Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Writeable file already in use

1,715 views
Skip to first unread message

Sathyan Arjunan

unread,
Jan 4, 2016, 7:14:01 PM1/4/16
to bind-...@lists.isc.org
Team,

Recently, I updated my bind from 9.9.5 to 9.9.8-P2 from then I seen problems with me named configuration. Interestingly, I seen this problem only on my slaves NOT on Master DNS.

I am using multiple zones pointing to a same file. This configuration has been in place for nearly 10 years with no issues...

Zone config on Master: ###No issues with Master###

 zone "domain1.com." {type master; file "db.file-1"; };
 zone "domain2.com." {type master; file "db.file-1"; };
 zone "domain3.com." {type master; file "db.file-1"; };

Zone config on Slave:

zone "domain1.com." {type slave; file "db.file-1"; masters { x.x.x.x; }; allow-query { any; }; };
zone "domain2.com." { type slave; file "db.file-1"; masters { x.x.x.x; }; allow-query { any; }; };
zone "domain3.com." { type slave; file "db.file-1"; masters{ x.x.x.x; }; allow-query { any; }; };

Below is the errors i seen from named on my slave dns

: named.conf:584: writeable file 'db.file-1': already in use: named.conf:194


Please advise...

Reindl Harald

unread,
Jan 4, 2016, 7:19:57 PM1/4/16
to bind-...@lists.isc.org


Am 05.01.2016 um 01:13 schrieb Sathyan Arjunan:
> Recently, I updated my bind from 9.9.5 to 9.9.8-P2 from then I seen
> problems with me named configuration. Interestingly, I seen this problem
> only on my slaves NOT on Master DNS.
>
> I am using multiple zones pointing to a same file

this is not supported - period

signature.asc

Evan Hunt

unread,
Jan 4, 2016, 7:23:46 PM1/4/16
to Sathyan Arjunan, bind-...@lists.isc.org
On Mon, Jan 04, 2016 at 05:13:55PM -0700, Sathyan Arjunan wrote:
> Recently, I updated my bind from 9.9.5 to 9.9.8-P2 from then I seen
> problems with me named configuration. Interestingly, I seen this problem
> only on my slaves NOT on Master DNS.
>
> I am using multiple zones pointing to a same file. This configuration has
> been in place for nearly 10 years with no issues...

It's actually an error and always has been. Having named write to the
same file for multiple zones is risky; they can step on each other and
cause load failures later. The only change is that named will now
prevent you from making this mistake.

> Zone config on Master: ###No issues with Master###
>
> zone "domain1.com." {type master; file "db.file-1"; };
> zone "domain2.com." {type master; file "db.file-1"; };
> zone "domain3.com." {type master; file "db.file-1"; };

On the master server, named doesn't write to zone files (unless the
zone is dynamically updatable) so this isn't an error.

> zone "domain1.com." {type slave; file "db.file-1"; masters { x.x.x.x; };
> allow-query { any; }; };
> zone "domain2.com." { type slave; file "db.file-1"; masters { x.x.x.x; };
> allow-query { any; }; };
> zone "domain3.com." { type slave; file "db.file-1"; masters{ x.x.x.x; };
> allow-query { any; }; };
>
> Below is the errors i seen from named on my slave dns
>
> : named.conf:584: writeable file 'db.file-1': already in use: named.conf:194

On a slave server, named transfers the zone from elsewhere and writes a
copy into a local file. These all need to be different files.

> Please advise...

Change the filenames on the slave, or just don't have a "file" option
in the slave zone configuration.

--
Evan Hunt -- ea...@isc.org
Internet Systems Consortium, Inc.

Jan-Piet Mens

unread,
Jan 5, 2016, 3:23:06 AM1/5/16
to bind-...@lists.isc.org
> Change the filenames on the slave, or just don't have a "file" option
> in the slave zone configuration.

I was going to yell "TIL from Evan, that 'file' is optional for a
slave", but

/etc/named.conf:545: zone 'example.com': missing 'file' entry

This is on 9.10.3. Did I misunderstand you?

-JP

Evan Hunt

unread,
Jan 5, 2016, 3:41:38 AM1/5/16
to Jan-Piet Mens, bind-...@lists.isc.org
> I was going to yell "TIL from Evan, that 'file' is optional for a
> slave", but
>
> /etc/named.conf:545: zone 'example.com': missing 'file' entry
>
> This is on 9.10.3. Did I misunderstand you?

Do you use inline-signing? It's mandatory in that case (named needs to
know where to put the .signed file and the journal files), but I believe
it's optional otherwise.

Jan-Piet Mens

unread,
Jan 5, 2016, 4:58:48 AM1/5/16
to bind-...@lists.isc.org
> but I believe it's optional otherwise.

You are correct (of course). I had inline signing enabled.

For a non-signed zone I note the transfer indeed works without a 'file'
specification, and I note it's not stored on file anywhere (just in
core).

Thanks for clarifying.

-JP

Tony Finch

unread,
Jan 5, 2016, 5:32:22 AM1/5/16
to bind-...@lists.isc.org
Jan-Piet Mens <jpmen...@gmail.com> wrote:
>
> For a non-signed zone I note the transfer indeed works without a 'file'
> specification, and I note it's not stored on file anywhere (just in
> core).

Yes, so (as you have probably guessed) the server has to retransfer the
zone from scratch when it is restarted. This might make you sad if you
have lots of zones or large zones.

Tony.
--
f.anthony.n.finch <d...@dotat.at> http://dotat.at/
Hebrides, Bailey, Fair Isle: Easterly or southeasterly 5 to 7, occasionally
gale 8 in Fair Isle, decreasing 4 at times. Moderate or rough, occasionally
very rough in Fair Isle. Showers, wintry in Fair Isle. Good, occasionally poor
in Fair Isle.

Jan-Piet Mens

unread,
Jan 5, 2016, 6:26:23 AM1/5/16
to bind-...@lists.isc.org
> This might make you sad if you have lots of zones or large zones.

.. or even just want to look at what was transferred (whitout having to
recurse to a `dig axfr').

I see no reason to omit 'file' (except on a diskless slave ;-)

-JP

Alan Clegg

unread,
Jan 5, 2016, 10:55:28 AM1/5/16
to bind-...@lists.isc.org
I ran into one exception to this rule - it seemed that the customer had
security requirements that did not allow "transient data" to be written
to disk. They had to make sure that if the physical device was stolen,
all of their zone data didn't follow it out the door.

AlanC
--
Why don't we wander and follow la vie dansante.

signature.asc

Barry Margolin

unread,
Jan 5, 2016, 12:03:31 PM1/5/16
to comp-protoc...@isc.org
In article <mailman.13.14520093...@lists.isc.org>,
The in-memory copy is likely to end up in the swap partition.

--
Barry Margolin
Arlington, MA

Ray Bellis

unread,
Jan 5, 2016, 12:05:31 PM1/5/16
to bind-...@lists.isc.org
On 05/01/2016 17:03, Barry Margolin wrote:

> The in-memory copy is likely to end up in the swap partition.

A swap partition? I don't think I've seen one of those for years...

Ray


Reindl Harald

unread,
Jan 5, 2016, 12:19:23 PM1/5/16
to bind-...@lists.isc.org


Am 05.01.2016 um 18:03 schrieb Barry Margolin:
> In article <mailman.13.14520093...@lists.isc.org>,
> Alan Clegg <al...@clegg.com> wrote:
>
> The in-memory copy is likely to end up in the swap partition

a proper dimensioned server has no swap partition at all, at least no
one od the servers i am responsible since 2008 had one and *for sure*
the memory requirement of a authoritative nameserver is pretty clear to
don#t need it

signature.asc

Darcy Kevin (FCA)

unread,
Jan 5, 2016, 1:06:05 PM1/5/16
to Reindl Harald, bind-...@lists.isc.org
http://unix.stackexchange.com/questions/190398/do-i-need-swap-space-if-i-have-more-than-enough-amount-of-ram

- Kevin

-----Original Message-----
From: bind-user...@lists.isc.org [mailto:bind-user...@lists.isc.org] On Behalf Of Reindl Harald
Sent: Tuesday, January 05, 2016 12:19 PM
To: bind-...@lists.isc.org
Subject: Re: Writeable file already in use



Am 05.01.2016 um 18:03 schrieb Barry Margolin:
> In article <mailman.13.14520093...@lists.isc.org>,
> Alan Clegg <al...@clegg.com> wrote:
>

Reindl Harald

unread,
Jan 5, 2016, 1:20:01 PM1/5/16
to bind-...@lists.isc.org


Am 05.01.2016 um 19:05 schrieb Darcy Kevin (FCA):
> http://unix.stackexchange.com/questions/190398/do-i-need-swap-space-if-i-have-more-than-enough-amount-of-ram

and the answer is clearly NO if you have *enough* RAM
you just have to define the "enough"

which means your workload and your useful buffercache fits in

when a have a machine (in my case only VMs) running over a full month
with a 1 GB swap file and it's not used with a single MB i do NOT need
stackexchange to answer that question

a dedicated authoritative-only namserver and to utilize the ressources a
containered asterisk with hylafax and even a tiny webserver with a
mysqld for the addressbook are doing that with 1.5 GB RAM:

[root@asterisk:~]$ free
total used free shared buff/cache
available
Mem: 1,5G 150M 886M 18M 460M
1,3G
Swap: 0B 0B 0B

what do you want to swap out there?

the machine has all blocks of the disks it ever accessed, the software
and the data in it's memory and would not come to the idea swap anything
out anyways

> -----Original Message-----
> From: bind-user...@lists.isc.org [mailto:bind-user...@lists.isc.org] On Behalf Of Reindl Harald
> Sent: Tuesday, January 05, 2016 12:19 PM
> To: bind-...@lists.isc.org
> Subject: Re: Writeable file already in use
>
>
>
> Am 05.01.2016 um 18:03 schrieb Barry Margolin:
>> In article <mailman.13.14520093...@lists.isc.org>,
>> Alan Clegg <al...@clegg.com> wrote:
>>
signature.asc

Reindl Harald

unread,
Jan 5, 2016, 1:24:38 PM1/5/16
to bind-...@lists.isc.org
and to finish that topic:

in days of zram (it's in the mainline kernel for a long time -
https://www.kernel.org/doc/Documentation/blockdev/zram.txt) when you
think you need some swap for whatever reason you use that just because
modern hardware has left so many cpu cycles left that it don't need
measurable ressources and it#s way faster
>>> The in-memory copy is likely to end up in the swap partition
>>
>> a proper dimensioned server has no swap partition at all, at least no
>> one od the servers i am responsible since 2008 had one and *for sure*
>> the memory requirement of a authoritative nameserver is pretty clear
>> to don't need it

signature.asc
0 new messages