LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   *BSD (http://www.linuxquestions.org/questions/%2Absd-17/)
-   -   weard named output on zonecheck.... (http://www.linuxquestions.org/questions/%2Absd-17/weard-named-output-on-zonecheck-4175413276/)

spatieman 06-25-2012 09:47 AM

weard named output on zonecheck....
 
my named.conf in /var/named/etc/named.conf
(and yes, i i start named with the propper config tag, pointed to it)

Code:

//
acl clients {
    127.0.0.1;
    192.168.0.0/24;
    192.168.1.0/24;
    192.168.2.0/24;
      };

options {
//    directory "/var/named";
    allow-recursion { 127.0.0.1; 192.168.0.0/24; 192.168.1.0/24; 192.168.2.0/24; };
//        allow-query { 127.0.0.1; 192.168.0.0/24; 192.168.1.0/24; 192.168.2.0/24; };
//    allow-transfer { none; };
    max-cache-size 4096 ;
          listen-on { 127.0.0.1; 192.168.0.0/24; 192.168.1.0/24; 192.168.2.0/24; };
    };


//
zone "xs4non.nl" {
    type master;
    file "master/xs4non.nl";
    allow-transfer { 192.168.0.240;};
    };
//
//
zone "0.168.192.in.addr.arpa" {
    type master;
    file "/master/0.168.192.in-addr.arpa";
    allow-transfer { 192.168.0.240;};
    };
//

//
zone "zone.localhost" {
    type master;
    file "/master/zone.localhost";
    allow-transfer { 192.168.0.240;};
    };
//
//
zone "revp.localhost" {
    type master;
    file "/master/revp.localhost";
    allow-transfer { 192.168.0.240;};
    };
//

my 0.168.192.in-addr.arpa file

Code:

; Reverse map for 192.168.0.0/24
$TTL 1h
$ORIGIN 0.168.192.in-addr.arpa.
@        IN    SOA    ns.xs4non.nl.          admin.xs4non.nl. (
                        20122506 ;
                        28800 ;
                        604800 ;
                        604800 ;
                        86400 ;
)
; Name server resource records for the domain
        IN      NS      ns.xs4non.nl.
; PTR RR maps an IPv4 adress to a host
240    IN      PTR    xs4non.nl.
240    IN      PTR    ns.xs4non.nl.
240    IN      PTR    www.xs4non.nl.
254    IN      PTR    ftp.xs4non.nl.
254    IN      PTR    mail.xs4non.nl.

the result after the zone check..
Code:

# named-checkzone xs4non.nl /var/named/master/0.168.192.in-addr.arpa
/var/named/master/0.168.192.in-addr.arpa:4: ignoring out-of-zone data (0.168.192.in-addr.arpa)
/var/named/master/0.168.192.in-addr.arpa:14: ignoring out-of-zone data (240.0.168.192.in-addr.arpa)
/var/named/master/0.168.192.in-addr.arpa:15: ignoring out-of-zone data (240.0.168.192.in-addr.arpa)
/var/named/master/0.168.192.in-addr.arpa:16: ignoring out-of-zone data (240.0.168.192.in-addr.arpa)
/var/named/master/0.168.192.in-addr.arpa:17: ignoring out-of-zone data (254.0.168.192.in-addr.arpa)
/var/named/master/0.168.192.in-addr.arpa:18: ignoring out-of-zone data (254.0.168.192.in-addr.arpa)
zone xs4non.nl/IN: has 0 SOA records
zone xs4non.nl/IN: has no NS records

now the result when i ad a ; before $ORIGIN 0.168.192.in-addr.arpa.

Code:

# named-checkzone xs4non.nl /var/named/master/0.168.192.in-addr.arpa
zone xs4non.nl/IN: NS 'ns.xs4non.nl' has no address records (A or AAAA)
zone xs4non.nl/IN: loaded serial 20122506
OK
#

the error message is for all zonefiles where i removed the ;
in front of origin section

now my question..
what is wrong.

bathory 06-25-2012 04:42 PM

Quote:

# named-checkzone xs4non.nl /var/named/master/0.168.192.in-addr.arpa
This is wrong. If you want to check the reverse zone, you should use the correct zone name and zone file:
Code:

named-checkzone 0.168.192.in-addr.arpa /var/named/master/0.168.192.in-addr.arpa
BTW
Quote:

zone "0.168.192.in.addr.arpa" {
...
you have a typo in the reverse zone name in named.conf. It should be 0.168.192.in-addr.arpa (you need a dash between "in" and "arpa" and not a dot)

Regards

spatieman 06-25-2012 05:15 PM

ALL errors corrected.....
inc nslookup now giving correct output....
my thank you for you !!
SOLVED..

P.S
now my squid cache is doing his job also ,,(expect dns resolving to my mailserver on other lan machine)
EDIT.
NVR mind...found it,, hehe...

spatieman 06-28-2012 10:49 PM

hmpf, it worked for 24 hours.
not sure if i should unsolve it.
after 24 hours i was unable to ping from the machine (openBSD) to the internet, and squid was dead to.
resolv.conf was search domain
and nameserver 127.0.0.1
now i needed to add nameserver 192.168.1.1 (ISP modem IP) as 2nd dns resolver ..
works, but so slow...

so ,now i have anew question..

i altered named.conf again..

Code:

//
acl clients {
    127.0.0.1;
    192.168.0.0/24;
    192.168.1.0/24;
    192.168.2.0/24;
      };

options {
    version "";  // Remove this to allow version queries
    max-cache-size 10000 ;
    listen-on { any; };
    empty-zones-enable yes;
    allow-recursion { clients; };
    };

logging {
    category lame-servers { null; };
    };

// Standard zones
//
    zone "." {
    type hint;
    file "master/named.root";
    };

    zone "zone.localhost" {
    type master;
    file "/master/zone.localhost";
    allow-transfer { localhost;};
    };

    zone "revp.localhost" {
    type master;
    file "/master/revp.localhost";
    allow-transfer { localhost;};
    };

// Master zones
//
    zone "xs4non.nl" {
    type master;
    file "master/xs4non.nl";
    allow-transfer { clients;};
    };

    zone "0.168.192.in-addr.arpa" {
    type master;
    file "/master/0.168.192.in-addr.arpa";
    allow-transfer { clients;};
    };

i added a hint zone
that the file with the 13 master root zones.
but still nothing.
i also have a file called root.zone (266K) what contains a shitload on entries.
not entered.

my current resolv.conf
Code:

search domain # Altered xD
#lookup file bind
#nameserver 127.0.0.1
nameserver 192.168.1.254

when i disable nameserver 127.0.0.1 is fast.
enable i it ,and disable 192.168.1.254
its dead like peer on the machine, but on lan its working...
even squid is working as it shoud be..

so, where does my box hit the brick on the local site...

bathory 06-29-2012 12:47 AM

Hi,

According to the reverse zone you've posted in your 1st post, the IP of your dns (ns.xs4non.nl) is 192.168.0.254. So use that instead of 192.168.1.254 in the resolv.conf of your clients.
Use the dig utility to do some queries from server and clients and see what you get. You can use something like:
Code:

dig @127.0.0.1 somedomain.com
dig @192.168.0.254 otherdomain.com

Also make sure named is running and listening on all available interfaces and it's not blocked by some firewall (for both udp/tcp 53 port).

Regards

spatieman 06-30-2012 04:58 AM

uhm.
its 192.168.0.240,
copy past from above.

Code:

; Reverse map for 192.168.0.0/24
$TTL 1h
$ORIGIN 0.168.192.in-addr.arpa.
@        IN    SOA    ns.xs4non.nl.          admin.xs4non.nl. (
                        20122506 ;
                        28800 ;
                        604800 ;
                        604800 ;
                        86400 ;
)
; Name server resource records for the domain
        IN      NS      ns.xs4non.nl.
; PTR RR maps an IPv4 adress to a host
240    IN      PTR    xs4non.nl.
240    IN      PTR    ns.xs4non.nl.
240    IN      PTR    www.xs4non.nl.
254    IN      PTR    ftp.xs4non.nl.
254    IN      PTR    mail.xs4non.nl.

FTP and mail server are at 254..

revised named.conf to this now
Code:

//
acl clients {
    127.0.0.1;
    192.168.0.0/24;
    192.168.1.0/24;
    192.168.2.0/24;
      };

options {
    version "";  // Remove this to allow version queries
    max-cache-size 10000 ;
    listen-on { any; };
    empty-zones-enable yes;
    allow-recursion { clients; };
    };

logging {
    category lame-servers { null; };
    };

// Standard zones
//
    zone "." {
    type hint;
    file "master/named.root";
//    file "master/root.zone";
    };

    zone "zone.localhost" {
    type master;
    file "/master/zone.localhost";
    allow-transfer { localhost;};
    allow-query { any; };
    };

    zone "revp.localhost" {
    type master;
    file "/master/revp.localhost";
    allow-transfer { localhost;};
    allow-query { any; };
    };

// Master zones
//
    zone "xs4non.nl" {
    type master;
    file "master/xs4non.nl";
    allow-transfer { clients;};
    allow-query { any; };
    };

    zone "0.168.192.in-addr.arpa" {
    type master;
    file "/master/0.168.192.in-addr.arpa";
    allow-transfer { clients;};
    allow-query { any; };
    };

for the rest, i didnt made changes to zones.
resolv.conf now contains this

Code:

search xs4non
lookup file bind
nameserver 192.168.1.254

when i change 1.254 to local IP IF's
it all still works, but i cant DIG NSLOOKUP or ping any site.

but in case.
zone.localhost
Code:

; $OpenBSD: db.localhost,v 1.4 2008/01/03 21:20:25 jakob Exp $

$ORIGIN zone.localhost.
$TTL 1D

@        1D        IN        SOA        @        root (
                        20110809        ; serial
                        4h                ; refresh
                        1h                ; retry
                        1w                ; expiration
                        1d )                ; minimum

@        1D        IN        NS        @ ; localhost is the name server
        1D        IN        A        127.0.0.1 ; always returns the loop-back adress

revp.localhost
Code:

;
; reverse pointers for localhost
;
$TTL 1D
$ORIGIN revp.localhost.
@    IN  SOA  localhost. root.localhost. (
              20110809 ; serial
              4H      ; refresh
              1H      ; retry
              1W      ; expire
              1D      ; minimum
            )

    IN  NS  localhost.
1    IN  PTR  localhost.

xs4non.nl zone file
Code:

$ORIGIN xs4non.nl.
$TTL 1d

@        IN        SOA        xs4non.nl.        admin.xs4non.nl. (
                20122406        ; Serial number
                4h                ; refresh
                1h                ; update retry
                1w                ; expiry
                1d                ; min ttl
                )

@                3600        NS        ns.xs4non.nl.
ns.xs4non.nl.        3600        A        192.168.0.240
;
mail                MX        10        mail.xs4non.nl.
mail                IN        A        192.168.0.254
;
localhost        IN        A        127.0.0.1
;
www                IN        A        192.168.0.240
ftp                IN        A        192.168.0.254
www                IN        A        192.168.0.240
@                IN        A        192.168.0.240

;


spatieman 06-30-2012 06:40 AM

well, i found a interesting thing..
i checked ALL out..
except for ONE thing..
my openBSD box has a thight written pf.conf file.
and there i found the sucker what gives me headache...


All times are GMT -5. The time now is 09:19 AM.