# bind911 socket error



## IT_Architect (Jan 16, 2017)

FreeBSD 11.0-RELEASE-p1
I did a `pkg install bind911`
I notice this on startup:

```
Jan 16 14:54:11 secure3 named[1176]: socket.c:5681: unexpected error:
Jan 16 14:54:11 secure3 named[1176]: setsockopt(21, TCP_FASTOPEN) failed with Protocol not available
Jan 16 14:54:11 secure3 named[1176]: socket.c:5681: unexpected error:
Jan 16 14:54:11 secure3 named[1176]: setsockopt(22, TCP_FASTOPEN) failed with Protocol not available
Jan 16 14:54:11 secure3 named[1176]: socket.c:5681: unexpected error:
Jan 16 14:54:11 secure3 named[1176]: setsockopt(23, TCP_FASTOPEN) failed with Protocol not available
Jan 16 14:54:11 secure3 named[1176]: socket.c:5681: unexpected error:
Jan 16 14:54:11 secure3 named[1176]: setsockopt(24, TCP_FASTOPEN) failed with Protocol not available
```
How do I fix that?  (I'm surprised I have such an error with a default install)

Thanks!


----------



## megapearl (Jan 18, 2017)

Having the same problem as you, can't find it either.

Strange thing is that I'm running 2 servers with almost exact the same configuration and only one server gives the TCP_FASTOPEN error.

https://forums.freebsd.org/threads/59367/


----------



## SirDice (Jan 18, 2017)

I have several bind99 servers running but I'm not seeing this issue. It may be something that was introduced in 9.11. If you have other servers with the same version running without this issue it's most likely a configuration setting somewhere. I'd start comparing the named.conf file for any differences.


----------



## IT_Architect (Jan 18, 2017)

SirDice said:


> I have several bind99 servers running but I'm not seeing this issue. It may be something that was introduced in 9.11. If you have other servers with the same version running without this issue it's most likely a configuration setting somewhere. I'd start comparing the named.conf file for any differences.


bind911 and bind910 both post errors.  bind99 posts no errors.  bind99 it is.

Thanks TONS!!!


----------



## megapearl (Jan 18, 2017)

Already compared /usr/local/etc/namedb/named.conf, they are the same except for the zones.
Also compared /etc/sysctl.conf and /boot/loader.conf and the kernel config of both servers, all the same.


----------



## megapearl (Jan 18, 2017)

As SirDice noticed in my thread; Added 'options TCP_RFC7413' to custom kernel config and added 'net.inet.tcp.fastopen.enabled=1' to /etc/sysctl.conf no errors anymore from bind911.


----------



## IT_Architect (Jan 18, 2017)

megapearl said:


> As SirDice noticed in my thread; Added 'options TCP_RFC7413' to custom kernel config and added 'net.inet.tcp.fastopen.enabled=1' to /etc/sysctl.conf no errors anymore from bind911.


Thanks for you reply on this.  I assumed a custom kernel would fix it, but I was hoping for a flag for bind911 package.  I'm not the FreeBSD guru, however I find it peculiar for a generic package configuration for something like bind to have a dependency of a custom kernel.  I have plenty older ones with custom kernels, but FreeBSD 11 has everything I need in Generic, so I don't feel inclined to change that for something as simple as bind.

Thanks!!!


----------



## SirDice (Jan 18, 2017)

What I find odd is that identical servers have different settings. Reading the release notes:


> named can now use the TCP Fast Open mechanism on the server side, if supported by the local operating system. [RT #42866]


So it looks like named may not detect it properly. Or it simply tries to enable the option (causing the error message) and falling back to 'normal' mode if it fails.


----------



## megapearl (Jan 18, 2017)

Maybe you can load the tcp_rfc7413 in the GENERIC kernel via /boot/loader.conf.local, adding something like tcp_rfc7413_load="YES" but I don't know for sure and didn't test it.


----------

