Operational Notification: LMDB integration problems with BIND 9.11.0 and 9.11.1
- Updated on 14 Jun 2017
- 3 minutes to read
BIND 9.11.0 and 9.11.1 carries a number of integration problems with LMDB (liblmdb) that will be addressed in BIND 9.11.2.
14 Jun 2017
BIND 9.11.0 -> 9.11.1.Px (all versions of BIND 9.11.0 and 9.11.1)
ISC will be releasing BIND 9.11.2 in July/August 2017 which will address integration issues with BIND's use of LMDB in BIND 9.11.0 and 9.11.1. Until then, our recommendation is that LMDB be disabled.
Use of LMDB for the 'New Zone Database" (NZD) is a new feature in BIND 9.11, introduced in order to provide significant performance improvements during dynamic zone handling. It is enabled by default when building BIND on a system that has liblmdb installed and some packagers of BIND 9.11 include this feature (along with the liblmdb dependency) in their distribution.
Problems that may be encountered on servers with LMDB enabled and "allow-new-zones yes;" include:
- Some new zones fail to persist following a restart, reload or reconfig
- Zone deletions are incomplete leading to anomalies on restart and/or when re-adding zones
- On a server that is started with the -u option, Issuing the commands "rndc reload" or "rndc reconfig" may result in named terminating unexpectedly
- A deadlock (hang) of named sometimes occurs during concurrent dynamic zone operations
- If building BIND 9.11 in an environment with liblmdb available, ensure that the integration is explicitly disabled by building BIND with the configure option --without-lmdb .
- There are no run time options available to disable lmdb integration, therefore if you are running a pre-built (package) version of BIND 9.11.0 or 9.11.2 that provides LMDB integration along with installing liblmdb as a dependent package, we recommend contacting your provider to request an update.
BIND 9.11.2 will be published in July/August 2017. At that time it will become available for download from http://www.isc.org/downloads/all.
Do you still have questions? Questions regarding this advisory should go to firstname.lastname@example.org. To report a new issue, please encrypt your message using email@example.com's PGP key which can be found here: https://www.isc.org/downloads/software-support-policy/openpgp-key/. If you are unable to use encrypted email, you may also report new issues at: https://www.isc.org/community/report-bug/.
Note: ISC patches only currently supported versions. When possible we indicate EOL versions affected. (For current information on which versions are actively supported, please see http://www.isc.org/downloads/).
ISC Security Vulnerability Disclosure Policy: Details of our current security advisory policy and practice can be found here: https://kb.isc.org/article/AA-00861/164/ISC-Software-Defect-and-Security-Vulnerability-Disclosure-Policy.html
This Knowledge Base article https://kb.isc.org/article/AA-01497 is the complete and official operational notification document.
Legal Disclaimer: Internet Systems Consortium (ISC) is providing this notice on an "AS IS" basis. No warranty or guarantee of any kind is expressed in this notice and none should be implied. ISC expressly excludes and disclaims any warranties regarding this notice or materials referred to in this notice, including, without limitation, any implied warranty of merchantability, fitness for a particular purpose, absence of hidden defects, or of non-infringement. Your use or reliance on this notice or materials referred to in this notice is at your own risk. ISC may change this notice at any time. A stand-alone copy or paraphrase of the text of this document that omits the document URL is an uncontrolled copy. Uncontrolled copies may lack important information, be out of date, or contain factual errors.
© 2001-2018 Internet Systems Consortium For assistance with problems and questions for which you have not been able to find an answer in our Knowledge Base, we recommend searching our community mailing list archives and/or posting your question there (you will need to register there first for your posts to be accepted). The bind-users and the dhcp-users lists particularly have a long-standing and active membership. ISC relies on the financial support of the community to fund the development of its open source software products. If you would like to support future product evolution and maintenance as well having peace of mind knowing that our team of experts are poised to provide you with individual technical assistance whenever you call upon them, then please consider our Professional Subscription Support services - details can be found on our main website.