additional-from-cache is obsolete and should be removed

Greg Williams

• February 14, 2025 14:41

I'm having an odd, sporadic issue with Bind that is related to updates. Every now and then Bind stops working after an update. I have 3 NS servers and, oddly, the two most modern servers running cPanel Version 124.0.28 are the two that are having the issue. The older server, NS3, is fine and has never had the issue.

When I investigate what's happening I see this:

!! /etc/named.conf:1848: option 'additional-from-cache' is obsolete and should be removed

So I remove the line and run /usr/local/cpanel/scripts/rebuilddnsconfig and this fixes it until the next update when 'additional-from-cache' is inserted yet again into /etc/named.conf. This has been going on for months. Where is the line 'additional-from-cache' coming from after updates? I'd really like to figure this out because when it happens it happens to both NS1 and NS2, leaving only one nameserver available.

My Versions:
NS1: BIND 9.16.23-RH (AlmaLinux v9.5.0 DNSONLY standard cPanel Version 124.0.28)
NS2: BIND 9.16.23-RH (AlmaLinux v9.5.0 STANDARD standard cPanel Version 124.0.28)
NS3: BIND 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.16.tuxcare.els5 (CentOS v7.9.2009 STANDARD standard cPanel Version 110.0.51)

Thanks!
Greg

• 

  cPRex Jurassic Moderator

  • February 14, 2025 17:59

  Hey there!  Just to be certain, the version 124 machines are *not* using PowerDNS and really are running BIND directly?  I ask because PowerDNS has been the default nameserver software since version 84 and we're slowly moving away from any work with BIND, so maybe the ultimate solution here is to switch to PowerDNS instead.

  I know that isn't a very specific answer, but I'd be interested to see if you experience the same behavior with one of the nameservers if you switched it over to PowerDNS.

  0
• 

  Greg Williams

  • February 14, 2025 20:33

  Hi cPRex,

  Thank you for the reply. Yes, these are all using Bind, mainly because that's what I know and have been using for decades. I'll need to do some research about changing to PowerDNS, the pros and cons, since there are many accounts using these nameservers. I don't want any disruption. Should I assume that all three nameservers would need to be running PowerDNS since they are all in the same cluster?

  Thanks!
  Greg

  0
• 

  cPRex Jurassic Moderator

  • February 17, 2025 07:39

  From an administration standpoint, there's really no difference - PowerDNS is a drop-in replacement for BIND, so you don't need to think or do anything differently than what you're used to.

  The only requirement to all the systems running the same software is if you're using DNSSEC.  If you do, all cluster member have to use PowerDNS.  Other than that, it doesn't matter.

  0
• 

  Greg Williams

  • February 17, 2025 14:53

  Thank you, cPRex. That is great information. I will go ahead and make the move to PowerDNS.

  Greg

  0
• 

  cPRex Jurassic Moderator

  • February 17, 2025 15:58

  Sure thing!

  0

Please sign in to leave a comment.