st dhclient[704]: before submitting a bug. These pages explain the proper
jan 12 19:59:07 L0stH0st dhclient[704]: process and the information we find helpful for debugging.
jan 12 19:59:07 L0stH0st dhclient[704]:
jan 12 19:59:07 L0stH0st dhclient[704]: exiting.
jan 12 19:59:07 L0stH0st ifup[629]: ifup: failed to bring up eth0
jan 12 19:59:07 L0stH0st systemd[1]: networking.service: Main process exited, code=exited, status=1/FAILURE
jan 12 19:59:07 L0stH0st systemd[1]: networking.service: Failed with result 'exit-code'.
jan 12 19:59:07 L0stH0st systemd[1]: Failed to start Raise network interfaces.
`
What should I do?
https://gitlab.isc.org/isc-projects/kea/-/issues/1220
NetworkState class should be Kea MT safe.
2021-06-28T09:51:01Z
Francis Dupont
NetworkState class should be Kea MT safe.
Kea MT safe means MT safe when Kea MT mode is true (vs. general MT safety).
Kea MT safe means MT safe when Kea MT mode is true (vs. general MT safety).
kea2.1-backlog
Razvan Becheriu
Razvan Becheriu
https://gitlab.isc.org/isc-projects/kea/-/issues/1831
NetworkStateTest::earlyEnableAllTest() defined but not used warning
2021-05-20T12:59:54Z
Thomas Markwalder
NetworkStateTest::earlyEnableAllTest() defined but not used warning
I get the following warning on Ubuntu 18.04
```
3_la-callout_params_library.o
network_state_unittest.cc:563:1: warning: ‘void {anonymous}::NetworkStateTest::earlyEnableAllTest()’ defined but not used [-Wunused-function]
NetworkStateTes...
I get the following warning on Ubuntu 18.04
```
3_la-callout_params_library.o
network_state_unittest.cc:563:1: warning: ‘void {anonymous}::NetworkStateTest::earlyEnableAllTest()’ defined but not used [-Wunused-function]
NetworkStateTest::earlyEnableAllTest() {
^~~~~~~~~~~~~~~~
mv -f .deps/libdhcpsrv_unittests-triplet_unittest.Tpo .deps/libdhcpsrv_unittests-triplet_unittest.Po
mv
```
@razvan suggests the following fix:
```
diff --git a/src/lib/dhcpsrv/tests/network_state_unittest.cc b/src/lib/dhcpsrv/tests/network_state_unittest.cc
index cd7aabf8f1..7edf4581ae 100644
--- a/src/lib/dhcpsrv/tests/network_state_unittest.cc
+++ b/src/lib/dhcpsrv/tests/network_state_unittest.cc
@@ -754,6 +754,15 @@ TEST_F(NetworkStateTest, delayedEnableAllTestMultiThreading) {
delayedEnableAllTest();
}
+TEST_F(NetworkStateTest, earlyEnableAllTest) {
+ earlyEnableAllTest();
+}
+
+TEST_F(NetworkStateTest, earlyEnableAllTestMultiThreading) {
+ MultiThreadingMgr::instance().setMode(true);
+ earlyEnableAllTest();
+}
+
TEST_F(NetworkStateTest, multipleDelayedEnableAllTest) {
multipleDelayedEnableAllTest();
}
```
kea1.9.8
Razvan Becheriu
Razvan Becheriu
https://gitlab.isc.org/isc-projects/bind9/-/issues/2784
New 9.17 options for setting socket buffer sizes have a mistake in the ARM
2021-06-22T20:32:01Z
Cathy Almond
New 9.17 options for setting socket buffer sizes have a mistake in the ARM
From #2313
There are four new options. They are listed in the syntax section as:
tcp-receive-buffer
udp-receive-buffer
tcp-send-buffer
udp-send-buffer
They're also named thus in CHANGES and relnotes.
But in the section of the ARM t...
From #2313
There are four new options. They are listed in the syntax section as:
tcp-receive-buffer
udp-receive-buffer
tcp-send-buffer
udp-send-buffer
They're also named thus in CHANGES and relnotes.
But in the section of the ARM that describes the usage, the two inbound buffer tuning knobs are described instead as tcp-recv-buffer and udp-recv-buffer. Oops.
Please can we fix this in the July releases?
July 2021 (9.11.34, 9.11.34-S1, 9.16.19, 9.16.19-S1, 9.17.16)
Michał Kępień
Michał Kępień
https://gitlab.isc.org/isc-projects/bind9/-/issues/219
New Coverity Warnings
2018-05-03T15:18:29Z
Curtis Blackburn
New Coverity Warnings
```
Hi,
Please find the latest report on new defect(s) introduced to BIND found with Coverity Scan.
3 new defect(s) introduced to BIND found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(...
```
Hi,
Please find the latest report on new defect(s) introduced to BIND found with Coverity Scan.
3 new defect(s) introduced to BIND found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)
** CID 1434969: (UNINIT)
________________________________________________________________________________________________________
*** CID 1434969: (UNINIT)
/bin/tools/mdig.c: 1033 in plus_option()
1027 isc_result_t result;
1028 char *cmd, *value, *last, *code;
1029 isc_uint32_t num;
1030 isc_boolean_t state = ISC_TRUE;
1031 size_t n;
1032
>>> CID 1434969: (UNINIT)
>>> Using uninitialized value "last" when calling "__strtok_r_1c".
1033 if ((cmd = strtok_r(option, "=", &last)) == NULL) {
1034 printf(";; Invalid option %s\n", option);
1035 return;
1036 }
1037 if (strncasecmp(cmd, "no", 2) == 0) {
1038 cmd += 2;
/bin/delv/delv.c: 968 in plus_option()
962 static void
963 plus_option(char *option) {
964 isc_result_t result;
965 char *cmd, *value, *last;
966 isc_boolean_t state = ISC_TRUE;
967
>>> CID 1434969: (UNINIT)
>>> Using uninitialized value "last" when calling "__strtok_r_1c".
968 cmd = strtok_r(option, "=", &last);
969 if (cmd == NULL) {
970 printf(";; Invalid option %s\n", option);
971 return;
972 }
973 if (strncasecmp(cmd, "no", 2)==0) {
/bin/dig/dig.c: 741 in plus_option()
735 isc_result_t result;
736 char *cmd, *value, *last, *code, *extra;
737 isc_uint32_t num;
738 isc_boolean_t state = ISC_TRUE;
739 size_t n;
740
>>> CID 1434969: (UNINIT)
>>> Using uninitialized value "last" when calling "__strtok_r_1c".
741 if ((cmd = strtok_r(option, "=", &last)) == NULL) {
742 printf(";; Invalid option %s\n", option);
743 return;
744 }
745 if (strncasecmp(cmd, "no", 2)==0) {
746 cmd += 2;
** CID 1434968: Null pointer dereferences (FORWARD_NULL)
________________________________________________________________________________________________________
*** CID 1434968: Null pointer dereferences (FORWARD_NULL)
/bin/named/statschannel.c: 3126 in render_xsl()
3120 isc_time_t when;
3121 char *line, *saveptr;
3122 const char *if_modified_since = "If-Modified-Since: ";
3123 _headers = strdup(headers);
3124
3125 saveptr = NULL;
>>> CID 1434968: Null pointer dereferences (FORWARD_NULL)
>>> Passing "&saveptr" to "__strtok_r_1c", which dereferences null "saveptr".
3126 for (line = strtok_r(_headers, "\n", &saveptr);
3127 line;
3128 line = strtok_r(NULL, "\n", &saveptr)) {
3129 if (strncasecmp(line, if_modified_since,
3130 strlen(if_modified_since)) == 0) {
3131 time_t t1, t2;
** CID 1434967: Null pointer dereferences (FORWARD_NULL)
________________________________________________________________________________________________________
*** CID 1434967: Null pointer dereferences (FORWARD_NULL)
/lib/irs/getaddrinfo.c: 1074 in set_order()
1068 break;
1069 }
1070 } else {
1071 order = getenv("NET_ORDER");
1072 found = 0;
1073 last = NULL;
>>> CID 1434967: Null pointer dereferences (FORWARD_NULL)
>>> Passing "&last" to "__strtok_r_1c", which dereferences null "last".
1074 for (tok = strtok_r(order, ":", &last);
1075 tok;
1076 tok = strtok_r(NULL, ":", &last))
1077 {
1078 if (strcasecmp(tok, "inet6") == 0) {
1079 if ((found & FOUND_IPV6) == 0) {
```
Mark Andrews
Mark Andrews
https://gitlab.isc.org/isc-projects/bind9/-/issues/286
New cppcheck-detected errors
2018-11-08T18:37:22Z
Stephen Morris
New cppcheck-detected errors
Four new warnings caused by a recent commit including an uninitialized variable and a possible null-pointer de-reference:
https://jenkins.isc.org/view/BIND/job/bind9-cpp-check/186/cppcheckResult/
The list of warnings also includes that...
Four new warnings caused by a recent commit including an uninitialized variable and a possible null-pointer de-reference:
https://jenkins.isc.org/view/BIND/job/bind9-cpp-check/186/cppcheckResult/
The list of warnings also includes that weren't fixed in the last ticket that addressed the cppcheck-reported issues.
https://gitlab.isc.org/isc-projects/stork/-/issues/720
New form and REST commands to create new host reservation
2022-05-09T07:53:37Z
Marcin Siodelski
New form and REST commands to create new host reservation
Following the #717, we now need to create a form in the UI to specify a new host reservation and associate it with one or multiple Kea servers. Finally, when the new host reservation is submitted, it should generate appropriate REST comm...
Following the #717, we now need to create a form in the UI to specify a new host reservation and associate it with one or multiple Kea servers. Finally, when the new host reservation is submitted, it should generate appropriate REST commands to the Stork server which in turn uses the config manager to populate the host reservation to the Kea servers.
1.3
Marcin Siodelski
Marcin Siodelski
https://gitlab.isc.org/isc-projects/bind9/-/issues/89
New Geolocation protocol with greater privacy protection for end user
2021-10-04T12:26:02Z
Vicky Risk
vicky@isc.org
New Geolocation protocol with greater privacy protection for end user
Can we try to design a new way to specify the end-users geographic location, for purposes of sending them to an efficient, local content source (as an alternative to EDNS client-subnet-identifier)?
Goals
* Provide authority with informa...
Can we try to design a new way to specify the end-users geographic location, for purposes of sending them to an efficient, local content source (as an alternative to EDNS client-subnet-identifier)?
Goals
* Provide authority with information about client geography suitable for routing purposes
* Minimize excessive cache bloating by only carving out caches at a level of specificity actually useful for content routing
* Avoid identifying the client by IP address or other specific identifier (preserving privacy)
Ideas
* The resolver could tag the query with a geo location, rather than forwarding client ID to the authority
* We could consider using the LOC rr (type 29)
* The IATA code (closest airport) is probably granular enough for content routing
* Adding the AS of the network the user is on might also be relevant and useful
We should discuss with the other open source DNS developers, perhaps in our usual get-together at the next IETF
Not planned
https://gitlab.isc.org/isc-projects/kea/-/issues/1784
New hook point before host lookup (aka BYOB -backend)
2022-06-20T19:18:03Z
Vicky Risk
vicky@isc.org
New hook point before host lookup (aka BYOB -backend)
Problem
Currently the supported hosts database types are MySQL, PostgreSQL, and Cassandra. Support for additional datastores is not likely to be added anytime soon. It would be useful if a new hook point was added that would allow a cus...
Problem
Currently the supported hosts database types are MySQL, PostgreSQL, and Cassandra. Support for additional datastores is not likely to be added anytime soon. It would be useful if a new hook point was added that would allow a custom hook to the retrieve host information via an external API call from any technology of their choosing, and supplement or even replace the internal host reservation lookup.
Proposed Solution
A new hook point, before or after “pkt4_receive” takes the request packet as input and receives one or more host reservation objects as output, to be used in addition to, or instead of, the internal host reservation. One or more flags can be used to control whether the internal host lookup is performed. This enhancement is probably made in conjunction with the “host-config” mode requested in the “Early host reservation lookup” enhancement.
(The RADIUS hook does this today.)
https://gitlab.isc.org/isc-projects/kea/-/issues/594
New host cache commands.
2019-05-22T08:04:14Z
Francis Dupont
New host cache commands.
At least add a new command to return the number of entries.
At least add a new command to return the number of entries.
Kea1.6
Francis Dupont
Francis Dupont
https://gitlab.isc.org/isc-projects/bind9/-/issues/3429
New issue 48509 by ClusterFuzz-External: bind9:dns_master_load_fuzzer: Intege...
2022-07-07T08:33:16Z
Mark Andrews
New issue 48509 by ClusterFuzz-External: bind9:dns_master_load_fuzzer: Integer-overflow in genname
```
Detailed Report: https://oss-fuzz.com/testcase?key=5954650567737344
Project: bind9
Fuzzing Engine: libFuzzer
Fuzz Target: dns_master_load_fuzzer
Job Type: libfuzzer_ubsan_bind9
Platform Id: linux
Crash Type: Integer-overflow
Crash ...
```
Detailed Report: https://oss-fuzz.com/testcase?key=5954650567737344
Project: bind9
Fuzzing Engine: libFuzzer
Fuzz Target: dns_master_load_fuzzer
Job Type: libfuzzer_ubsan_bind9
Platform Id: linux
Crash Type: Integer-overflow
Crash Address:
Crash State:
genname
generate
load_text
Sanitizer: undefined (UBSAN)
Regressed: https://oss-fuzz.com/revisions?job=libfuzzer_ubsan_bind9&range=202202240600:202202250603
Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=5954650567737344
```
Test case:
```
$GENERATE 1-1 <FF> 0 type4 ${2147483647
```
`<FF>` is octet 0xff
```
0000000 24 47 45 4e 45 52 41 54 45 20 31 2d 31 20 ff 20
0000020 30 20 74 79 70 65 34 20 24 7b 32 31 34 37 34 38
0000040 33 36 34 37
0000044
```
```
732 n = snprintf(numbuf, sizeof(numbuf), fmt,
733 it + delta);
```
`it + delta` overflows.
July 2022 (9.16.31, 9.16.31-S1, 9.18.5, 9.19.3)