What to do if your BIND or DHCP server has crashedAA-00340
If your BIND or DHCP server crashes (i.e. the daemon terminates unexpectedly), collecting the evidence available and submitting to us is vital if we are to help diagnose the problem and provide a solution. Below is a list of files/information to collect after a crash. This includes the process core dump - if you don't have one, it's possible that this needs to be enabled on your system so that one can be collected if the event happens again. Enabling core dumps
Note that on many Operating Systems, process core dumps have to be explicitly
enabled, and sometimes have to be enabled beyond a certain size (named
can drop really big core dumps) - so if there is no core dump to be
found, then that's something to work on and resolve in case of a
recurrence. The ulimit command handles this in many cases - but you should check that this is appropriate before trying it in your environment: Appropriate write permissions may also need to be set for the directory that the core file is to be written to. (Are you running chrooted? What user does your daemon process run as?). You can test whether or not core dumps are possible by using gcore or kill -6 (sigabrt) against a process at a time when restarting it isn't going to impact production. You can check the details of enabling core files for your environment via the man pages: man core Information and files to collect and preserve:Please collect and preserve the details below (in particular the logs and any core files which may be lost if not collected and copied/moved elsewhere right away). We may need some or all of then in order to diagnose the problem.
What to include when reporting the problem:If you are submitting a bug report or support ticket, it is vital that you collect and preserve as much information and as many as possible of the files requested above. It may not be possible to diagnose the cause of the problem is this level of information is not available to us. However, in the initial report, we prefer just to receive the basic details (and will let you know what what else we need once we've reviewed them). - Environment information (see 5. and 8.) If you have a core file and gdb on the server that produced the core, you can obtain a backtrace (snapshot of what each thread was doing and the nested layers of procedure calls and data that was being used/accessed at the time) by launching gdb as follows:
$ <path-to>/gdb <binary(full path)> <core(full path)>
And then from gdb, type:
> thread apply all bt full
(Sometimes this will error and fail to complete - if that happens, retry it, omitting 'full') Please include all of the output from gdb from when it is launched, not just the output from the thread apply all bt full command. Note: MacOS users whose system has not generated a core file may still have access to useful crash data - go to Applications/Console and look at "User Diagnostic Reports" you may see a report Uploading large files to ISC
We prefer to receive large and non-text files which have been
compressed and bundled first using tar and gzip/bzip. Windows users can
use zip instead. Please contact us for alternative upload arrangements if you need to submit large files with bug or support tickets as these cannot be accepted as email attachments. Bug ReportingBefore submitting a bug report please ensure first that you are running a current version. Also, some packaged versions of BIND, Kea and ISC DHCP might be built with source code that has been modified by the distributor - in those cases while it may be useful to report the issue directly to ISC (particularly if it might be a potential security issue) we may not be able to successfully diagnose root cause of the problem if it cannot be reproduced with binaries that have been built directly from source code downloaded from ISC. To report a bug, please use our Bug Report Form (or the Kea new ticket form for Kea), or submit via email to bind9-bugs@isc.org or to dhcp-bugs@isc.org. (At this time there is no way to submit a Kea bug report via email.) Support Customers:
If you have a support subscription with us, please use that in the first instance for reporting problems rather than filing a bug report. Reporting security issuesDNS and DHCP security is critical to the Internet Infrastructure. If you think you may be seeing a potential security vulnerability (for example, a crash with REQUIRE, INSIST, or ASSERT failure), please report it immediately to security-officer@isc.org and do not post it on the public mailing list. We provide numerous alternate ways to contact our security officer alias, including via the Bug Report Form (or the Kea new ticket form for Kea) and the ISC Contact form. Please also see our Security Vulnerabilty Disclosure Policy for details on how we publish security vulnerabilities. |