named & ntpd quirkyness

Gabriel O'Brien go at quay.net
Tue May 17 21:42:32 PDT 2005


Hi folks,

I've a FreeBSD 5.4 system here that is running an ipfw firewall, ntpd, 
BIND, etc. and I'm having a strange little problem whenever I reboot my 
system.  This system is a gateway multihomed with 4 interfaces and 
connected to the internet via plain old PPPoE/ADSL.  For the most part 
everything seems to be working like a charm however whenever I reboot 
the server I have two issues:

1) named doesn't seem to be able to bind to the tun0 interface properly, 
I've got a few theories about this but none of them have gotten me 
anywhere!  At first I thought it was my firewall rules, but after 
playing around with it, including building a firewall with "options 
IPFIREWALL_DEFAULT_TO_ACCEPT" and turning off all the rules I'm starting 
to think that wasn't it.  I've wondered if it can't connect becasue that 
interface doesn't exist yet (since it's PPPoE), but I'm not sure about 
that either.

At any rate the symptom is that named is listening and accepting queries 
on all of the interfaces including loopback, except the tun0 interface. 
  There's currently nothing in the logs to suggest anything awry, though 
for a while I was getting these errors:

May  9 21:03:48 sol named[284]: creating IPv4 interface tun0 failed; 
interface ignored

I can't figure out what I might have done to stop those errors from 
appearing but they don't anymore.

2) ntpd doesn't connect properly to it's servers via the tun0 interface 
though this symptom is much more intermittent and I don't have any hard 
evidence other than my own two eyes to actually prove it ever happened. 
  As of right now it's working fine.

I've been trying to sort out this problem on and off for about a month 
of so on both 5.3 and 5.4 and haven't had a whole lot of luck.  I'm 
wondering if anyone has any suggestions as to where I can look to sort 
this out.  I have a doable workaround, essentially I just log in after a 
reboot and restart named and then everything is fine, but it's a bit of 
a hassle and if I forget eventually my server will stop resolving (when 
the zone expires in various caches out there)... this is how I 
discovered it the first time.  I can post some more info on my setup if 
anyone thinks it will help, but I won't clutter up inboxes with loads of 
config files unless it's necessary.

Thanks in advance for any help!

-Gabe

Gabriel M. O'Brien
http://web.quay.net/



More information about the freebsd-questions mailing list