Path: csiph.com!aioe.org!nntp.terraraq.uk!nntp-feed.chiark.greenend.org.uk!ewrotcd!usenet-its.stanford.edu!usenet.stanford.edu!not-for-mail From: =?utf-8?B?T25kxZllaiBTdXLDvQ==?= Newsgroups: comp.protocols.dns.bind Subject: Re: Upgrade from 9.14 to 9.16 - transfer-source with low source port no longer works. Date: Tue, 26 May 2020 11:47:48 +0200 Lines: 128 Approved: bind-users@lists.isc.org Message-ID: References: <202005260938.04Q9cKxg006927@nordnytt.cc.uit.no> NNTP-Posting-Host: lists.isc.org Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.80.23.2.2\)) Content-Type: multipart/signed; boundary="Apple-Mail=_9A3CCE3A-0B75-44D5-81C3-06E00CDD9B94"; protocol="application/pgp-signature"; micalg=pgp-sha512 X-Trace: usenet.stanford.edu 1590486474 29160 149.20.1.60 (26 May 2020 09:47:54 GMT) X-Complaints-To: action@cs.stanford.edu Cc: bind-users To: Ingeborg Hellemo Return-Path: X-Original-To: bind-users@lists.isc.org Delivered-To: bind-users@lists.isc.org In-Reply-To: <202005260938.04Q9cKxg006927@nordnytt.cc.uit.no> X-Mailer: Apple Mail (2.3608.80.23.2.2) X-BeenThere: bind-users@lists.isc.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: BIND Users Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Mailman-Original-Message-ID: X-Mailman-Original-References: <202005260938.04Q9cKxg006927@nordnytt.cc.uit.no> Xref: csiph.com comp.protocols.dns.bind:15775 --Apple-Mail=_9A3CCE3A-0B75-44D5-81C3-06E00CDD9B94 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Hi Ingeborg, please see release notes: = https://downloads.isc.org/isc/bind9/9.16.3/RELEASE-NOTES-bind-9.16.3.html This is listed in Known Issues for BIND 9.16.1: > =E2=80=A2 UDP network ports used for listening can no longer = simultaneously be used for sending traffic. An example configuration = which triggers this issue would be one which uses the same address:port = pair for listen-on(-v6) statements as for notify-source(-v6) or = transfer-source(-v6). While this issue affects all operating systems, it = only triggers log messages (e.g. "unable to create dispatch for reserved = port") on some of them. There are currently no plans to make such a = combination of settings work again. Ondrej -- Ond=C5=99ej Sur=C3=BD ondrej@isc.org > On 26 May 2020, at 11:38, Ingeborg Hellemo = wrote: >=20 > FreeBSD 11.3-RELEASE-p3 >=20 > This morning I upgraded from BIND 9.14.11 to 9.16.3 via FreeBSD ports. >=20 > Then I realize that my slave server no longer transfer zones from the = master. > The zone transfers worked as expected before the upgrade. >=20 > There are no error messages. The slave receives notifies from the = master: >=20 > May 26 09:40:35 ludvigsen named[22721]: client @0x81d593f68 > 129.242.4.254#24673: received notify for zone 'av.uit.no' > May 26 09:40:35 ludvigsen named[22721]: zone av.uit.no/IN: notify from > 129.242.4.254#24673: serial 2020052600 >=20 > I can do a 'rndc reload ' without errors: >=20 > May 26 09:57:29 ludvigsen named[22721]: received control channel = command > 'reload av.uit.no' >=20 > If I do a full 'rndc reload' I finally get an error: >=20 > May 26 11:08:14 ludvigsen named[25953]: unable to create dispatch for = reserved > port 129.242.5.254#53: permission denied >=20 > Since this is a host with serveral virtual interfaces this = address/port is set > in named.conf: >=20 > transfer-source 129.242.5.254 port 53; >=20 > The solution was to remove the 'port 53' part of the config, >=20 >=20 >=20 > Finally, the question: >=20 > Has there been some change in when named changes user id and drops = privilege > from root? Or some other changes that can explain the error? >=20 >=20 >=20 >=20 > --Ingeborg > -- > Ingeborg =C3=98strem Hellemo -- ingeborg.hellemo@uit.no > Dep. of Information Technology --- Univ. of Troms=C3=B8 >=20 >=20 >=20 > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to = unsubscribe from this list >=20 > ISC funds the development of this software with paid support = subscriptions. Contact us at https://www.isc.org/contact/ for more = information. >=20 >=20 > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users --Apple-Mail=_9A3CCE3A-0B75-44D5-81C3-06E00CDD9B94 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAl7M5cRfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u WcJSfw/9Gv3uGDAMV5rn6QVhs7RiiX9b3Mw2/IBjWXjofD6Tl95W4EigsSmCs6lP pZcXndUaHPuaZ4sk/9+jiD8U4JWoH96qY5wnMwwqtePtsnNH3RA7/8g0yjnAyior RY1sJB4OXGfRhPKbFc/mWvU+yHaWIMDrepzn7zcQs5KEELHL4h2KltK5ipb+pW3j +5Q4yKo7zpaFSlR1QpQAg+SysPM0pvox5q+4kexZSinAuJeFbY42C1mY4BhMp0hP 3xvqd8ql5JfS53JbRRdjBuFtEtAhx45iXEziewIbK0SRhpjGeL758vuvtdbOJkRT hB1aAxr7GFhMPDBz/AbziLXEG+VNZD8CTaHF5k+gSa0us2W4AXkWd9rrC/JZpj3F Mbb4J7DGqXC46KXXQriQdzHU0mygkxBvGATwVzpdFW4551XZ81G1x0Mgidish3Ly +BcdwP5UVU2WSsTktqsx8bkKJ/Qt2f2wzwrE6wI5iCCTqG4c4+gENbljNMRaY0co G5ZhDVNmnWAKBfJKB3xkh3oD2i2Ricmz0gUPd6hs5c0sXopyXautc/ihWQeDatEv OQEcZ4OHH80vE6gKGzQzved5HNJe8i53Zu87tVWA1Ac7ibwuwEb0PA709bIkeSn8 iDPj3Hu24hsLGP+cXkzbIzGpAJ14QbEtCpV+VPLPdQSz+B5AijU= =nvez -----END PGP SIGNATURE----- --Apple-Mail=_9A3CCE3A-0B75-44D5-81C3-06E00CDD9B94--