I am trying to run BIND on host "jupiter" in my domain
"obliqueuniverse.org" I'm using the O'Reilly book "Linux System
Administrastion" (Adelstein) as a guide, but have gotten stuck.
Below is some data that I think is relevant.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
rndc shows that BIND is working
jupiter:/home/admin# rndc status
number of zones: 8
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
server is up and running
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
However, dig doesn't return an answer:
jupiter:/home/admin# dig
(E-Mail Removed)
; <<>> DiG 9.2.4 <<>>
(E-Mail Removed)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31720
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL:
0
;; QUESTION SECTION:
;jupiter\@obliqueuniverse.org. IN A
;; Query time: 31 msec
;; SERVER: 192.168.2.1#53(192.168.2.1)
;; WHEN: Tue Oct 14 12:17:22 2008
;; MSG SIZE rcvd: 45
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
However, digging for google.com returns an answer...
jupiter:/home/admin# dig google.com
; <<>> DiG 9.2.4 <<>> google.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60327
;; flags: qr ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 290 IN A 72.14.207.99
google.com. 290 IN A 64.233.187.99
google.com. 290 IN A 209.85.171.99
;; Query time: 19 msec
;; SERVER: 192.168.2.1#53(192.168.2.1)
;; WHEN: Tue Oct 14 12:17:51 2008
;; MSG SIZE rcvd: 180
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
and digging for my IP address on reverse lookup returns the correct
answer:
jupiter:/home/admin# dig -x 207.237.37.110
; <<>> DiG 9.2.4 <<>> -x 207.237.37.110
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46611
;; flags: qr ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;110.37.237.207.in-addr.arpa. IN PTR
;; ANSWER SECTION:
110.37.237.207.in-addr.arpa. 3932160 IN PTR 207-237-37-110.c3-0.nyr-
ubr2.nyr.ny.static.cable.rcn.com.
;; Query time: 36 msec
;; SERVER: 192.168.2.1#53(192.168.2.1)
;; WHEN: Tue Oct 14 12:18:59 2008
;; MSG SIZE rcvd: 115
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
From syslog, it looks like the zone files are being loaded, but some
errors are logged for the primary and reverse zone files. I've looked
very carefully at the zone files (copied below) and I can't see what's
wrong with them.
jupiter:/home/admin# cat /var/log/syslog | grep "named" | grep "Oct
14"
Oct 14 08:57:40 jupiter named[2218]: starting BIND 9.2.4 -u bind -t /
var/lib/named
Oct 14 08:57:41 jupiter named[2218]: using 1 CPU
Oct 14 08:57:41 jupiter named[2218]: loading configuration from '/etc/
bind/named.conf'
Oct 14 08:57:41 jupiter named[2218]: listening on IPv4 interface lo,
127.0.0.1#53
Oct 14 08:57:41 jupiter named[2218]: listening on IPv4 interface eth0,
192.168.2.2#53
Oct 14 08:57:41 jupiter named[2218]: command channel listening on
127.0.0.1#953
Oct 14 08:57:41 jupiter named[2218]: command channel listening on ::
1#953
Oct 14 08:57:41 jupiter named[2218]: zone 0.in-addr.arpa/IN: loaded
serial 1
Oct 14 08:57:41 jupiter named[2218]: zone 127.in-addr.arpa/IN: loaded
serial 1
Oct 14 08:57:41 jupiter named[2218]: /etc/bind/pri.37.237.207.in-
addr.arpa:1: no TTL specified; using SOA MINTTL instead
Oct 14 08:57:41 jupiter named[2218]: dns_master_load: /etc/bind/pri.
37.237.207.in-addr.arpa:8: unknown RR type
'jupiter.obliqueuniverse.org.'
Oct 14 08:57:41 jupiter named[2218]: zone 37.237.207.in-addr.arpa/IN:
loading master file /etc/bind/pri.37.237.207.in-addr.arpa: unknown
class/type
Oct 14 08:57:41 jupiter named[2218]: zone 255.in-addr.arpa/IN: loaded
serial 1
Oct 14 08:57:41 jupiter named[2218]: zone localhost/IN: loaded serial
1
Oct 14 08:57:41 jupiter named[2218]: /etc/bind/pri.obliqueuniverse.org:
1: no TTL specified; using SOA MINTTL instead
Oct 14 08:57:41 jupiter named[2218]: zone obliqueuniverse.org/IN:
loaded serial 2008100701
Oct 14 08:57:41 jupiter named[2218]: running
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Here's is the primary zone:
jupiter:/etc/bind# cat pri.obliqueuniverse.org
@ IN SOA jupiter.obliqueuniverse.org. root.localhost. (
2008100701; serial number
28800; refresh, seconds
7200; retry, seconds
604800; expiry, seconds
86400 ); minimum TTL, seconds
;
NS jupiter.obliqueuniverse.org.;
;
MX 10 jupiter.obliqueuniverse.org.
;
obliqueuniverse.org. A 207.237.37.110
www A 207.237.37.110; no period: BIND appends zone origin
jupiter A 207.237.37.110
ftp CNAME www
obliqueuniverse.org. TXT "v=spf1 a mx ~all"
jupiter.obliqueuniverse.org. TXT "v=spf1 a ~all"
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Here's the reverse zone:
jupiter:/etc/bind# cat pri.37.237.207.in-addr.arpa
@ IN SOA jupiter.obliqueuniverse.org. root.localhost. (
2008100701; serial number
28800; refresh, seconds
7200; retry, seconds
604800; expiry, seconds
86400 ); minimum TTL, seconds
;
NS jupiter.obliqueuniverse.org.;
;
110 PTR obliqueuniverse.org.;
;
; I am not providing PTR record for the backup nameserver.
; I assume that lunarpages provides this PTR record.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Here's named.conf:
jupiter:/etc/bind# cat named.conf
// This is the primary configuration file for the BIND DNS server
named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information
on the
// structure of BIND configuration files in Debian, *BEFORE* you
customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/
named.conf.local
include "/etc/bind/named.conf.options";
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and
for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
zone "37.237.207.in-addr.arpa" {
type master;
file "/etc/bind/pri.37.237.207.in-addr.arpa";
};
// primary zone file added on 10/07/08
zone "obliqueuniverse.org" {
type master;
file "/etc/bind/pri.obliqueuniverse.org";
};
// zone "com" { type delegation-only; };
// zone "net" { type delegation-only; };
// From the release notes:
// Because many of our users are uncomfortable receiving undelegated
answers
// from root or top level domains, other than a few for whom that
behaviour
// has been trusted and expected for quite some length of time, we
have now
// introduced the "root-delegations-only" feature which applies
delegation-only
// logic to all top level domains, and to the root domain. An
exception list
// should be specified, including "MUSEUM" and "DE", and any other
top level
// domains from whom undelegated responses are expected and trusted.
// root-delegation-only exclude { "DE"; "MUSEUM"; };
include "/etc/bind/named.conf.local";
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Here's named.conf.local:
jupiter:/etc/bind# cat named.conf.local
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
jupiter:/etc/bind# cat named.conf.local.options
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you might need to uncomment the query-source
// directive below. Previous versions of BIND always asked
// questions using port 53, but BIND 8.1 and later use an
unprivileged
// port by default.
//next line uncommented 10/02/08
query-source address * port 53;
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
// following lines added for ns1.dns.rcn.net and ns2.dns.rcn.net
10/02/08
forwarders {
207.172.3.8;
207.172.3.9;
};
auth-nxdomain no; # conform to RFC1035
};
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Here's the bind directory:
jupiter:/etc/bind# ls -l
total 52
-rw-r--r-- 1 bind bind 237 2007-07-25 17:36 db.0
-rw-r--r-- 1 bind bind 271 2007-07-25 17:36 db.127
-rw-r--r-- 1 bind bind 237 2007-07-25 17:36 db.255
-rw-r--r-- 1 bind bind 353 2007-07-25 17:36 db.empty
-rw-r--r-- 1 bind bind 256 2007-07-25 17:36 db.local
-rw-r--r-- 1 bind bind 1507 2007-07-25 17:36 db.root
-rw-r--r-- 1 bind bind 2136 2008-10-09 11:17 named.conf
-rw-r--r-- 1 bind bind 165 2007-07-25 17:36 named.conf.local
-rw-r--r-- 1 bind bind 829 2008-10-06 19:49 named.conf.options
-rw-r--r-- 1 bind bind 369 2008-10-13 10:11 pri.37.237.207.in-
addr.arpa
-rw-r--r-- 1 bind bind 499 2008-10-09 11:48 pri.obliqueuniverse.org
-rw-r----- 1 bind bind 77 2008-08-20 06:31 rndc.key
-rw-r--r-- 1 bind bind 1317 2007-07-25 17:36 zones.rfc1918
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
I would appreciate any suggestions as to what I may have done wrong.
Best Regards,
Vwaju
New York City
Similar Threads
Linear Mode
