Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
BIND
BIND
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 637
    • Issues 637
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 104
    • Merge Requests 104
  • CI / CD
    • CI / CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Incidents
    • Environments
  • Packages & Registries
    • Packages & Registries
    • Container Registry
  • Analytics
    • Analytics
    • CI / CD
    • Repository
    • Value Stream
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
  • ISC Open Source Projects
  • BINDBIND
  • Issues
  • #1504

Closed
Open
Opened Dec 12, 2019 by Michał Kępień@michalMaintainer

"rndc status" closed with ISC_R_DUPLICATE

An interesting dnssec system test failure happened on Windows for 9.11.14:

  • https://gitlab.isc.org/isc-private/bind9/-/jobs/473919
...
I:dnssec:check that 'rndc signing' without arguments is handled (155)
I:dnssec:check that 'rndc signing -list' without zone is handled (156)
I:dnssec:check that 'rndc signing -clear' without additional arguments is handled (157)
I:dnssec:check that 'rndc signing -clear all' without zone is handled (158)
I:dnssec:check that 'rndc signing -nsec3param' without additional arguments is handled (159)
I:dnssec:check that 'rndc signing -nsec3param none' without zone is handled (160)
I:dnssec:check that 'rndc signing -nsec3param 1' without additional arguments is handled (161)
I:dnssec:check that 'rndc signing -nsec3param 1 0' without additional arguments is handled (162)
I:dnssec:check that 'rndc signing -nsec3param 1 0 0' without additional arguments is handled (163)
I:dnssec:check that 'rndc signing -nsec3param 1 0 0 -' without zone is handled (164)
rndc: connection to remote host closed
This may indicate that
* the remote server is using an older version of the command protocol,
* this host is not authorized to connect,
* the clocks are not synchronized,
* the key signing algorithm is incorrect, or
* the key is invalid.
I:dnssec:failed
I:dnssec:check that 'rndc signing -nsec3param' works with salt (165)
I:dnssec:check that 'rndc signing -nsec3param' works without salt (166)
I:dnssec:check that 'rndc signing -nsec3param' works with 'auto' as salt (167)
I:dnssec:check that 'rndc signing -nsec3param' with 'auto' as salt again generates a different salt (168)
...

It seems to me that a TCP connection opened by an rndc status command was immediately torn down with the following log message:

12-Dec-2019 0:07:33.960 invalid command from 10.53.0.3#54441: duplicate

Apparently this log message is produced by one of the log_invalid() calls in bin/named/controlconf.c:control_recvmessage(), but I was unable to quickly determine which one it may be. Any ideas? This seems to happen rather rarely.

Assignee
Assign to
BIND 9.17 Backburner
Milestone
BIND 9.17 Backburner
Assign milestone
Time tracking
None
Due date
None
Reference: isc-projects/bind9#1504