Hi all, I'm new to configuring DNS. I believe my set up is simple.
I have ftp, mail, dns, and www on the same machine. Can anyone check out my log file and two zone files.
This page has the files http://www.gotopinion.info/linux/index.html
Please e-mail me recommendations.
Thanks, Paul
Hi,
On Sun, Apr 10, 2005 at 12:15:06PM -0500, Paul Taylor wrote:
Hi all, I'm new to configuring DNS. I believe my set up is simple.
I have ftp, mail, dns, and www on the same machine. Can anyone check out my log file and two zone files.
This page has the files http://www.gotopinion.info/linux/index.html
Please e-mail me recommendations.
First of all, add a link to your /etc/named.conf.
The log file shows two bogus zones each with serial 42.
zone 0.in-addr.arpa/IN: loaded serial 42 255.in-addr.arpa/IN: loaded serial 42
Your /etc/named.conf file should show why this is happening.
In your ironworks.zone file you have an entry for "localhost". This will end up being localhost.ironworks.com which probably is not what you want. Put localhost in its own zone. A typical localhost zone looks like this:
$TTL 86400 $ORIGIN localhost. @ 1D IN SOA @ root ( 42 ; serial (d. adams) 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum
1D IN NS @ 1D IN A 127.0.0.1
Next, in the ironworks.zone file "localhost", "linux", "mail", "ns1", "www", and "ftp" have leading whitespace. They should be smack up against the left margin. This is what is causing the RR error message:
dns_master_load: ironworks.zone:13: unknown RR type 'localhost'
Try these changes, add a link to /etc/named.conf, and tell us what happened. -- Jim
Hi,
On Sun, Apr 10, 2005 at 09:05:36PM -0500, Paul Taylor wrote: <some URL>
Looks much better. However, in ironworks.zone the first line is:
@TTL 3D
It probably should be:
$TTL 3D
like it used to be.
In your /etc/named.conf you have:
zone "255.in-addr.arpa" IN { type master; file "named.broadcast"; allow-update { none; }; };
zone "0.in-addr.arpa" IN { type master; file "named.zero"; allow-update { none; }; };
I'm not sure what you are trying to do here but I doubt it is right. It looks like you are trying to claim all IP's that start with either "255" or "0". For now why don't you just comment these lines out.
Also in your /etc/named.conf you have:
zone "localdomain" IN { type master; file "localdomain.zone"; allow-update { none; }; };
Since you didn't include a link to localdomain.zone it is hard to tell what this is. I doubt that it is something you really need but the log file says it isn't causing any trouble. I haven't messed with ipv6 so I can't offer an opinion on your named.ip6.local file, perhaps others can.
I think you just need to fix the typo? in ironworks.zone (@TTL 3D -> $TTL 3D) and you will have a working DNS. However I still question the need/value of your "localdomain.zone", "255.in-addr.arpa", and "0.in-addr.arpa".
On Sunday 10 April 2005 11:45 pm, Uncle Jim wrote:
Looks much better. However, in ironworks.zone the first line is:
@TTL 3D
It probably should be:
$TTL 3D
Jim, that's my 'error', on my RH7.3 box running bind 9.2.1 it works fine that way. Of course, it probably hasn't changed since this box was running RH 5.2.
Hi,
On Mon, Apr 11, 2005 at 09:45:15AM -0500, Jonathan Hutchins wrote:
@TTL 3D
It probably should be:
$TTL 3D
Jim, that's my 'error', on my RH7.3 box running bind 9.2.1 it works fine that way. Of course, it probably hasn't changed since this box was running RH 5.2.
Have you looked at your messages log after starting named?
What is this line supposed to mean? "@" is a shorthand for the $ORIGN which in this case is something like ironworks.com. Actually, all the docs I can find only talk about "@" being "standalone", nothing about it being part of something else.
On Monday 11 April 2005 12:43 pm, Uncle Jim wrote:
@TTL 3D It probably should be: $TTL 3D
Jim, that's my 'error', on my RH7.3 box running bind 9.2.1 it works fine that way. Of course, it probably hasn't changed since this box was running RH 5.2.
Have you looked at your messages log after starting named?
Apr 11 13:27:29 smaug named[4464]: starting BIND 9.2.1 -u named Apr 11 13:27:29 smaug named[4464]: using 1 CPU Apr 11 13:27:29 smaug named[4467]: loading configuration from '/etc/named.conf' Apr 11 13:27:29 smaug named: named startup succeeded Apr 11 13:27:29 smaug named[4467]: no IPv6 interfaces found Apr 11 13:27:29 smaug named[4467]: listening on IPv4 interface lo, 127.0.0.1#53 Apr 11 13:27:29 smaug named[4467]: listening on IPv4 interface eth1, 192.168.76.254#53 Apr 11 13:27:29 smaug named[4467]: command channel listening on 127.0.0.1#953
No errors for years.
Checking two other nameservers I run, one is missing that first TTL line entirely, the other has it predecated with the $ instead of @. They all work fine.
test
I am instituting the 6mo rule, if i don't use it for 6 months, then i dont need it. If anyone is interested in any of this stuff, let me know.
Sun Ultra5 - 40gb hard drive, 256mb, Solaris 9 Nokia IP440 firewall - two hard drives, raid controller card Compaq computer system - p4 2.4, 512mb, 40gb monitor/mouse/keyboard included
Kyocera laser printer fs1500 - two additional papter trays sparc20 clone - lots of misc. parts laptops and misc junk. Orinoco wireless card
This is going on evilbay, but if i can sell it local and not deal with Nigerians or shipping, then im a happier guy.
HYPERLINK "BLOCKED::mailto:kurt@verruckt.org"kurt@verruckt.org 816-694-6535
What sort of laptops have you to sell?
On Apr 11, 2005 12:10 AM, kurt@verruckt.org kurt@verruckt.org wrote:
laptops and misc junk.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Paul Taylor wrote: | Hi all, I'm new to configuring DNS. I believe my set up is simple. | | I have ftp, mail, dns, and www on the same machine. Can anyone check out | my log file and two zone files. | | This page has the files http://www.gotopinion.info/linux/index.html | | Please e-mail me recommendations. | | Thanks, | Paul
Paul, ~ DNSReport.com will compare your records to the RFCs and best practices. I've found it very useful.
Chris - -- I digitally sign my emails. If you see an attachment with .asc, then that means your email client doesn't support PGP digital signatures. http://www.gnupg.org/(en)/documentation/faqs.html#q1.1
On Monday 11 April 2005 09:42 am, Chris Bier wrote:
~ DNSReport.com will compare your records to the RFCs and best practices. I've found it very useful. http://www.dnsreport.com/
Works great for public DNS servers, but not much help for an internal network like Paul and I are running.
Jonathan Hutchins wrote:
On Monday 11 April 2005 09:42 am, Chris Bier wrote:
~ DNSReport.com will compare your records to the RFCs and best practices. I've found it very useful. http://www.dnsreport.com/
Works great for public DNS servers, but not much help for an internal network like Paul and I are running.
What about nslint? http://freshmeat.net/projects/nslint/
On Monday 11 April 2005 09:42 am, Chris Bier wrote: ~ DNSReport.com will compare your records to the RFCs and best practices. I've found it very useful. http://www.dnsreport.com/
Jonathan Hutchins wrote: Works great for public DNS servers, but not much help for an internal network like Paul and I are running.
On Monday 11 April 2005 12:54 pm, Gerald Combs wrote: What about nslint? http://freshmeat.net/projects/nslint/
Good if you've got a big file, but at this point for a five-node net I'd just retype the file from scratch.
Paul Taylor wrote:
Can anyone check out my log file and two zone files.
BIND comes with the following utilities which provide some help in checking configurations:
named-checkconf named-checkzone
Regards,
Timothy A. Canon Community Resource Network Web Administrator 106 West 11th St, Suite 110 816.960.0708 x119 Kansas City, MO 64105-1806 email:tim@crn.org website:http://www.crn.org/
-
Chris Bier -
Gerald Combs -
Jonathan Hutchins -
Justin Dugger -
kurt@verruckt.org -
Paul Taylor -
Timothy A. Canon -
Uncle Jim