Hi Damir, this is most probably an upstream issue, could you please fill the issue at https://gitlab.isc.org/isc-projects/bind9/ and I’ll take it from there?
We’ll need a coredump and backtrace, and ISC has facilities to receive the coredump. You can use https://pandora.isc.org/ to send large files, and use ond...@isc.org as recipient if the coredump would not attach to the GitLab issue due to the size. Ondrej -- Ondřej Surý (He/Him) ond...@sury.org > On 22. 1. 2021, at 8:44, Damir R. Islamov <da...@trefle.ru> wrote: > > Package: bind9 > Version: 1:9.16.11-1 > Severity: important > > Dear Maintainer, > > After bind9 update to 1:9.16.11-1, named daemon cannot start dou to 11/SEGV > signal. > Full log is like this: > > Jan 22 14:40:47 trefle systemd[1]: Started BIND Domain Name Server. > Jan 22 14:40:47 trefle named[1317468]: starting BIND 9.16.11-Debian (Stable > Release) <id:9ff601b> > Jan 22 14:40:47 trefle named[1317468]: running on Linux x86_64 5.10.0-1-amd64 > #1 SMP Debian 5.10.5-1 (2021-01-09) > Jan 22 14:40:47 trefle named[1317468]: built with '--build=x86_64-linux-gnu' > '--prefix=/usr' '--includedir=/usr/include' '--mandir=/usr/share/man' > '--infodir=/usr/share/info' '--sysconfdir=/etc' '--localstatedir=/var' > '--disable-option-checking' '--disable-silent-rules' > '--libdir=/usr/lib/x86_64-linux-gnu' '--runstatedir=/run' > '--disable-maintainer-mode' '--disable-dependency-tracking' > '--libdir=/usr/lib/x86_64-linux-gnu' '--sysconfdir=/etc/bind' > '--with-python=python3' '--localstatedir=/' '--enable-threads' > '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' > '--with-gost=no' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-libidn2' > '--with-json-c' '--with-lmdb=/usr' '--with-gnu-ld' '--with-maxminddb' > '--with-atf=no' '--enable-ipv6' '--enable-rrl' '--enable-filter-aaaa' > '--disable-native-pkcs11' '--enable-dnstap' 'build_alias=x86_64-linux-gnu' > 'CFLAGS=-g -O2 -ffile-prefix-map=/build/bind9-udv6N3/bind9-9.16.11=. > -fstack-protector-strong -Wformat -Werror=format-security > -fno-strict-aliasing -fno-delete-null-pointer-checks -DNO_VERSION_DATE > -DDIG_SIGCHASE' 'LDFLAGS=-Wl,-z,relro -Wl,-z,now' 'CPPFLAGS=-Wdate-time > -D_FORTIFY_SOURCE=2' > Jan 22 14:40:47 trefle named[1317468]: running as: named -f -u bind > Jan 22 14:40:47 trefle named[1317468]: compiled by GCC 10.2.1 20210110 > Jan 22 14:40:47 trefle named[1317468]: compiled with OpenSSL version: OpenSSL > 1.1.1i 8 Dec 2020 > Jan 22 14:40:47 trefle named[1317468]: linked to OpenSSL version: OpenSSL > 1.1.1i 8 Dec 2020 > Jan 22 14:40:47 trefle named[1317468]: compiled with libxml2 version: 2.9.10 > Jan 22 14:40:47 trefle named[1317468]: linked to libxml2 version: 20910 > Jan 22 14:40:47 trefle named[1317468]: compiled with json-c version: 0.15 > Jan 22 14:40:47 trefle named[1317468]: linked to json-c version: 0.15 > Jan 22 14:40:47 trefle named[1317468]: compiled with zlib version: 1.2.11 > Jan 22 14:40:47 trefle named[1317468]: linked to zlib version: 1.2.11 > Jan 22 14:40:47 trefle named[1317468]: > ---------------------------------------------------- > Jan 22 14:40:47 trefle named[1317468]: BIND 9 is maintained by Internet > Systems Consortium, > Jan 22 14:40:47 trefle named[1317468]: Inc. (ISC), a non-profit 501(c)(3) > public-benefit > Jan 22 14:40:47 trefle named[1317468]: corporation. Support and training for > BIND 9 are > Jan 22 14:40:47 trefle named[1317468]: available at > https://www.isc.org/support > Jan 22 14:40:47 trefle named[1317468]: > ---------------------------------------------------- > Jan 22 14:40:47 trefle named[1317468]: adjusted limit on open files from > 524288 to 1048576 > Jan 22 14:40:47 trefle named[1317468]: found 8 CPUs, using 8 worker threads > Jan 22 14:40:47 trefle named[1317468]: using 8 UDP listeners per interface > Jan 22 14:40:47 trefle named[1317468]: using up to 21000 sockets > Jan 22 14:40:47 trefle named[1317468]: loading configuration from > '/etc/bind/named.conf' > Jan 22 14:40:47 trefle named[1317468]: reading built-in trust anchors from > file '/etc/bind/bind.keys' > Jan 22 14:40:47 trefle named[1317468]: looking for GeoIP2 databases in > '/usr/share/GeoIP' > Jan 22 14:40:47 trefle named[1317468]: using default UDP/IPv4 port range: > [32768, 60999] > Jan 22 14:40:47 trefle named[1317468]: using default UDP/IPv6 port range: > [32768, 60999] > Jan 22 14:40:47 trefle named[1317468]: listening on IPv4 interface lo, > 127.0.0.1#53 > Jan 22 14:40:47 trefle named[1317468]: listening on IPv4 interface eth0, > 10.250.0.1#53 > Jan 22 14:40:47 trefle named[1317468]: IPv6 socket API is incomplete; > explicitly binding to each IPv6 address separately > Jan 22 14:40:47 trefle named[1317468]: listening on IPv6 interface lo, ::1#53 > Jan 22 14:40:47 trefle named[1317468]: listening on IPv6 interface eth0, > fd3a:49e:a53d:0:76d4:35ff:febc:1476#53 > Jan 22 14:40:47 trefle named[1317468]: listening on IPv6 interface eth0, > fe80::76d4:35ff:febc:1476%2#53 > Jan 22 14:40:47 trefle named[1317468]: generating session key for dynamic DNS > Jan 22 14:40:47 trefle named[1317468]: sizing zone task pool based on 24 zones > Jan 22 14:40:47 trefle systemd[1]: named.service: Main process exited, > code=killed, status=11/SEGV > Jan 22 14:40:47 trefle systemd[1]: named.service: Failed with result 'signal'. > Jan 22 14:40:47 trefle systemd[1]: named.service: Scheduled restart job, > restart counter is at 3. > Jan 22 14:40:47 trefle systemd[1]: Stopped BIND Domain Name Server. > Jan 22 14:40:47 trefle systemd[1]: Started BIND Domain Name Server. > Jan 22 14:40:47 trefle named[1317495]: starting BIND 9.16.11-Debian (Stable > Release) <id:9ff601b> > Jan 22 14:40:47 trefle named[1317495]: running on Linux x86_64 5.10.0-1-amd64 > #1 SMP Debian 5.10.5-1 (2021-01-09) > Jan 22 14:40:47 trefle named[1317495]: built with '--build=x86_64-linux-gnu' > '--prefix=/usr' '--includedir=/usr/include' '--mandir=/usr/share/man' > '--infodir=/usr/share/info' '--sysconfdir=/etc' '--localstatedir=/var' > '--disable-option-checking' '--disable-silent-rules' > '--libdir=/usr/lib/x86_64-linux-gnu' '--runstatedir=/run' > '--disable-maintainer-mode' '--disable-dependency-tracking' > '--libdir=/usr/lib/x86_64-linux-gnu' '--sysconfdir=/etc/bind' > '--with-python=python3' '--localstatedir=/' '--enable-threads' > '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' > '--with-gost=no' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-libidn2' > '--with-json-c' '--with-lmdb=/usr' '--with-gnu-ld' '--with-maxminddb' > '--with-atf=no' '--enable-ipv6' '--enable-rrl' '--enable-filter-aaaa' > '--disable-native-pkcs11' '--enable-dnstap' 'build_alias=x86_64-linux-gnu' > 'CFLAGS=-g -O2 -ffile-prefix-map=/build/bind9-udv6N3/bind9-9.16.11=. > -fstack-protector-strong -Wformat -Werror=format-security > -fno-strict-aliasing -fno-delete-null-pointer-checks -DNO_VERSION_DATE > -DDIG_SIGCHASE' 'LDFLAGS=-Wl,-z,relro -Wl,-z,now' 'CPPFLAGS=-Wdate-time > -D_FORTIFY_SOURCE=2' > Jan 22 14:40:47 trefle named[1317495]: running as: named -f -u bind > Jan 22 14:40:47 trefle named[1317495]: compiled by GCC 10.2.1 20210110 > Jan 22 14:40:47 trefle named[1317495]: compiled with OpenSSL version: OpenSSL > 1.1.1i 8 Dec 2020 > Jan 22 14:40:47 trefle named[1317495]: linked to OpenSSL version: OpenSSL > 1.1.1i 8 Dec 2020 > Jan 22 14:40:47 trefle named[1317495]: compiled with libxml2 version: 2.9.10 > Jan 22 14:40:47 trefle named[1317495]: linked to libxml2 version: 20910 > Jan 22 14:40:47 trefle named[1317495]: compiled with json-c version: 0.15 > Jan 22 14:40:47 trefle named[1317495]: linked to json-c version: 0.15 > Jan 22 14:40:47 trefle named[1317495]: compiled with zlib version: 1.2.11 > Jan 22 14:40:47 trefle named[1317495]: linked to zlib version: 1.2.11 > Jan 22 14:40:47 trefle named[1317495]: > ---------------------------------------------------- > Jan 22 14:40:47 trefle named[1317495]: BIND 9 is maintained by Internet > Systems Consortium, > Jan 22 14:40:47 trefle named[1317495]: Inc. (ISC), a non-profit 501(c)(3) > public-benefit > Jan 22 14:40:47 trefle named[1317495]: corporation. Support and training for > BIND 9 are > Jan 22 14:40:47 trefle named[1317495]: available at > https://www.isc.org/support > Jan 22 14:40:47 trefle named[1317495]: > ---------------------------------------------------- > Jan 22 14:40:47 trefle named[1317495]: adjusted limit on open files from > 524288 to 1048576 > Jan 22 14:40:47 trefle named[1317495]: found 8 CPUs, using 8 worker threads > Jan 22 14:40:47 trefle named[1317495]: using 8 UDP listeners per interface > Jan 22 14:40:47 trefle named[1317495]: using up to 21000 sockets > Jan 22 14:40:47 trefle named[1317495]: loading configuration from > '/etc/bind/named.conf' > Jan 22 14:40:47 trefle named[1317495]: reading built-in trust anchors from > file '/etc/bind/bind.keys' > Jan 22 14:40:47 trefle named[1317495]: looking for GeoIP2 databases in > '/usr/share/GeoIP' > Jan 22 14:40:47 trefle named[1317495]: using default UDP/IPv4 port range: > [32768, 60999] > Jan 22 14:40:47 trefle named[1317495]: using default UDP/IPv6 port range: > [32768, 60999] > Jan 22 14:40:47 trefle named[1317495]: listening on IPv4 interface lo, > 127.0.0.1#53 > Jan 22 14:40:47 trefle named[1317495]: listening on IPv4 interface eth0, > 10.250.0.1#53 > Jan 22 14:40:47 trefle named[1317495]: IPv6 socket API is incomplete; > explicitly binding to each IPv6 address separately > Jan 22 14:40:47 trefle named[1317495]: listening on IPv6 interface lo, ::1#53 > Jan 22 14:40:47 trefle named[1317495]: listening on IPv6 interface eth0, > fd3a:49e:a53d:0:76d4:35ff:febc:1476#53 > Jan 22 14:40:47 trefle named[1317495]: listening on IPv6 interface eth0, > fe80::76d4:35ff:febc:1476%2#53 > Jan 22 14:40:47 trefle named[1317495]: generating session key for dynamic DNS > Jan 22 14:40:47 trefle named[1317495]: sizing zone task pool based on 24 zones > Jan 22 14:40:47 trefle systemd[1]: named.service: Main process exited, > code=killed, status=11/SEGV > Jan 22 14:40:47 trefle systemd[1]: named.service: Failed with result 'signal'. > Jan 22 14:40:48 trefle systemd[1]: named.service: Scheduled restart job, > restart counter is at 4. > Jan 22 14:40:48 trefle systemd[1]: Stopped BIND Domain Name Server. > Jan 22 14:40:48 trefle systemd[1]: Started BIND Domain Name Server. > Jan 22 14:40:48 trefle named[1317522]: starting BIND 9.16.11-Debian (Stable > Release) <id:9ff601b> > Jan 22 14:40:48 trefle named[1317522]: running on Linux x86_64 5.10.0-1-amd64 > #1 SMP Debian 5.10.5-1 (2021-01-09) > Jan 22 14:40:48 trefle named[1317522]: built with '--build=x86_64-linux-gnu' > '--prefix=/usr' '--includedir=/usr/include' '--mandir=/usr/share/man' > '--infodir=/usr/share/info' '--sysconfdir=/etc' '--localstatedir=/var' > '--disable-option-checking' '--disable-silent-rules' > '--libdir=/usr/lib/x86_64-linux-gnu' '--runstatedir=/run' > '--disable-maintainer-mode' '--disable-dependency-tracking' > '--libdir=/usr/lib/x86_64-linux-gnu' '--sysconfdir=/etc/bind' > '--with-python=python3' '--localstatedir=/' '--enable-threads' > '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' > '--with-gost=no' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-libidn2' > '--with-json-c' '--with-lmdb=/usr' '--with-gnu-ld' '--with-maxminddb' > '--with-atf=no' '--enable-ipv6' '--enable-rrl' '--enable-filter-aaaa' > '--disable-native-pkcs11' '--enable-dnstap' 'build_alias=x86_64-linux-gnu' > 'CFLAGS=-g -O2 -ffile-prefix-map=/build/bind9-udv6N3/bind9-9.16.11=. > -fstack-protector-strong -Wformat -Werror=format-security > -fno-strict-aliasing -fno-delete-null-pointer-checks -DNO_VERSION_DATE > -DDIG_SIGCHASE' 'LDFLAGS=-Wl,-z,relro -Wl,-z,now' 'CPPFLAGS=-Wdate-time > -D_FORTIFY_SOURCE=2' > Jan 22 14:40:48 trefle named[1317522]: running as: named -f -u bind > Jan 22 14:40:48 trefle named[1317522]: compiled by GCC 10.2.1 20210110 > Jan 22 14:40:48 trefle named[1317522]: compiled with OpenSSL version: OpenSSL > 1.1.1i 8 Dec 2020 > Jan 22 14:40:48 trefle named[1317522]: linked to OpenSSL version: OpenSSL > 1.1.1i 8 Dec 2020 > Jan 22 14:40:48 trefle named[1317522]: compiled with libxml2 version: 2.9.10 > Jan 22 14:40:48 trefle named[1317522]: linked to libxml2 version: 20910 > Jan 22 14:40:48 trefle named[1317522]: compiled with json-c version: 0.15 > Jan 22 14:40:48 trefle named[1317522]: linked to json-c version: 0.15 > Jan 22 14:40:48 trefle named[1317522]: compiled with zlib version: 1.2.11 > Jan 22 14:40:48 trefle named[1317522]: linked to zlib version: 1.2.11 > Jan 22 14:40:48 trefle named[1317522]: > ---------------------------------------------------- > Jan 22 14:40:48 trefle named[1317522]: BIND 9 is maintained by Internet > Systems Consortium, > Jan 22 14:40:48 trefle named[1317522]: Inc. (ISC), a non-profit 501(c)(3) > public-benefit > Jan 22 14:40:48 trefle named[1317522]: corporation. Support and training for > BIND 9 are > Jan 22 14:40:48 trefle named[1317522]: available at > https://www.isc.org/support > Jan 22 14:40:48 trefle named[1317522]: > ---------------------------------------------------- > Jan 22 14:40:48 trefle named[1317522]: adjusted limit on open files from > 524288 to 1048576 > Jan 22 14:40:48 trefle named[1317522]: found 8 CPUs, using 8 worker threads > Jan 22 14:40:48 trefle named[1317522]: using 8 UDP listeners per interface > Jan 22 14:40:48 trefle named[1317522]: using up to 21000 sockets > Jan 22 14:40:48 trefle named[1317522]: loading configuration from > '/etc/bind/named.conf' > Jan 22 14:40:48 trefle named[1317522]: reading built-in trust anchors from > file '/etc/bind/bind.keys' > Jan 22 14:40:48 trefle named[1317522]: looking for GeoIP2 databases in > '/usr/share/GeoIP' > Jan 22 14:40:48 trefle named[1317522]: using default UDP/IPv4 port range: > [32768, 60999] > Jan 22 14:40:48 trefle named[1317522]: using default UDP/IPv6 port range: > [32768, 60999] > Jan 22 14:40:48 trefle named[1317522]: listening on IPv4 interface lo, > 127.0.0.1#53 > Jan 22 14:40:48 trefle named[1317522]: listening on IPv4 interface eth0, > 10.250.0.1#53 > Jan 22 14:40:48 trefle named[1317522]: IPv6 socket API is incomplete; > explicitly binding to each IPv6 address separately > Jan 22 14:40:48 trefle named[1317522]: listening on IPv6 interface lo, ::1#53 > Jan 22 14:40:48 trefle named[1317522]: listening on IPv6 interface eth0, > fd3a:49e:a53d:0:76d4:35ff:febc:1476#53 > Jan 22 14:40:48 trefle named[1317522]: listening on IPv6 interface eth0, > fe80::76d4:35ff:febc:1476%2#53 > Jan 22 14:40:48 trefle named[1317522]: generating session key for dynamic DNS > Jan 22 14:40:48 trefle named[1317522]: sizing zone task pool based on 24 zones > Jan 22 14:40:48 trefle systemd[1]: named.service: Main process exited, > code=killed, status=11/SEGV > Jan 22 14:40:48 trefle systemd[1]: named.service: Failed with result 'signal'. > Jan 22 14:40:48 trefle systemd[1]: named.service: Scheduled restart job, > restart counter is at 5. > Jan 22 14:40:48 trefle systemd[1]: Stopped BIND Domain Name Server. > Jan 22 14:40:48 trefle systemd[1]: named.service: Start request repeated too > quickly. > Jan 22 14:40:48 trefle systemd[1]: named.service: Failed with result 'signal'. > Jan 22 14:40:48 trefle systemd[1]: Failed to start BIND Domain Name Server. > > > > -- System Information: > Debian Release: bullseye/sid > APT prefers unstable > APT policy: (500, 'unstable'), (1, 'experimental') > Architecture: amd64 (x86_64) > Foreign Architectures: i386 > > Kernel: Linux 5.10.0-1-amd64 (SMP w/8 CPU threads) > Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, > TAINT_UNSIGNED_MODULE > Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8), LANGUAGE not > set > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > LSM: AppArmor: enabled > > Versions of packages bind9 depends on: > ii adduser 3.118 > ii bind9-libs 1:9.16.11-1 > ii bind9-utils 1:9.16.11-1 > ii debconf [debconf-2.0] 1.5.74 > ii dns-root-data 2019052802 > ii init-system-helpers 1.60 > ii iproute2 5.10.0-3 > ii libc6 2.31-9 > ii libcap2 1:2.44-1 > ii libfstrm0 0.6.0-1+b1 > ii libjson-c5 0.15-1 > ii liblmdb0 0.9.24-1 > ii libmaxminddb0 1.5.0-1 > ii libprotobuf-c1 1.3.3-1+b2 > ii libssl1.1 1.1.1i-2 > ii libuv1 1.40.0-1 > ii libxml2 2.9.10+dfsg-6.3+b1 > ii lsb-base 11.1.0 > ii netbase 6.2 > ii zlib1g 1:1.2.11.dfsg-2 > > bind9 recommends no packages. > > Versions of packages bind9 suggests: > pn bind-doc <none> > ii bind9-dnsutils [dnsutils] 1:9.16.11-1 > pn resolvconf <none> > pn ufw <none> > > -- Configuration Files: > /etc/bind/named.conf changed: > // This is the primary configuration file for the BIND DNS server named. > // > // Please read /usr/share/doc/bind9/README.Debian.gz for information on the > // structure of BIND configuration files in Debian, *BEFORE* you customize > // this configuration file. > // > // If you are just adding zones, please do that in /etc/bind/named.conf.local > include "/etc/bind/named.conf.options"; > include "/etc/bind/named.conf.local"; > include "/etc/bind/certbot-ddns.key"; > //include "/etc/bind/named.conf.default-zones"; > > /etc/bind/named.conf.local changed: > // > // Do any local configuration here > // > logging { > channel security_file { > file "/var/log/named/security.log" versions 3 size 30m; > severity dynamic; > print-time yes; > }; > category security { > security_file; > }; > }; > // Consider adding the 1918 zones here, if they are not used in your > // organization > //include "/etc/bind/zones.rfc1918"; > acl nsnicru { 91.217.20.0/26; 91.217.21.0/26; 194.226.96.192/28; > 31.177.66.192/28; 195.253.54.22; 195.253.51.22; }; > acl nstriflenet { 195.24.128.164; }; > acl trefleru { 80.89.203.170; 83.234.135.17; }; > view "internal" { > // This should match our internal networks. > match-clients { !key certbot-ddns-key; localnets; trefleru;}; > // Provide recursive service to internal clients only. > recursion yes; > // Enable all empty zones. > empty-zones-enable yes; > // Provide a complete view of the example.com zone > // including addresses of internal hosts. > include "/etc/bind/named.conf.default-zones"; > // Local zones on Trefle > zone "trefle.ru." { > type master; > file "m/db.trefle.ru-local"; > allow-query { localnets; }; > allow-transfer { localnets; }; > allow-update { trefleru; }; > }; > zone "0.250.10.in-addr.arpa." { > type master; > file "m/db.10.250.0"; > allow-query { any; }; > allow-transfer { nsnicru; nstriflenet; }; > }; > zone "0.251.10.in-addr.arpa." { > type master; > file "m/db.10.251.0"; > allow-query { any; }; > allow-transfer { nsnicru; nstriflenet; }; > }; > zone "0.252.10.in-addr.arpa." { > type master; > file "m/db.10.252.0"; > allow-query { any; }; > allow-transfer { nsnicru; nstriflenet; }; > }; > zone "b.a.e.8.0.d.0.0.1.0.a.2.ip6.arpa." { > type master; > file "m/db.2a01.d0.ffff.eab"; > allow-query { any; }; > allow-transfer { nsnicru; nstriflenet; }; > }; > zone "belka.trefle.ru." { > type master; > file "m/db.belka.trefle.ru-local"; > allow-query { any; }; > allow-transfer { nsnicru; nstriflenet; }; > allow-update { trefleru; }; > }; > zone "gofman.biz." { > type master; > file "m/db.gofman.biz-local"; > allow-query { any; }; > allow-transfer { nsnicru; nstriflenet; }; > }; > zone "gofman.su." { > type master; > file "m/db.gofman.su-local"; > allow-query { any; }; > allow-transfer { nsnicru; nstriflenet; }; > }; > zone "secretlaboratory.ru." { > type master; > file "m/db.secretlaboratory.ru-local"; > allow-query { any; }; > allow-transfer { nsnicru; nstriflenet; }; > }; > // Zones from Academ.org > zone "academ.local." { > type forward; > forwarders { > 85.118.224.121; > 89.31.118.1; > }; > }; > zone "academ.info." { > type forward; > forwarders { > 85.118.224.121; > 89.31.118.1; > }; > }; > }; > view "external" { > // Enable all empty zones. > empty-zones-enable yes; > // Match all clients not matched by the previous view. > match-clients { key certbot-ddns-key; any; }; > // Refuse recursive service to external clients. > allow-recursion { > trefleru; > }; > // Provide a restricted view of the example.com zone > // containing only publicly accessible hosts. > zone "trefle.ru." { > type master; > file "m/db.trefle.ru"; > //file "m/db.trefle.ru.signed"; > allow-query { any; }; > allow-transfer { nsnicru; nstriflenet; trefleru; }; > notify yes; > also-notify { 195.253.54.22; 195.253.51.22; }; > update-policy { > grant certbot-ddns-key zonesub ANY; > }; > }; > zone "170/32.203.89.80.in-addr.arpa." { > type master; > file "m/db.80.89.203.170"; > allow-query { any; }; > allow-transfer { nsnicru; nstriflenet; trefleru; }; > }; > zone "0.252.10.in-addr.arpa." { > type master; > file "m/db.10.252.0"; > allow-query { any; }; > allow-transfer { nsnicru; nstriflenet; }; > }; > zone "b.a.e.8.0.d.0.0.1.0.a.2.ip6.arpa." { > type master; > file "m/db.2a01.d0.ffff.eab"; > allow-query { any; }; > allow-transfer { nsnicru; nstriflenet; }; > }; > zone "belka.trefle.ru." { > type master; > file "m/db.belka.trefle.ru"; > allow-query { any; }; > allow-transfer { nsnicru; nstriflenet; trefleru; }; > notify yes; > also-notify { 195.253.54.22; 195.253.51.22; }; > }; > zone "gofman.biz." { > type master; > file "m/db.gofman.biz"; > allow-query { any; }; > allow-transfer { nsnicru; nstriflenet; }; > update-policy { > grant certbot-ddns-key zonesub ANY; > }; > }; > zone "gofman.su." { > type master; > file "m/db.gofman.su"; > allow-query { any; }; > allow-transfer { nsnicru; nstriflenet; }; > }; > zone "secretlaboratory.ru." { > type master; > file "m/db.secretlaboratory.ru"; > allow-query { any; }; > allow-transfer { nsnicru; nstriflenet; }; > notify yes; > also-notify { 195.253.54.22; 195.253.51.22; }; > update-policy { > grant certbot-ddns-key zonesub ANY; > }; > }; > }; > > > -- debconf information: > bind9/run-resolvconf: true > bind9/start-as-user: bind > bind9/different-configuration-file: >
signature.asc
Description: Message signed with OpenPGP
