bind911 socket error

FreeBSD 11.0-RELEASE-p1
I did a pkg install bind911
I notice this on startup:
Code:
Jan 16 14:54:11 secure3 named[1176]: socket.c:5681: unexpected error:
Jan 16 14:54:11 secure3 named[1176]: setsockopt(21, TCP_FASTOPEN) failed with Protocol not available
Jan 16 14:54:11 secure3 named[1176]: socket.c:5681: unexpected error:
Jan 16 14:54:11 secure3 named[1176]: setsockopt(22, TCP_FASTOPEN) failed with Protocol not available
Jan 16 14:54:11 secure3 named[1176]: socket.c:5681: unexpected error:
Jan 16 14:54:11 secure3 named[1176]: setsockopt(23, TCP_FASTOPEN) failed with Protocol not available
Jan 16 14:54:11 secure3 named[1176]: socket.c:5681: unexpected error:
Jan 16 14:54:11 secure3 named[1176]: setsockopt(24, TCP_FASTOPEN) failed with Protocol not available
How do I fix that? (I'm surprised I have such an error with a default install)

Thanks!
 
I have several bind99 servers running but I'm not seeing this issue. It may be something that was introduced in 9.11. If you have other servers with the same version running without this issue it's most likely a configuration setting somewhere. I'd start comparing the named.conf file for any differences.
 
I have several bind99 servers running but I'm not seeing this issue. It may be something that was introduced in 9.11. If you have other servers with the same version running without this issue it's most likely a configuration setting somewhere. I'd start comparing the named.conf file for any differences.
bind911 and bind910 both post errors. bind99 posts no errors. bind99 it is.

Thanks TONS!!!
 
Already compared /usr/local/etc/namedb/named.conf, they are the same except for the zones.
Also compared /etc/sysctl.conf and /boot/loader.conf and the kernel config of both servers, all the same.
 
As SirDice noticed in my thread; Added 'options TCP_RFC7413' to custom kernel config and added 'net.inet.tcp.fastopen.enabled=1' to /etc/sysctl.conf no errors anymore from bind911.
Thanks for you reply on this. I assumed a custom kernel would fix it, but I was hoping for a flag for bind911 package. I'm not the FreeBSD guru, however I find it peculiar for a generic package configuration for something like bind to have a dependency of a custom kernel. I have plenty older ones with custom kernels, but FreeBSD 11 has everything I need in Generic, so I don't feel inclined to change that for something as simple as bind.

Thanks!!!
 
What I find odd is that identical servers have different settings. Reading the release notes:
named can now use the TCP Fast Open mechanism on the server side, if supported by the local operating system. [RT #42866]
So it looks like named may not detect it properly. Or it simply tries to enable the option (causing the error message) and falling back to 'normal' mode if it fails.
 
Maybe you can load the tcp_rfc7413 in the GENERIC kernel via /boot/loader.conf.local, adding something like tcp_rfc7413_load="YES" but I don't know for sure and didn't test it.
 
Back
Top