LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices



Reply
 
Search this Thread
Old 03-17-2011, 02:02 PM   #1
SpudLabs
LQ Newbie
 
Registered: Mar 2011
Location: Tablelands NSW - Australia
Distribution: CentOS 5.5
Posts: 7

Rep: Reputation: 0
Unable to properly configure PowerDNS - Won't resolve domain name


Hello all,
I am using CentOS 5.5 and have installed PowerDNS with MySQL backend. I have Apache and PHP installed and I'm using PowerAdmin to create the master zone.
I have tried to configure the zone to resolve my domain name and I have had no success.
I've googled and read tutorials and have tried suggested methods, but it's still not working.
This is a new adventure for me and I would like to be able to host a site from my home for experimental purposes. I am a mature (read OLD) student enrolled in Networking and have done some units in Web Design (though I'm not very good at it).
Any help would be greatly appreciated.

Thanks,
SpudLabs
 
Old 03-21-2011, 01:21 PM   #2
MensaWater
Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 6,028
Blog Entries: 5

Rep: Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791
You need to be a bit more specific than "it's not working".

Are you having issue running the admin tool? Getting the lookups to work? On the server? From another location? Are you getting specific error messages? etc...
 
Old 03-22-2011, 01:31 AM   #3
SpudLabs
LQ Newbie
 
Registered: Mar 2011
Location: Tablelands NSW - Australia
Distribution: CentOS 5.5
Posts: 7

Original Poster
Rep: Reputation: 0
Hi,
Sorry for not being more specific. I wasn't sure just what I should post.
The end result was that I abandoned PowerDNS until some later time and elected to go with BIND9. I was able to get that working and my site to be resolved from the domain name.
I would like to figure out PowerDNS and PowerAdmin, but between school and my young son I'm about flat out at this time.
I appreciate you taking the time to respond and your willingness to help.

Cheers,
SpudLabs

---------- Post added 03-22-11 at 04:32 PM ----------

One more thing.........should I mark this as solved?
I'm sorry for the dumb questions, but I'm so very new at all of this.

Thanks
 
Old 03-22-2011, 01:44 PM   #4
MensaWater
Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 6,028
Blog Entries: 5

Rep: Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791
Although you "solved" your underlying issue I don't know that I'd mark this one as SOLVED. That shows up in web searches and it might lead someone to come to your post ahead of others that actually address PowerDNS.

FWIW I would have recommended BIND over PowerDNS anyway.
 
Old 03-26-2011, 01:28 AM   #5
SpudLabs
LQ Newbie
 
Registered: Mar 2011
Location: Tablelands NSW - Australia
Distribution: CentOS 5.5
Posts: 7

Original Poster
Rep: Reputation: 0
Thanks for the reply,

Out of curiosity, why would you recommend BIND over PowerDNS?
I'm new in the world of domain name resolution and though I was able to get BIND to resolve the domain name, I'm still having a problem.
When I add the line "//include “/var/named/etc/rndc.key”;" I'm unable to start named. That is the reason it is commented out.
I used this tutorial as a guide to my setup and unless I comment out the above line I can't start named.
Any suggestions?
Here is my named.conf file:

// Red Hat BIND Configuration Tool
//
// Default initial "Caching Only" name server configuration
//

// we include the rndckey (copy-paste from rndc.key created
//earlier)

//include “/var/named/etc/rndc.key”; This is the line I had to comment out

controls {
inet 127.0.0.1 allow { 127.0.0.1; } keys { "rndckey"; };
inet 192.168.10.1 allow { 192.168.10.0/24; } keys {
"rndckey";
};
};

options {
directory "/var/named";
pid-file "/var/run/named/named.pid";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
recursion yes;

allow-recursion {
127.0.0.1;
192.168.10.0/24;
};

forwarders {
XXX.XXX.160.35; //These are the DNS servers from my ISP
XXX.XXX.160.36;
};

listen-on {
127.0.0.1;
192.168.10.1;
};


/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
query-source address * port 53;
version "REFUSED";

allow-query {
127.0.0.1;
192.168.10.0/24;
};
};

server 192.168.10.1 {
keys { rndckey; };
};

zone "." IN {
type hint;
file "data/named.root.zone";
};

zone "spudlabs.com." IN {
type master;
file "data/spudlabs.com.zone";
allow-update { none; };
};

Below are the zone files:

GNU nano 1.3.12 File: named.root.zone

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47429
;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 14

;; QUESTION SECTION:
;. IN NS

;; ANSWER SECTION:
. 518400 IN NS a.root-servers.net.
. 518400 IN NS b.root-servers.net.
. 518400 IN NS c.root-servers.net.
. 518400 IN NS m.root-servers.net.
. 518400 IN NS g.root-servers.net.
. 518400 IN NS i.root-servers.net.
. 518400 IN NS k.root-servers.net.
. 518400 IN NS e.root-servers.net.
. 518400 IN NS d.root-servers.net.
. 518400 IN NS f.root-servers.net.
. 518400 IN NS j.root-servers.net.
. 518400 IN NS l.root-servers.net.
. 518400 IN NS h.root-servers.net.

;; ADDITIONAL SECTION:
a.root-servers.net. 3600000 IN A 198.41.0.4
a.root-servers.net. 3600000 IN AAAA 2001:503:ba3e::2:30
b.root-servers.net. 3600000 IN A 192.228.79.201
c.root-servers.net. 3600000 IN A 192.33.4.12
d.root-servers.net. 3600000 IN A 128.8.10.90
e.root-servers.net. 3600000 IN A 192.203.230.10
f.root-servers.net. 3600000 IN A 192.5.5.241
f.root-servers.net. 3600000 IN AAAA 2001:500:2f::f
g.root-servers.net. 3600000 IN A 192.112.36.4
h.root-servers.net. 3600000 IN A 128.63.2.53
h.root-servers.net. 3600000 IN AAAA 2001:500:1::803f:235
i.root-servers.net. 3600000 IN A 192.36.148.17
i.root-servers.net. 3600000 IN AAAA 2001:7fe::53
j.root-servers.net. 3600000 IN A 192.58.128.30

;; Query time: 224 msec
;; SERVER: 192.203.230.10#53(192.203.230.10)
;; WHEN: Mon Mar 21 10:08:48 2011
;; MSG SIZE rcvd: 500

I took the above configuration from this tutorial

And following is my spudlabs.com.zone file


$ttl 38400
spudlabs.com. IN SOA ns.spudlabs.com. admin.spudlabs.com.(
2007020400 ; Serial
10800 ; Refresh after 3 hours
3600 ; Retry after 1 hour
604800 ; Expire after 1 week
86400 ) ; Minimum TTL of 1 day

spudlabs.com. IN NS ns.spudlabs.com.

spudlabs.com. IN MX 1 mx.spudlabs.com.

spudlabs.com. IN A XXX.XXX.126.106 This my static IP from my ISP
www.spudlabs.com. IN A XXX.XXX.126.106
ns.spudlabs.com. IN A XXX.XXX.126.106
mx.spudlabs.com. IN A 192.168.10.1
mail.spudlabs.com. IN CNAME mx.spudlabs.com.

These are the only 2 zone files I have.
I don't currently have any mail program running, but it is a future project. I have to take this in stages so I can absorb just what I'm doing.

I'm curious if you have any suggestions for me about this configuration. It's all so new to me, and I don't fully grasp it yet.
You can take a look at my site here. As you can see I learn more from doing than from reading about it. I'm 'hands-on' oriented.

Thanks in advance for any assistance you might offer.

Cheers,
SpudLabs
 
Old 03-30-2011, 05:28 PM   #6
MensaWater
Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 6,028
Blog Entries: 5

Rep: Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791
BIND mainly because it has been around for a long time and has a very active development schedule by the folks at ISC. Also it is the one that is available from the RHEL repositories so you don't have to build your own. Never having used PowerDNS I can't say how good or bad it is. I have seen some people complain about it but also have seen others swear it is great.

Quote:
//include “/var/named/etc/rndc.key”; This is the line I had to comment out
That is not the correct path because the chroot directory is /var/named/chroot/etc not just /var/named/etc. However since it IS a chroot directory you don't use /var/named/chroot/etc - you simply use /etc.

Your include line should therefore be something like:
include "/etc/rndc.key";

When something is chroot'ed to another directory then that directory is seen as if it is the root (/) directory by that process and/or user. Therefore even though when you logged in and became root you saw that the real path to the files is /var/named/chroot/etc to a chroot'ed BIND the "/var/named/chroot" portion is seen as "/" so the running BIND sees the file as /etc/rndc.key rather than /var/named/chroot/etc/rndc.key. The reason for chroot is to prevent someone that hacks the chroot'ed user or application from gaining access to the rest of your system. Since they appear to be in "/" already they can't cd to say /home/my_important_files and delete them all (unless you had created a /var/named/chroot/home/my_important_files which you wouldn't have done).

It makes more sense if you realize your zone files are in /var/named/chroot/var/named. If you see /var/named at the end of the path you have to wonder why /var/named is also at the start of the path and the chroot in the middle tells you why - it is just a parent directory for the chroot environment. When BIND runs in this environment it sees your zone files as /var/named/<zone> not as /var/named/chroot/var/named/<zone>.

Of course chroot does NOT require you to name a directory "chroot" or to make the original directory the parent for the chroot. Those are simply choices RedHat made when they created their chroot bundle. If you were setting one up from scratch you could create a chroot named /this/is/the/longest/directory/one/will/ever/create. If you then put a /etc and a /var/named under that the full paths would be:
/this/is/the/longest/directory/one/will/ever/create/etc
/this/is/the/longest/directory/one/will/ever/create/var/named
But once you set your chroot to that BIND would simply see these as /etc and /var/named.
Note that it is a bit more involved to create a chroot than to simply name directories and I use the above only to illustrate the path difference as seen by you at command line as opposed to what the application/user is seeing when it runs.

Last edited by MensaWater; 03-30-2011 at 05:30 PM.
 
Old 03-31-2011, 02:01 AM   #7
SpudLabs
LQ Newbie
 
Registered: Mar 2011
Location: Tablelands NSW - Australia
Distribution: CentOS 5.5
Posts: 7

Original Poster
Rep: Reputation: 0
Thanks for the reply.

Quote:
Your include line should therefore be something like:
include "/etc/rndc.key";
When I attempt to use your suggestion I get the following error when restarting named.

[root@host etc]# service named restart
Stopping named: [ OK ]
Starting named:
Error in named configuration:
/etc/named.conf:8: expected quoted string near '“'
[FAILED]

This refers to the line I've uncommented and changed.

Do you have any suggestions as to what may be causing that?

Thanks
 
Old 04-01-2011, 04:33 PM   #8
MensaWater
Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 6,028
Blog Entries: 5

Rep: Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791
No - as can be seen the line I gave you has both double quotes it needs and was copied straight out of my named.conf.

It may be there is another line that has an issue.

Try running:
named-checkconf /var/named/chroot/etc/named.conf

That command is providing for checking your named.conf. Perhaps it will give more detail.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
unable to resolve domain names natekris2331 Slackware 9 02-12-2011 01:27 PM
my dns server is unable to resolve the domain annaabhi Linux - General 10 11-18-2010 01:34 AM
unable to resolve domain names on FC7 x86 JDBurnZ Linux - Newbie 1 09-06-2007 10:17 PM
Unable to resolve domain names holdem Linux - Networking 4 02-01-2004 11:50 PM
unable to resolve domain names.. shazbot Slackware 5 02-05-2003 08:09 AM


All times are GMT -5. The time now is 12:06 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration