LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   SOA for nameserver can't be retrieved, possible port or BIND misconfiguration (http://www.linuxquestions.org/questions/linux-server-73/soa-for-nameserver-cant-be-retrieved-possible-port-or-bind-misconfiguration-828264/)

craseal 08-24-2010 04:15 PM

SOA for nameserver can't be retrieved, possible port or BIND misconfiguration
 
My configuration: CentOS in a VPS environment, I have 2 static IPs at my disposal.

I'm having trouble setting up my nameservers. I've registered the nameservers with my registrar and supplied the GLUE records, however my registrar has not yet applied this information into the DNS zone, because my nameservers fail to generate a response on port 53.

DNS check says the following about my nameserver address:

Checking SOA records for domain. Domain server is not answering to UDP requests on port 53. Possible problems: A firewall is blocking port 53, server is down, server is not running software for handling dns requests.

So the only two possibilities I see is that my port 53 is somehow blocked or not properly set to accept and send the correct traffic or that I've misconfigured BIND.

I've run netstat -anp and found out that named is listening on tcp port 53 on all IPs, and it has udp port 53 on all IPs listed among active connections, though I'm unsure if that also means the port is actually active?

Noway2 08-24-2010 05:37 PM

Your name servers appear to be working and can be accessed, but there appears to be something wrong with your zone configuration. I was able to connect to use your servers to do a look up (I realize using someone else's DNS is rude and I only did this to help troubleshoot your problem) for google and yahoo. However, when I attempted to look up your domain I got either unknown or servfail. The server fail is indicative of a problem in your configuration somewhere. Bind syntax can be both obscure and is very sensitive to syntax errors. I don't see anything obviously wrong with your zones, so I would suggest that you use the named-checkconf utility to see if anything gets reported.

Also, restart your DNS server and look at the output of syslog and possibly daemon log. Chances are you will see some message indicating what might be at fault.

See the following output
Code:

> server 77.235.60.14
Default server: 77.235.60.14
Address: 77.235.60.14#53
> google.com
Server:                77.235.60.14
Address:        77.235.60.14#53

Non-authoritative answer:
Name:        google.com
Address: 74.125.77.99
Name:        google.com
Address: 74.125.77.104
Name:        google.com
Address: 74.125.77.147
> server 77.235.60.108
Default server: 77.235.60.108
Address: 77.235.60.108#53
> yahoo.com
Server:                77.235.60.108
Address:        77.235.60.108#53

Non-authoritative answer:
Name:        yahoo.com
Address: 209.191.122.70
Name:        yahoo.com
Address: 67.195.160.76
Name:        yahoo.com
Address: 69.147.125.65
Name:        yahoo.com
Address: 72.30.2.43
Name:        yahoo.com
Address: 98.137.149.56
> drustvo-mmm.si
Server:                77.235.60.108
Address:        77.235.60.108#53

** server can't find drustvo-mmm.si: NXDOMAIN
> ns1.drustvo-mmm.si
Server:                77.235.60.108
Address:        77.235.60.108#53

** server can't find ns1.drustvo-mmm.si: NXDOMAIN
> ns1.drustvo-mmm.si.
Server:                77.235.60.108
Address:        77.235.60.108#53

** server can't find ns1.drustvo-mmm.si: SERVFAIL
>


craseal 08-24-2010 07:08 PM

Haha, oh, you won't believe what I found out! I feel so relieved! And to think I was looking at the wrong place for the whole day! :)

I checked the log after I restarted bind, and found an interesting line:
Code:

Aug 25 02:51:09 drustvo-mmm named[10094]: zone drustvo-mmm.si/IN: loading master file drustvo.zone: permission denied
Then I used ls -la, and guess what I saw? All zones had read permissions set only for root. That's what you get if you work as root.

It's working now. Thanks Noway2! :)


All times are GMT -5. The time now is 02:10 AM.