[SOLVED] Could not browse local dns

windstory · 08-23-2009, 11:43 PM

Could not browse local dns

My box is centos 5.3 x86. I followed dynamic dns at "http://www.howtoforge.com/fedora_dynamic_dns
".

Ping 192.168.0.4 in and out works, and browses webpage.
But my-server.dyndns.org can't make ping and browsing.

Here are my dns configuration files.

1. named.conf;

Code:

options {
	directory "/var/named";
};
controls {
        inet 127.0.0.1 allow {localhost; } keys { "rndckey"; };
};
// Add local zone definitions here.
zone "my-server.dyndns.org" IN {
        type master;
        file "my-server.dyndns.org.zone";
        allow-update { key "rndckey"; };
        notify yes;
};
zone "0.168.192.in-addr.arpa" IN {
        type master;
        file "0.168.192.in-addr.arpa.zone";
        allow-update { key "rndckey"; };
        notify yes;
};
include "/etc/rndc.key";

2. my-server.dyndns.org.zone;

Code:

$TTL 86400
@	IN	SOA	my-server.dyndns.org	my-server.dyndns.org (
			2007042623	;
			28800;
			7200;
			604800;
			86400;
			)
		IN	NS	my-server.dyndns.org
		IN	A	192.168.0.1
server		IN	A	192.168.0.1

3. 0.168.192.in-addr.arpa.zone;

Code:

$TTL 86400
@	IN	SOA	@ root (
			5;
			28800;
			7200;
			604800;
			86400;
			)
		IN	NS	server
1		IN	PTR	my-server.dyndns.org

Many thanks in advance.

bathory · 08-24-2009, 12:11 AM

Both your zone files have errors. You miss some trailing dots and the NS record (my-server) does not have an A record. The forward zone file my-server.dyndns.org.zone should do:

Code:

$TTL 86400
@	IN	SOA my-server.dyndns.org.	my-server.dyndns.org. (
			2009082401	;
			28800;
			7200;
			604800;
			86400;
			)
		IN	NS	my-server.dyndns.org.
		IN	A	192.168.0.1
my-server		IN	A	192.168.0.1

Note: I've increased the serial.
Same goes for the reverse:

Code:

$TTL 86400
@	IN	SOA	 my-server.dyndns.org.	my-server.dyndns.org. (
			2009082401 ;
			28800;
			7200;
			604800;
			86400;
			)
		IN	NS	my-server
1		IN	PTR	my-server.dyndns.org.

Restart bind, or use "rndc reload" bind to read the new data.

Cheers

vishesh · 08-24-2009, 12:54 AM

Check your named.conf error using
#named-checkconf
Check your zone files sysntax using
#named-checkzone my-server.dyndns.org <path of my-server.dyndns.org zone file>

thnks

windstory · 08-24-2009, 01:09 AM

bathory/ Thanks for your kind reply and code.
I want to ask you is this right?

Quote:

IN NS my-server
1 IN PTR my-server.dyndns.org.

I think

Quote:

IN NS my-server.dyndns.org.
1 IN PTR my-server.dyndns.org.

vishesh/ Thank you for your kind advise and tips.

With this my-server.dyndns.org.zone file, "named-checkzone my-server.dyndns.org.zone /var/named/chroot/var/named" has endless error;

my-server.dyndns.org.zone;

Quote:

$TTL 86400
@ IN SOA my-server.dyndns.org. my-server.dyndns.org. (
2009082401 ;
28800;
7200;
604800;
86400;
)
IN NS my-server
1 IN PTR my-server.dyndns.org.

error;

Quote:

.......
dns_master_load: /var/named/chroot/var/named:1: isc_lex_gettoken() failed: I/O error
dns_master_load: /var/named/chroot/var/named:1: I/O error
dns_master_load: /var/named/chroot/var/named:1: isc_lex_gettoken() failed: I/O error
dns_master_load: /var/named/chroot/var/named:1: I/O error
dns_master_load: /var/named/chroot/var/named:1: isc_lex_gettoken() failed: I/O error
dns_master_load: /var/named/chroot/var/named:1: I/O error
dns_master_load: /var/named/chroot/var/named:1: isc_lex_gettoken() failed: I/O error
dns_master_load: /var/named/chroot/var/named:1: I/O error
.............

bathory · 08-24-2009, 02:01 AM

Quote:

I want to ask you is this right?

Quote:
IN NS my-server
1 IN PTR my-server.dyndns.org.
I think
Quote:
IN NS my-server.dyndns.org.
1 IN PTR my-server.dyndns.org.

The 2nd is more safe to use. Don't forget to increase serial when you do changes in the zone files.

windstory · 08-24-2009, 02:19 AM

Quote:

Originally Posted by bathory

The 2nd is more safe to use. Don't forget to increase serial when you do changes in the zone files.

bathory/

I changed "my-server.dyndns.org.zone" to this.

Quote:

IN NS my-server.dyndns.org.
1 IN PTR my-server.dyndns.org.

And, how can I fix The error from "named-checkzone my-server.dyndns.org.zone /var/named/chroot/var/named"

Quote:

.......
dns_master_load: /var/named/chroot/var/named:1: isc_lex_gettoken() failed: I/O error
dns_master_load: /var/named/chroot/var/named:1: I/O error
dns_master_load: /var/named/chroot/var/named:1: isc_lex_gettoken() failed: I/O error
dns_master_load: /var/named/chroot/var/named:1: I/O error
dns_master_load: /var/named/chroot/var/named:1: isc_lex_gettoken() failed: I/O error
dns_master_load: /var/named/chroot/var/named:1: I/O error
dns_master_load: /var/named/chroot/var/named:1: isc_lex_gettoken() failed: I/O error
dns_master_load: /var/named/chroot/var/named:1: I/O error
.............

bathory · 08-24-2009, 02:28 AM

Quote:

And, how can I fix The error from "named-checkzone my-server.dyndns.org.zone /var/named/chroot/var/named"

The correct command is:

Code:

named-checkzone my-server.dyndns.org -t /var/named/chroot /var/named/my-server.dyndns.org.zone

because you're running named chrooted in /var/named/chroot

windstory · 08-24-2009, 05:24 AM

Quote:

Originally Posted by bathory

The correct command is:

Code:

named-checkzone my-server.dyndns.org -t /var/named/chroot /var/named/my-server.dyndns.org.zone

because you're running named chrooted in /var/named/chroot

bathory/
I got these errors with named.conf you gave.

Code:

[root:localhost]# named-checkconf -t /var/named/chroot/var/named my-server.dyndns.org.zone
my-server.dyndns.org.zone:1: unknown option '$TTL'
my-server.dyndns.org.zone:4: unknown option '28800'
my-server.dyndns.org.zone:5: unknown option '7200'
my-server.dyndns.org.zone:6: unknown option '604800'
my-server.dyndns.org.zone:7: unknown option '86400'
my-server.dyndns.org.zone:8: unknown option ')'
my-server.dyndns.org.zone:10: unexpected token near end of file

named.conf;

Quote:

$TTL 86400
@ IN SOA my-server.dyndns.org. my-server.dyndns.org. (
2009082401 ;
28800;
7200;
604800;
86400;
)
IN NS my-server.dyndns.org.
1 IN PTR my-server.dyndns.org.

And,

Quote:

named-checkzone my-server.dyndns.org -t /var/named/chroot /var/named/my-server.dyndns.org.zone

results this message;

Quote:

[root:localhost]# named-checkzone my-server.dyndns.org -t /var/named/chroot /var/named/my-server.dyndns.org.zone
zone my-server.dyndns.org/IN: loading master file -t: file not found

bathory · 08-24-2009, 05:39 AM

These are 2 different command named-checkzone and named-checkconf.
The syntax for named-checkzone, is:

Code:

named-checkzone -t /var/named/chroot my-server.dyndns.org /var/named/my-server.dyndns.org.zone

And for named-checkconf

Code:

named-checkconf -t /var/named/chroot /etc/named.conf

You can take a look at the manpages of those commands for details.

windstory · 08-24-2009, 05:44 AM

bathory/ Your new commands got this results ;

Code:

[root:localhost]# named-checkconf -t /var/named/chroot /etc/named.conf
[root:localhost]# named-checkzone -t /var/named/chroot my-server.dyndns.org /var/named/my-server.dyndns.org.zone
/var/named/my-server.dyndns.org.zone:10: file does not end with newline
zone my-server.dyndns.org/IN: loaded serial 2009082401
OK

bathory · 08-24-2009, 05:58 AM

So named-checkconf is OK. That is the meaning of no output. You can use "-z" to see the zones bind is authoritative for.

Regarding named-checkzone, it is also OK. Just note that I've never seen the "file does not end with newline", but I guess if you add a newline at the end of the file it will go away.
You should increase the serial after making any changes in the zone files, otherwise bind will not be aware of these changes.

windstory · 08-24-2009, 06:09 AM

bathory/

I did not add any new lines, I just change my-server to my dns name.

my-server.dyndns.org still could not browse and answer ping.

And, ping and dig's result is here;

Quote:

[root:localhost]# ping my-server.dyndns.org
PING my-server.dyndns.org (121.151.61.40) 56(84) bytes of data.

--- my-server.dyndns.org ping statistics ---
16 packets transmitted, 0 received, 100% packet loss, time 14993ms

[root:localhost]# dig @192.168.0.15 my-server.dyndns.org

; <<>> DiG 9.3.4-P1 <<>> @192.168.0.15 my-server.dyndns.org
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51611
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;my-server.dyndns.org. IN A

;; AUTHORITY SECTION:
my-server.dyndns.org. 86400 IN SOA my-server.dyndns.org. my-server.dyndns.org. 2009082402 28800 7200 604800 86400

;; Query time: 0 msec
;; SERVER: 192.168.0.15#53(192.168.0.15)
;; WHEN: Mon Aug 24 20:05:49 2009
;; MSG SIZE rcvd: 73

bathory · 08-24-2009, 06:32 AM

Quote:

[root:localhost]# dig @192.168.0.15 my-server.dyndns.org

Who is 192.168.0.15? I thought that your dns IP is 192.168.0.1

windstory · 08-24-2009, 06:54 AM

Quote:

Originally Posted by bathory

Who is 192.168.0.15? I thought that your dns IP is 192.168.0.1

bathory/

192.168.0.1 is router machine, and 192.168.0.15 is this centos's ip.

I forgot posting dhcpd.conf.

Quote:

authoritative;
include "/etc/rndc.key";

server-identifier server;
ddns-domainname "my-server.dyndns.org";
ddns-rev-domainname "in-addr.arpa.";
ddns-update-style interim;
ddns-updates on;
ignore client-updates;

zone my-server.dyndns.org {
primary 127.0.0.1;
key rndckey;
}
default-lease-time 21600;
max-lease-time 43200;

option domain-name "my-server.dyndns.org.";
option ip-forwarding off;
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.100 192.168.0.200;
option routers 192.168.0.1;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.0.255;
option domain-name-servers 192.168.0.1;
zone 0.168.192.in-addr.arpa. {
primary 192.168.0.15;
key rndckey;
}
zone localdomain. {
primary 192.168.0.15;
key rndckey;
}
}

bathory · 08-24-2009, 07:20 AM

So you have to use 192.168.0.15 in the NS record of your zone file (forward and reverse)