LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page Help with BIND setup on Centos 5.4
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 12-02-2009, 06:27 AM   #1
codenjanod
Member
 
Registered: Oct 2006
Posts: 38

Rep: Reputation: 15
Help with BIND setup on Centos 5.4

Hi all,

Is there a decent manual or setup instructions for a complete master and slave BIND DNS servers on CentOS 5.4.

I inherited a master and slave server setup that is working fine, but seems there are some issues with my 2nd slave server which was just recently added.

My servers:
Master: Slackware 8.1 - BIND 9.2.1
Slave1: Mandrake10 - BIND 9.2.3rc2
Slave2: CentOS 5.4 - BIND 9.3.6-P1-RedHat-9.3.6-4.P1.el5

The "named.conf" files are the same on all 3 servers.
I have manually copied over all the zone files to Slave2 into:
/var/named/chroot/var/named/

When I do an update on a file on the Master server, the zone entry is made in "named.conf" on both slave servers.

The zone file is copied over to Slave1, but not to Slave2.

I get the following message on Slave2:
Quote:
Dec 2 13:20:54 ns3 named[14662]: client 196.35.74.200#1115: received notify for zone 'fnbcommunication.co.za'
Is there maybe a package missing from my install to enable the zone file copy ??
Am I too rushed and should wait an X amount of time before the file is actually been copied over ??


Any help will be appreciated.


Thanks
 
Old 12-02-2009, 07:23 AM   #2
carltm
Member
 
Registered: Jan 2007
Location: Canton, MI
Distribution: CentOS, SuSE, Red Hat, Debian, etc.
Posts: 703

Rep: Reputation: 99
Check the permissions on /var/named/chroot/var/named/data and
/var/named/chroot/var/named/slaves. The user named needs to
have write permissions.

An easy way to troubleshoot bind is to restart the service
and then look at the bottom of /var/log/messages. It will
let you know if there are any problems.
 
Old 12-03-2009, 06:24 AM   #3
codenjanod
Member
 
Registered: Oct 2006
Posts: 38

Original Poster
Rep: Reputation: 15
Hi carltm,

These are my permissions for "/var/named":
Quote:
ll /var/named/
drwxrwx--- 6 root named 4096 Oct 29 14:10 chroot
drwxrwx--- 2 named named 4096 Nov 30 10:01 data
lrwxrwxrwx 1 root named 45 Nov 30 11:24 localdomain.zone -> /var/named/chroot//var/named/localdomain.zone
lrwxrwxrwx 1 root named 43 Nov 30 11:24 localhost.zone -> /var/named/chroot//var/named/localhost.zone
lrwxrwxrwx 1 root named 44 Nov 30 11:24 named.broadcast -> /var/named/chroot//var/named/named.broadcast
lrwxrwxrwx 1 root named 37 Nov 30 11:24 named.ca -> /var/named/chroot//var/named/named.ca
lrwxrwxrwx 1 root named 44 Nov 30 11:24 named.ip6.local -> /var/named/chroot//var/named/named.ip6.local
lrwxrwxrwx 1 root named 40 Nov 30 11:24 named.local -> /var/named/chroot//var/named/named.local
lrwxrwxrwx 1 root named 39 Nov 30 11:24 named.zero -> /var/named/chroot//var/named/named.zero
drwxrwx--- 2 named named 4096 Nov 30 10:02 slaves
And then further down the tree:
Quote:
ll /var/named/chroot/etc/
total 168
-rw-r--r-- 1 root root 245 Oct 29 13:09 localtime
-rwxrwx--- 1 root named 1230 Sep 4 03:37 named.caching-nameserver.conf
-rwxrwx--- 1 root named 27312 Dec 3 10:09 named.conf
-rwxrwx--- 1 root named 1261 Nov 2 12:16 named.conf.20091102
-rwxrwx--- 1 root named 642 Nov 24 07:49 named.conf.20091124
-rwxrwx--- 1 root root 1115 Nov 30 13:00 named.conf.20091130
-rwxr-x--- 1 root root 30962 Dec 2 13:03 named.conf.20091202
-rwxr-x--- 1 root root 27353 Dec 3 10:03 named.conf.20091203
-rwxrwx--- 1 root root 27544 Nov 30 13:02 named.conf_incl_striata_data
-rwxrwx--- 1 root named 4296 Oct 29 14:34 named.conf.orig
-rwxrwx--- 1 root named 775 Oct 29 14:17 named.rfc1912.zones
-rwxrwx--- 1 root named 775 Oct 29 14:17 named.rfc1912.zones.rpmorig
-rwxrwx--- 1 root named 524 Oct 29 14:13 named.root.hints
-rwxrwx--- 1 root named 155 Nov 2 12:26 rndc.key
And then last one where all my zone files are kept in "named":
Quote:
ll /var/named/chroot/var/
total 48
drwxrwx--- 2 named named 4096 Sep 4 03:37 log
drwxrwx--- 4 root named 20480 Dec 3 12:31 named
drwxrwx--- 4 root named 4096 Oct 29 14:10 run
drwxrwx--- 2 named named 4096 Mar 14 2003 tmp

All my zone files reside in:
/var/named/chroot/var/named/

Is that incorrect ?

Should it be in: /var/named/chroot/var/named/data ??

My named.conf file directory points:
Quote:
options {
directory "/var/named";
allow-recursion { <IP Addresses>; localhost; };
allow-transfer { <IP Addresses>; };
forwarders { IP Addresses; };
version "GoAway(TM) v 0.91";
notify yes;
};

On my master server, the slave IP address is in "allow-transfer"
Is that correct ??

Thanks for the help.
 
Old 12-03-2009, 05:34 PM   #4
carltm
Member
 
Registered: Jan 2007
Location: Canton, MI
Distribution: CentOS, SuSE, Red Hat, Debian, etc.
Posts: 703

Rep: Reputation: 99
I don't see anything obvious that would cause a problem. The
data and slave subdirectories are recommended if you want to
restrict write permissions. I see that you allow the named
group write permission to most directories, so it doesn't matter.

Run "service named restart" and then post the named lines at
the bottom of your /var/log/messages file.
 
Old 12-04-2009, 12:41 AM   #5
codenjanod
Member
 
Registered: Oct 2006
Posts: 38

Original Poster
Rep: Reputation: 15
Hi Carltm,

I have started the BIND service with the following command and then it starts fine:
"/usr/sbin/named -u named -t /var/named/chroot"
This is obviously a sort of forced way of doing it to ignore any errors that there might be.

This is what I have learned from the previous servers, obviously not the correct way.

For when I do a "service named restart" on Slave2, I get major errors which seems not being picked up by any of the other 2 servers.
And the service does not start at all.

Please see below:
# service named restart
Quote:
Stopping named: [ OK ]
Starting named:
Error in named configuration:
zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
zone reversedns.striata.com/IN: loaded serial 2009102700
zone spf-c.striata.com/IN: loaded serial 2008071000
zone spf-d.striata.com/IN: loaded serial 2009112300
zone spf-d1.striata.com/IN: loaded serial 2007071100
zone spf-d2.striata.com/IN: loaded serial 2008112600
zone spf-d3.striata.com/IN: loaded serial 2008081500
zone spf-l.striata.com/IN: loaded serial 2008111900
zone spf-s.striata.com/IN: loaded serial 2009061800
zone trusted/IN: loaded serial 2009061100
zone 45.2.10.in-addr.arpa/IN: loaded serial 2009110300
zone dmz/IN: loaded serial 2009100501
zone 31.2.10.in-addr.arpa/IN: loaded serial 2009110300
zone lan/IN: loaded serial 2009113000
zone 37.2.10.in-addr.arpa/IN: loaded serial 2009112000
zone 36.2.10.in-addr.arpa/IN: loaded serial 2009111300
zone build.lan/IN: loaded serial 2009070713
zone svc/IN: loaded serial 2009102201
zone mystriata.lan/IN: loaded serial 2003063000
zone mordor.lan/IN: loaded serial 2004072200
zone test.lan/IN: loaded serial 2009111300
zone finley.lan/IN: loaded serial 2007101000
zone sms.lan/IN: loaded serial 2006021600
zone integration.lan/IN: loaded serial 2009082600
support.lan:46: file does not end with newline
zone support.lan/IN: loaded serial 2009052200
zone 400hours.co.za/IN: loaded serial 2009092800
zone 400hours.com/IN: loaded serial 2009092800
zone angelface.co.za/IN: loaded serial 2009092800
zone antech.co.za/IN: loaded serial 2009092800
zone afrorootz.co.za/IN: loaded serial 2009092800
zone absaemarketing.co.za/IN: loaded serial 2009112300
zone absa-emarketing.co.za/IN: loaded serial 2009112300
zone absae.co.za/IN: loaded serial 2009112300
zone afromambo.com/IN: loaded serial 2009092800
zone afrorootz.com/IN: loaded serial 2009092800
zone adayinafrica.co.za/IN: loaded serial 2009092800
zone aslali.co.za/IN: loaded serial 2009092800
zone artonpaper.co.za/IN: loaded serial 2009092800
zone autumn-star.co.za/IN: loaded serial 2009092800
zone avanteonline.com/IN: loaded serial 2009112400
zone balanceofpower.co.za/IN: loaded serial 2009112400
zone barakheaters.co.za/IN: loaded serial 2009092800
zone benvenue.co.za/IN: loaded serial 2009092800
zone leannemanas.co.za/IN: loaded serial 2009082500
zone benvenuto.co.za/IN: loaded serial 2009092800
zone bioxidin.co.za/IN: loaded serial 2009112400
zone bogies.co.za/IN: loaded serial 2009112400
zone b-pay.co.za/IN: loaded serial 2009112400
zone bpay.co.za/IN: loaded serial 2009112400
zone builderswarehouse.co.za/IN: loaded serial 2009112400
zone builders-express.co.za/IN: loaded serial 2009112400
zone builders.co.za/IN: loaded serial 2009112400
zone buildersexpress.co.za/IN: loaded serial 2009112400
zone connor.co.za/IN: loaded serial 2009112400
zone carrie.co.za/IN: loaded serial 2009112400
zone canderelrecipes.co.za/IN: loaded serial 2009112400
zone connectivity.co.za/IN: loaded serial 2009112400
zone canderelpocketpack.co.za/IN: loaded serial 2009112400
zone landroverquest.co.za/IN: loaded serial 2009071000
zone connectivitycida.co.za/IN: loaded serial 2009112400
zone individuality.co.za/IN: loaded serial 2007081700
zone councilchaos.co.za/IN: loaded serial 2009092800
zone cornelholdings.co.za/IN: loaded serial 2009092800
zone crnoutlook.co.za/IN: loaded serial 2009112400
zone crnpartnerexcellence.co.za/IN: loaded serial 2009112400
zone cloud10.co.za/IN: loaded serial 2009112400
zone database.co.za/IN: loaded serial 2009112400
zone dezigner.co.za/IN: loaded serial 2009092800
zone diamondssa.co.za/IN: loaded serial 2009092800
zone disiturbo.co.za/IN: loaded serial 2009112400
zone dremeltools.co.za/IN: loaded serial 2009112400
zone digiawards.co.za/IN: loaded serial 2009112400
zone ebonix.co.za/IN: loaded serial 2009112400
zone e-bill.co.za/IN: loaded serial 2009112400
zone e-bills.co.za/IN: loaded serial 2009112400
zone e-mail.co.za/IN: loaded serial 2009113000
zone e-mailco.co.za/IN: loaded serial 2009113000
zone e-statement.co.za/IN: loaded serial 2009113000
zone ebill.co.za/IN: loaded serial 2009112400
zone ebillingnews.co.za/IN: loaded serial 2009112400
zone ebillingnews.org/IN: loaded serial 2009112400
zone ebills.co.za/IN: loaded serial 2009112400
zone ebpp.co.za/IN: loaded serial 2009112400
zone ecustomers.co.za/IN: loaded serial 2009112400
zone edirect.co.za/IN: loaded serial 2009112400
zone edocs.co.za/IN: loaded serial 2009112400
zone eggshell.co.za/IN: loaded serial 2009092800
zone email2sms.co.za/IN: loaded serial 2009113000
zone emailco.co.za/IN: loaded serial 2009113000
zone emailcorp.co.za/IN: loaded serial 2009113000
zone equal.co.za/IN: loaded serial 2009113000
zone epay.co.za/IN: loaded serial 2009113000
zone esecure.co.za/IN: loaded serial 2009113000
zone eservice.co.za/IN: loaded serial 2009113000
zone estatement.co.za/IN: loaded serial 2009113000
zone esurvey.co.za/IN: loaded serial 2009113000
zone eze-bill.co.za/IN: loaded serial 2009113000
zone ezone.co.za/IN: loaded serial 2009113000
zone finmail.co.za/IN: loaded serial 2009113000
zone fasttrackadmin.co.za/IN: loaded serial 2009092800
zone firstmail.co.za/IN: loaded serial 2009113000
zone firsttuesday.co.za/IN: loaded serial 2009113000
zone firsttuesday.com/IN: loaded serial 2009113000
zone fnbcommunication.co.za/IN: loaded serial 2009120201
zone freelist.co.za/IN: loaded serial 2009113000
zone goptions.co.za/IN: loaded serial 2009092800
zone hiddencamp.co.za/IN: loaded serial 2009092800
zone impendulo.org.za/IN: loaded serial 2009092800
zone infomail.co.za/IN: loaded serial 2007081700
zone kneeinfocentre.com/IN: loaded serial 2009092800
zone lerothodi.co.za/IN: loaded serial 2009092800
zone linge.co.za/IN: loaded serial 2009092800
zone lillyconcepts.co.za/IN: loaded serial 2009092800
zone help.striata.com/IN: loaded serial 2008082101
zone striatareader.com/IN: loaded serial 2009100600
zone striatareader.co.za/IN: loaded serial 2009100600
zone list.striata.com/IN: loaded serial 2007081700
zone za.striata.com/IN: loaded serial 2009112400
zone imateultimate.co.za/IN: loaded serial 2007082800
zone mailco.co.za/IN: loaded serial 2007081700
zone mailer.co.za/IN: loaded serial 2007081700
zone mailerdaemon.co.za/IN: loaded serial 2007081700
zone mailerdemon.co.za/IN: loaded serial 2007081700
zone mamagalie.co.za/IN: loaded serial 2009092800
zone mazda5.co.za/IN: loaded serial 2007081700
zone mike.co.za/IN: loaded serial 2007081700
zone myjunxion.co.za/IN: loaded serial 2007081700
zone mystriata.com/IN: loaded serial 2008030100
zone newsletters.co.za/IN: loaded serial 2007081700
zone nppa.co.za/IN: loaded serial 2009092800
zone owenshandyman.co.za/IN: loaded serial 2007081700
zone ownapieceofcapetown.co.za/IN: loaded serial 2009092800
zone ownapieceofcapetown.com/IN: loaded serial 2009092800
zone ownapieceoftablemountain.co.za/IN: loaded serial 2009092800
zone ownapieceoftablemountain.com/IN: loaded serial 2009092800
zone panachefootwear.co.za/IN: loaded serial 2009092800
zone paymail.co.za/IN: loaded serial 2007081700
zone plmtechdisposal.co.za/IN: loaded serial 2009092800
zone prepaymobile.co.za/IN: loaded serial 2009092800
zone prismtech.co.za/IN: loaded serial 2009092800
zone prisntech.co.za/IN: loaded serial 2009092800
zone profilemail.co.za/IN: loaded serial 2007081700
zone profilemail.com/IN: loaded serial 2007081700
zone protest.co.za/IN: loaded serial 2007081700
zone pyramidexp.co.za/IN: loaded serial 2007081700
zone ramage.co.za/IN: loaded serial 2007081700
zone rapidfire.co.za/IN: loaded serial 2007081700
zone revitipod.co.za/IN: loaded serial 2009071000
zone refundsolutions.co.za/IN: loaded serial 2009092800
zone rotm.co.za/IN: loaded serial 2009092800
zone ruralafricanmarket.co.za/IN: loaded serial 2009092800
zone russellfisher.co.za/IN: loaded serial 2009092800
zone sabc.connect.striata.com/IN: loaded serial 2009091800
zone vodacom.connect.striata.com/IN: loaded serial 2009102801
zone saveatree.co.za/IN: loaded serial 2007081700
zone salesguru.co.za/IN: loaded serial 2009082500
zone salesgurujobs.co.za/IN: loaded serial 2007081700
zone salesgurucareers.co.za/IN: loaded serial 2009111300
zone salesgurucareers.com/IN: loaded serial 2009111300
zone seigolonhcetedimorb.co.za/IN: loaded serial 2007081700
slowmag.co.za:30: ignoring out-of-zone data (mail.striata.co.za)
zone slowmag.co.za/IN: loaded serial 2008082500
zone sweetsecrets.co.za/IN: loaded serial 2007081700
zone siyabalula.co.za/IN: loaded serial 2009092800
zone shuenyane.com/IN: loaded serial 2009092800
zone skk.co.za/IN: loaded serial 2009092800
zone sntcommunications.co.za/IN: loaded serial 2005012802
zone solestar.co.za/IN: loaded serial 2009092800
zone smartpromo.co.za/IN: loaded serial 2009092800
zone srmi.co.za/IN: loaded serial 2007081700
zone soundwaves.co.za/IN: loaded serial 2009092800
zone stage.striata.com/IN: loaded serial 2007081700
zone striata.biz/IN: loaded serial 2009101400
zone striata.ca/IN: loaded serial 2009010900
zone striata.co.uk/IN: loaded serial 2009022400
zone striata.co.za/IN: loaded serial 2009022400
zone striata.com/IN: loaded serial 2009112300
straita.com:34: ignoring out-of-zone data (dbsrv.striata.com)
zone straita.com/IN: loaded serial 2009030500
zone striata.de/IN: loaded serial 2009010900
zone striata.eu/IN: loaded serial 2009101400
zone striata.us/IN: loaded serial 2009101400
zone striata.org/IN: loaded serial 2009010900
zone striata.co.ke/IN: loaded serial 2009010900
zone crnprofitability.co.za/IN: loaded serial 2009112400
zone sett.co.za/IN: loaded serial 2009092800
zone support.striata.com/IN: loaded serial 2007081700
zone surveymail.co.za/IN: loaded serial 2007081700
zone sshhh.co.za/IN: loaded serial 2009092800
zone thinkperformance.co.za/IN: loaded serial 2009071000
zone tlouwebs.co.za/IN: loaded serial 2009092800
zone treadaway.co.za/IN: loaded serial 2007081700
zone theaupair.co.za/IN: loaded serial 2009092800
zone themailco.co.za/IN: loaded serial 2007081700
zone themailco.com/IN: loaded serial 2007081700
zone striata.co.nz/IN: loaded serial 2009060300
zone mvgupdate.co.za/IN: loaded serial 2009092800
zone hellomvg.co.za/IN: loaded serial 2009113000
zone studio4332.com/IN: loaded serial 2009090117
zone studio4332.co.za/IN: loaded serial 2009090117
zone thetippingpoint.co.za/IN: loaded serial 2009090115
zone thesign.co.za/IN: loaded serial 2007081700
zone turnoffpaper.com/IN: loaded serial 2008081500
zone _domainkey.striata.com/IN: loaded serial 2009112400
zone _domainkey.usa.striata.com/IN: loaded serial 2009112400
two.striata.com:37: ignoring out-of-zone data (#two.striata.com)
zone two.striata.com/IN: loaded serial 2007081700
zone usa.striata.com/IN: loaded serial 2007081700
uk.striata.com:37: ignoring out-of-zone data (#uk.striata.com)
zone uk.striata.com/IN: loaded serial 2007081700
zone vooma.com/IN: loaded serial 2007081700
zone vumela.co.za/IN: loaded serial 2009092800
zone writeworx.co.za/IN: loaded serial 2009092800
zone womensgolfafrica.com/IN: loaded serial 2007081700
zone womensgolfemea.com/IN: loaded serial 2007081700
zone womensgolftour.co.za/IN: loaded serial 2007081700
zone yesmail.co.za/IN: loaded serial 2007081700
zone yourservice.co.za/IN: loaded serial 2007081700
zone zachmyerson.com/IN: loaded serial 2007081700
zone zackmyerson.com/IN: loaded serial 2007081700
zone boschpowertools.co.za/IN: loaded serial 2009112400
zone canderelcrystal.co.za/IN: loaded serial 2009112400
zone diabion.co.za/IN: loaded serial 2009112400
zone emessagex.co.za/IN: loaded serial 2009113000
dns_master_load: emessagex.com:32: emessagex.com: CNAME and other data
dns_master_load: emessagex.com:38: emessagex.com: CNAME and other data
zone emessagex.com/IN: loading master file emessagex.com: CNAME and other data
_default/emessagex.com/IN: CNAME and other data
zone emessagex.net/IN: loaded serial 2009113000
zone emx.co.za/IN: loaded serial 2009113000
zone fsc-rdpafrica.com/IN: loaded serial 2009113000
zone getthefacts.co.za/IN: loaded serial 2009113000
zone govjobs.co.za/IN: loaded serial 2009113000
zone govnews.co.za/IN: loaded serial 2009113000
zone litesugar.co.za/IN: loaded serial 2007081700
zone proximityttp.co.za/IN: loaded serial 2009090200
zone skilpowertools.co.za/IN: loaded serial 2007081700
zone spamsummit.co.za/IN: loaded serial 2007081700
zone winapc.co.za/IN: loaded serial 2007081700
zone wantedserver.co.za/IN: loaded serial 2009082500
zone servistar.co.za/IN: loaded serial 2007081700
zone wemakesure.co.za/IN: loaded serial 2007081700
zone wemakesureafrica.com/IN: loaded serial 2007081700
zone canderel.co.za/IN: loaded serial 2009112400
zone italiandrive.co.za/IN: loaded serial 2007081700
zone italianspeedway.co.za/IN: loaded serial 2007081700
zone designyourweekend.co.za/IN: loaded serial 2009112400
zone proximitysa.co.za/IN: loaded serial 2007081700
zone proximitysouthafrica.co.za/IN: loaded serial 2007081700
zone proximitysouthafrica.com/IN: loaded serial 2007081700
zone anmpvwithstyle.co.za/IN: loaded serial 2009112300
zone spaceforsix.co.za/IN: loaded serial 2007081700
zone tilewarehouse.co.za/IN: loaded serial 2007081600
zone 40spaces.co.za/IN: loaded serial 2009112300
zone littlebigfive.co.za/IN: loaded serial 2007081700
zone 5.co.za/IN: loaded serial 2009112300
zone stylespace.co.za/IN: loaded serial 2007081700
zone mymazda5.co.za/IN: loaded serial 2007081700
zone mystylespace.co.za/IN: loaded serial 2007081700
zone 5for6.co.za/IN: loaded serial 2009112300
zone fnbspecialoffers.co.za/IN: loaded serial 2009113000
zone boardwalkcomp.co.za/IN: loaded serial 2009112400
zone amilo3000.co.za/IN: loaded serial 2009112300
zone fnbcardezine.co.za/IN: loaded serial 2009113000
zone striata.com.hk/IN: loaded serial 2009022400
zone striata.asia/IN: loaded serial 2009022400
zone monitor.striata.com/IN: loaded serial 2009082800
zone clients2.striata.com/IN: loaded serial 2009112400
zone clients.secure.striata.com/IN: loaded serial 2009112400
zone customers.striata.com/IN: loaded serial 2009112400
zone share.striata.com/IN: loaded serial 2009082500
zone blog.striata.com/IN: loaded serial 2009112400
zone em1.sa.secure.striata.com/IN: loaded serial 2009112400
zone em1.sa.track.secure.striata.com/IN: loaded serial 2009112400
zone em1.sa.survey.secure.striata.com/IN: loaded serial 2009112400
zone eb1.sa.secure.striata.com/IN: loaded serial 2009112400
zone eb1.sa.track.secure.striata.com/IN: loaded serial 2009112400
zone eb1.sa.survey.secure.striata.com/IN: loaded serial 2009112400
zone eb2.sa.secure.striata.com/IN: loaded serial 2009112400
zone eb2.sa.survey.secure.striata.com/IN: loaded serial 2009112400
zone eb2.sa.track.secure.striata.com/IN: loaded serial 2009112400
zone mc.afr.secure.striata.com/IN: loaded serial 2009030600
zone mc.afr.track.secure.striata.com/IN: loaded serial 2009030600
zone mc.afr.survey.secure.striata.com/IN: loaded serial 2009030600
zone tc1.sa.secure.striata.com/IN: loaded serial 2009030600
zone tc1.sa.track.secure.striata.com/IN: loaded serial 2009030600
zone tc1.sa.survey.secure.striata.com/IN: loaded serial 2009030600
zone tc2.sa.secure.striata.com/IN: loaded serial 2009100500
zone tc2.sa.track.secure.striata.com/IN: loaded serial 2009100500
zone tc2.sa.survey.secure.striata.com/IN: loaded serial 2009100500
zone eb1.preprod.secure.za.striata.com/IN: loaded serial 2009112400
zone eb1.preprod.sftp.secure.za.striata.com/IN: loaded serial 2009112400
zone eu.striata.com/IN: loaded serial 2009113000
zone wonga1.eu.striata.com/IN: loaded serial 2009112300
zone eb1.eu.striata.com/IN: loaded serial 2009112400
zone eb1.track.eu.striata.com/IN: loaded serial 2009112400
zone eb1.survey.eu.striata.com/IN: loaded serial 2009112400
zone eb1.profiler.eu.striata.com/IN: loaded serial 2009112400
zone eb1.securetransfer.eu.striata.com/IN: loaded serial 2009112400
zone eb1.img.eu.striata.com/IN: loaded serial 2009112400
zone eb1.clients.eu.striata.com/IN: loaded serial 2009112400
zone em1.eu.striata.com/IN: loaded serial 2009112400
zone em1.track.eu.striata.com/IN: loaded serial 2009112400
zone em1.survey.eu.striata.com/IN: loaded serial 2009112400
zone em1.profiler.eu.striata.com/IN: loaded serial 2009112400
zone em1.securetransfer.eu.striata.com/IN: loaded serial 2009112400
zone em1.img.eu.striata.com/IN: loaded serial 2009112400
zone em1.clients.eu.striata.com/IN: loaded serial 2009112400
zone em1.online.eu.striata.com/IN: loaded serial 2009112400
zone em1.wl.eu.striata.com/IN: loaded serial 2009112400
zone em1.wl.track.eu.striata.com/IN: loaded serial 2009112400
zone em1.wl.survey.eu.striata.com/IN: loaded serial 2009112400
zone em1.wl.img.eu.striata.com/IN: loaded serial 2009112400
zone em1.wl.clients.eu.striata.com/IN: loaded serial 2009112400
zone em1.wl.online.eu.striata.com/IN: loaded serial 2009112400
[FAILED]

Not sure what some of the things being mentioned means.

Thanks for all the help so far.
 
Old 12-04-2009, 04:01 AM   #6
codenjanod
Member
 
Registered: Oct 2006
Posts: 38

Original Poster
Rep: Reputation: 15
Hi Carltm,

I went through all the files that showed anything remotely like an error.
I replaced all the "#" characters with the correct ";", reloaded all my services.
I fixed all spelling mistakes and all missing "."

And now the service starts without any issues.

Now I am just going to test that all changes made on the master server does replicate fine to Slave2.
 
Old 12-04-2009, 05:32 PM   #7
carltm
Member
 
Registered: Jan 2007
Location: Canton, MI
Distribution: CentOS, SuSE, Red Hat, Debian, etc.
Posts: 703

Rep: Reputation: 99
Good plan.

If we removed all the "loaded serial" lines, we end up with some interesting messages:

Starting named:
Error in named configuration:
support.lan:46: file does not end with newline
slowmag.co.za:30: ignoring out-of-zone data (mail.striata.co.za)
straita.com:34: ignoring out-of-zone data (dbsrv.striata.com)
two.striata.com:37: ignoring out-of-zone data (#two.striata.com)
uk.striata.com:37: ignoring out-of-zone data (#uk.striata.com)
dns_master_load: emessagex.com:32: emessagex.com: CNAME and other data
dns_master_load: emessagex.com:38: emessagex.com: CNAME and other data
zone emessagex.com/IN: loading master file emessagex.com: CNAME and other data
_default/emessagex.com/IN: CNAME and other data
[FAILED]

This is saying there is a problem on line 46 of support.lan, line 30 of
slowmag.co.za, line 34 of striata.com, etc. There may be other problems
with emessagex.com beyond what you find in lines 32 and 38.
 
Old 12-07-2009, 04:21 AM   #8
codenjanod
Member
 
Registered: Oct 2006
Posts: 38

Original Poster
Rep: Reputation: 15
Hi Carltm,

All the errors have been fixed and the service restarts 100%
But now the zone files still does not update, which stumps me a little bit.

Not even "/var/log/messages" shows any error messages.

See the log extract below:
Quote:
Dec 7 12:14:27 ns3 named[30744]: shutting down
Dec 7 12:14:27 ns3 named[30744]: stopping command channel on 127.0.0.1#953
Dec 7 12:14:27 ns3 named[30744]: no longer listening on 127.0.0.1#53
Dec 7 12:14:27 ns3 named[30744]: no longer listening on 196.35.68.2#53
Dec 7 12:14:31 ns3 named[30825]: starting BIND 9.3.6-P1-RedHat-9.3.6-4.P1.el5 -u named -t /var/named/chroot
Dec 7 12:14:31 ns3 named[30825]: adjusted limit on open files from 1024 to 1048576
Dec 7 12:14:31 ns3 named[30825]: found 4 CPUs, using 4 worker threads
Dec 7 12:14:31 ns3 named[30825]: using up to 4096 sockets
Dec 7 12:14:31 ns3 named[30825]: loading configuration from '/etc/named.conf'
Dec 7 12:14:31 ns3 named[30825]: using default UDP/IPv4 port range: [1024, 65535]
Dec 7 12:14:31 ns3 named[30825]: using default UDP/IPv6 port range: [1024, 65535]
Dec 7 12:14:31 ns3 named[30825]: listening on IPv4 interface lo, 127.0.0.1#53
Dec 7 12:14:31 ns3 named[30825]: listening on IPv4 interface eth0, 196.35.68.2#53
Dec 7 12:14:31 ns3 named[30825]: command channel listening on 127.0.0.1#953
Then all the zone files start loading.

Below is my last few lines of "/var/log/messages"
Quote:
Dec 7 12:15:05 ns3 named[30825]: client 196.35.68.2#43644: received notify for zone 'em1.profiler.eu.striata.com'
Dec 7 12:15:05 ns3 named[30825]: client 196.35.68.2#43644: received notify for zone 'em1.wl.online.eu.striata.com'
Dec 7 12:15:07 ns3 kernel: PING-DROP:IN=eth0 OUT= MAC=00:0f:20:f6:f9:69:00:13:5f:cd:e0:00:08:00 SRC=96.0.218.251 DST=196.35.68.2 LEN=160 TOS=0x08 PREC=0x20 TTL=48 ID=33857 PROTO=ICMP TYPE=3 CODE=3 [SRC=196.35.68.2 DST=96.0.218.251 LEN=132 TOS=0x00 PREC=0x00 TTL=50 ID=32848 PROTO=UDP SPT=43644 DPT=53 LEN=112 ]
I block certain ICMP packets.
I have also tried and tested it with my firewall being disabled but the zone files still does not update.

Could it be the different OS versions and versions of BIND being used ?

I will be upgrading/re-installing my master and slave1 server with Centos5.4 in the next month or two which will hopefully sort out this issue.

But it still stumps me as to why it is not working as the versions of BIND is not that far apart or different, but for the OS'es.


Thanks
 
Old 12-07-2009, 09:15 AM   #9
thePiet
LQ Newbie
 
Registered: Dec 2009
Posts: 25

Rep: Reputation: 15
Do you increment the serial of the zone after updating a zone with new or changed records?
 
Old 12-08-2009, 06:17 AM   #10
codenjanod
Member
 
Registered: Oct 2006
Posts: 38

Original Poster
Rep: Reputation: 15
Hi thePiet,

Yes I do increment the serial every time I make a change or update on any zone files.

To show you an example for the process from my master server to both slave servers:

Master server:
Quote:
Dec 8 14:11:52 ns1 named[28956]: zone za.domain.com/IN: loaded serial 2009120800
Dec 8 14:11:52 ns1 named[28956]: zone za.domain.com/IN: sending notifies (serial 2009120800)
Slave1:
Quote:
Dec 8 14:11:52 ns2 named[17178]: received notify for zone 'za.domain.com'
Slave2:
Quote:
Dec 8 14:11:52 ns3 named[1353]: client 196.36.75.200#1116: received notify for zone 'za.doman.com'

The change is shown then both on the master server as well as slave1, but not on slave2.


Thanks
 
Old 12-09-2009, 02:52 AM   #11
thePiet
LQ Newbie
 
Registered: Dec 2009
Posts: 25

Rep: Reputation: 15
Hmm, weird. You are sure that on the 2nd slave server you specified the master server correctly? How do your zone definitions look on all three servers (that is, the definition telling BIND what zones it is responsible for, not the actual records itself) ?
 
Old 12-09-2009, 06:54 AM   #12
codenjanod
Member
 
Registered: Oct 2006
Posts: 38

Original Poster
Rep: Reputation: 15
Hi thePiet,

I am a bit lost now to be honest.
Where would I find the zone definitions that you are talking about ?

Can you maybe give me an example.

In all honesty this is only my first slave setup ever with BIND.


Thanks
 
Old 12-10-2009, 06:13 AM   #13
thePiet
LQ Newbie
 
Registered: Dec 2009
Posts: 25

Rep: Reputation: 15
In a standard setup, you'll find the zone definitions in /etc/named.conf.local . For each zone (domain) your DNS server is responsible for, there is a record in that file. What does your /etc/named.conf.local contains, on all three servers?
 
Old 12-11-2009, 12:49 AM   #14
codenjanod
Member
 
Registered: Oct 2006
Posts: 38

Original Poster
Rep: Reputation: 15
Hi,

It does not look like I have files called "named.conf.local" on any of the 3 DNS servers.
There is however files called "named.local" on all 3 DNS servers.

And on all 3 servers they are all exactly the same.
The location however differs between the master, slave1 servers and the slave 2 server.

On the master server and slave1 server the file is located:
/chroot/named/etc/namedb/named.local

On the slave2 server the file is located:
/var/named/chroot/var/named/named.local

If I do a cat on any of the 3 files, all 3 show the same as below:

Quote:
$TTL 86400
@ IN SOA localhost. root.localhost. (
2003050600 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.

1 IN PTR localhost.

Thanks
 
Old 02-11-2010, 05:36 AM   #15
codenjanod
Member
 
Registered: Oct 2006
Posts: 38

Original Poster
Rep: Reputation: 15
Found a fix
Hi all,

Thanks for all the replies and help, but I managed to find a script and make it work so that it works 100% for my needs.

This is it, so I hope this might be able to help someone else:
Code:
#! /bin/bash
cd /var/named/chroot/etc/

#store number of lines in conf file
lines=`cat named.conf | wc -l`

# bc calculates how many lines to tail - header
modifylines=`echo "$lines-27" | bc`

#write the header to a file (first 27 lines)
head -27 named.conf > named.conf.head

# just modify the zone file lines, the first 27 lines do not need to be changed
tail -$modifylines named.conf > named.conf.tail

sed -e "s/type master/type slave/g" named.conf.tail > named.conf.slave
sed -e "s/file \"pri\/rev\//file \"sec\/rev\//g" named.conf.slave > named.conf.rev
sed -e "s/file \"pri\/fwd\//file \"sec\/fwd\//g" named.conf.rev > named.conf.fwd

awk '{print $0} /\";/ {found=1} /\";/ && found {print "\tmasters { SLAVE1_IP; };"}' named.conf.fwd > named.conf.tailnew
awk '{print $0} /\";/ {found=1} /\";/ && found {print "\tmasters { SLAVE2_IP; };"}' named.conf.fwd > named.conf.tailnew2

cat named.conf.head named.conf.tailnew > /var/named/chroot/etc/named_slave/named.conf
cat named.conf.head named.conf.tailnew2 > /var/named/chroot/etc/named_slave/named.conf2

rm named.conf.tail named.conf.head named.conf.fwd named.conf.slave named.conf.tailnew named.conf.rev

# rsync it over to secondary
rsync -e ssh -avzlP /var/named/chroot/etc/named_slave/named.conf root@ns2.server:/var/named/chroot/etc/.
ssh ns2.server "service named reload"

rsync -e ssh -avzlP /var/named/chroot/etc/named_slave/named.conf2 root@ns3.server:/var/named/chroot/etc/named.conf
ssh ns3.server "service named reload"

service named reload
All changes are made to all the "master" entries and replaced by "slave"
And as you can see the named.conf file, is then rsync'd over to the initial 2 slave servers.
Also makes things much easier to add more slave servers.
And then the zone files are sync'd from the master server to the slaves without any hassles.


Hope this helps someone.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Bind Server On CentOS 4.7 Master900ve Linux - Server 12 03-04-2009 05:15 PM
Bind 9.3.4 and Centos GGlinux Linux - Newbie 2 01-18-2009 07:57 PM
printer setup from Centos 5 to Vista home prem. on a headless centos pc ncsuapex Red Hat 6 03-10-2008 11:40 AM
CentOS 5.1 Bind config ratcateme Linux - Software 1 02-01-2008 10:06 PM
centos 4 & bind Tony.Reid Linux - Enterprise 2 05-29-2005 04:52 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 08:18 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration