This is a very interesting bug and I do not know why
zoneserver and only
zoneserver acts this way. I can tell you this much:
zoneserver also is the only service I can not start up in a podman (CentOS 8’s Docker clone); when I try to start up zoneserver in a Podman container, I get a “fork error”.
Zoneserver uses the
fork() model to handle incoming connections. When an incoming connecting comes in via TCP, Zoneserver forks a sub-process to handle the DNS-over-TCP connection. While this is not particularly efficient, it allowed me to fairly quickly get the “has support for TCP” checkbox checked when I was trying to get a fully functional basic DNS server out the door as quickly as possible back when Bind was the only open source DNS server and the Internet community felt having that kind of monoculture was not healthy.
I have not gotten to the bottom of zoneserver’s issue with systemd or with Podman. I also know that newer versions of Dig have issues with the form of DNS-over-TCP packets sent by MaraDNS (and, I believe, zoneserver), so DNS-over-TCP has been relegated to the back burner: DNS is perfectly usable over just UDP, and DNS-over-TCP just really isn’t used except for zone transfers.