good, you are there already! just pay attention on what pete advises and you are going to be okay.

OK Pete, I did this:
[tech1@ns1 tech1]$ su
Password:
[root@ns1 tech1]# dig @e.root-servers.net. ns>/var/named/chroot/var/named/named.ca [root@ns1 tech1]#

here is my /etc/resolv.conf

search tech-magic.net
nameserver 64.91.63.93
nameserver 64.91.63.93

( now this isn't supposed to be in the /var/named/chroot/etc directory also is it ? )

I made those zone file changes, including the first one "looked like localhost's reverse zone", and Thanks, yes I did add those mail records as well since that will be next after getting DNS set up.

I had to change my /etc/resolv.conf to my ISP's nameservers to get back onto the internet, even after updating root hints, so I went and tried what always worked for updating root hints before, I tried

dig @j.root-servers.net. ns >/var/named/root.hints

then

cat /var/named/root.hints

it did not work this time, so I did

dig @j.root-servers.net. ns >/var/named/chroot/var/named/named.ca

then that didn't work, so I tried

dig @j.root-servers.net. ns >/var/named/named.ca

and that doesn't work either. But atleast named / Bind is still running...

This is really weird, this always worked flawlessly before...

you know what , I cd'd, ls'd, and vi'd into those directories and those hint files are there too!
So I messed with this stuff for a couple hours.
Any Ideas ?

bsurfin

I take it your your zone "." is named.ca ?

The problem has got to be something to do with chroot unfortunately this is something I know little about

Here is my file perhaps if you copy and paste it

; <<>> DiG 9.2.1 <<>> @e.root-servers.net . ns
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58451
;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13

;; QUESTION SECTION:
;. IN NS

;; ANSWER SECTION:
.<---------------->518400 IN NS B.ROOT-SERVERS.NET.
.<---------------->518400 IN NS J.ROOT-SERVERS.NET.
.<---------------->518400 IN NS K.ROOT-SERVERS.NET.
.<---------------->518400 IN NS L.ROOT-SERVERS.NET.
.<---------------->518400 IN NS M.ROOT-SERVERS.NET.
.<---------------->518400 IN NS I.ROOT-SERVERS.NET.
.<---------------->518400 IN NS E.ROOT-SERVERS.NET.
.<---------------->518400 IN NS D.ROOT-SERVERS.NET.
.<---------------->518400 IN NS A.ROOT-SERVERS.NET.
.<---------------->518400 IN NS H.ROOT-SERVERS.NET.
.<---------------->518400 IN NS C.ROOT-SERVERS.NET.
.<---------------->518400 IN NS G.ROOT-SERVERS.NET.
.<---------------->518400 IN NS F.ROOT-SERVERS.NET.

;; ADDITIONAL SECTION:
B.ROOT-SERVERS.NET. 3600000 IN A 192.228.79.201
J.ROOT-SERVERS.NET. 3600000 IN A 192.58.128.30
K.ROOT-SERVERS.NET. 3600000 IN A 193.0.14.129
L.ROOT-SERVERS.NET. 3600000 IN A 198.32.64.12
M.ROOT-SERVERS.NET. 3600000 IN A 202.12.27.33
I.ROOT-SERVERS.NET. 3600000 IN A 192.36.148.17
E.ROOT-SERVERS.NET. 3600000 IN A 192.203.230.10
D.ROOT-SERVERS.NET. 3600000 IN A 128.8.10.90
A.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4
H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53
C.ROOT-SERVERS.NET. 3600000 IN A 192.33.4.12
G.ROOT-SERVERS.NET. 3600000 IN A 192.112.36.4
F.ROOT-SERVERS.NET. 3600000 IN A 192.5.5.241

;; Query time: 195 msec
;; SERVER: 192.203.230.10#53(e.root-servers.net)
;; WHEN: Mon Jun 7 00:00:01 2004
;; MSG SIZE rcvd: 436

As ever posting on the forum does'nt always look the the way it really is so in the ;; ANSWER SECTION: <--------------> isn't really there it's just simply
to show you there is a space between . and the server entry, this may not be important but mine works this way

Try adding nameserver 127.0.0.1 to etc/resolv.conf because bind is listening on this interface and your DNS server is'nt really active yet until you modify your records at your domain host

As for the mail server you will also need an extra line in /var/named/tech-magic.forward so it looks like this

$TTL 86400
@ IN SOA tech-magic.net.
hostmaster.tech-magic.net. (
20040610019 ;Serial#
28800 ;Refresh
7200 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)

NS ns1.tech-magic.net.
MX 10 mail.tech-magic.net.
tech-magic.net. A 64.91.63.93
localhost A 127.0.0.1
mail A 64.91.63.93
ns1 CNAME tech-magic.net.
email CNAME tech-magic.net.
www CNAME tech-magic.net

I left it out for now because it's not important at the moment


I will do some research on chroot then perhaps I will be able to be more help

Pete

bsurfin

Just tried changing my nameserver in /etc/resolv.conf it now reads

nameserver 127.0.0.1

Works perfect

Obviously 64.91.63.93 is your internet IP but do you connect to the www directly or do you have a router ?

In other words is the IP assigned to eth0 64.91.63.93 or do you have a local IP

For example my eth0 is 192.168.0.3 but my www IP is completely different

Check the results of sbin/ifconfig to see what IP is assigned to eth0

If it's 64.91.63.93 try changing your nameserver to 127.0.0.1 to test BIND locally

If it's not 64.91.63.93 then replace your zone entries with the results of sbin/ifconfig

Awaiting an update

Pete

Pete, my /var/named/named.ca and also my /var/named/chroot/var/named/named.ca files are the default root hints files, I've updated them both, even though I noticed I shouldn't have really needed to, because they were provided during the initial install. I noticed out of the box this dns server worked that way, I also copied yours, which looked exactly laike my updated one, and still no luck. here is my latest
/etc/resolv.conf file:

search tech-magic.net
nameserver 64.91.63.93
nameserver 127.0.0.1

~

as far as my records at domain host, I'm not sure what you are talking about for sure, I went to domain monger and told it last month that my name server was ns1.tech-magic.net at the ip address of 64.91.63.93, that is all I had to do before there to get a windows 2000 advanced server dns to work. ? is that what you mean ?

in my /var/named/chroot/var/named/tech-magic.forward file I included those lines from your last post, however I left the "." at the end of the line like this: www CNAME tech-magic.net.

I do use a Linksys Router, I've also left the ports forwarded exactly the same as when I used to run the same services on a windows server. I do use it for firewall and gateway, so my lan card's ip address is 192.168.1.10, I also sonfigured that during installation.

even locally it will only pull up web page by http://ns1.tech-magic.net
maybe try that on your end and see if it works?

Jason

here is my latest /etc/resolv.conf

domain tech-magic.net
search tech-magic.net
nameserver 64.91.63.93
nameserver 64.91.63.93


and I just modified my /etc/hosts file to:

#Tech-Magic's /etc/hosts file
# Do not remove the following line, or various programs
# that require network functionality will fail.

127.0.0.1 localhost.localdomain localhost
64.91.63.93 ns1.tech-magic.net ns1
64.91.63.93 www.tech-magic.net www
64.91.63.93 email.tech-magic.net email
64.91.63.93 tech-magic.net

Now aint this getting interesting.

atleast on my webserver I can go to http://localhost , http://tech-magic.net , http://www.tech-magic.net , and http://ns1.tech-magic.net , and it brings up my web page after rebooting computer. It will also do that no matter wheter or not I'm using 127.0.0.1, my ip address or even my ISP's nameserver addresses, however unless I'm using my ISP's address, I can not get on the internet. Also noticed that I can't even get http://ns1.tech-magic.net from the internet anymore.
But I can't do this from any other computer, even my windows laptop on local network.

But the bright side is that atleast Bind is still up and running, and I think we will know this thing inside and out by the time we are done !!!

Hope I did some thourough testing today...

Jason

Hi Jason

If your domain manager has replaced your DNS record with name server ns1.tech-magic.net at IP address 64.91.63.93 your named server is partially working because I can get to your website welcome page

The reason changing your etc/hosts works is because this file is now being used for local name resolution
127.0.0.1 localhost.localdomain localhost
64.91.63.93 ns1.tech-magic.net ns1
64.91.63.93 www.tech-magic.net www
64.91.63.93 email.tech-magic.net email
64.91.63.93 tech-magic.net

Try your etc/resolv.conf as

nameserver 192.168.1.10
nameserver 64.91.63.93

This is where bind is actually listening

Due to my lack of knowledge of chroot I am struggling for an answer at the moment, researching right now

I now this is a pain but it would be nice to see your current
/etc/named.conf plus the contents of /var/named

I take it that /var/named is the same as /var/named/chroot/var/named/

Is there a /var/named/chroot/etc/named.conf ? from my understanding you should copy and paste the contents of /etc/named.conf to /var/named/chroot/etc/named.conf

One more thing you can try is to open a terminal, enter as root
tail -f /var/log/messages
then stop and restart BIND this will show you any error messages as it starts

I look forward to the next episode, much better than TV soaps

Pete

I'm glad you get entertainment from all of this...

" Is there a /var/named/chroot/etc/named.conf ? from my understanding you should copy and paste the contents of /etc/named.conf to /var/named/chroot/etc/named.conf "

Sir, Linner Had already had me do this.

here is my /etc/resolv.conf file
nameserver 64.91.63.93
nameserver 192.168.1.10
nameserver 127.0.0.1
domain tech-magic.net
search tech-magic.net

Wholly crap it's working, "actually resolving" just like this, just like you said Pete, way better than soaps...

Here is output from tail -f command:

[tech1@ns1 tech1]$ su
Password:
[root@ns1 tech1]# tail -f /var/log/messages
Jun 17 13:27:32 ns1 named[4839]: command channel listening on 127.0.0.1#953
Jun 17 13:27:32 ns1 named[4839]: command channel listening on ::1#953
Jun 17 13:27:32 ns1 named[4839]: zone 0.0.127.in-addr.arpa/IN: loaded serial 2004061501
Jun 17 13:27:32 ns1 named[4839]: dns_master_load: tech-magic.rev:1: no current owner name
Jun 17 13:27:32 ns1 named[4839]: zone 63.91.64.in-addr.arpa/IN: loading master file tech-magic.rev: no owner
Jun 17 13:27:32 ns1 named[4839]: dns_master_load: tech-magic.forward:5: no current owner name
Jun 17 13:27:32 ns1 named[4839]: zone tech-maigc.net/IN: loading master file tech-magic.forward: no owner
Jun 17 13:27:32 ns1 named[4839]: running
Jun 17 07:27:33 ns1 named: named startup succeeded
Jun 17 07:27:48 ns1 su(pam_unix)[4870]: session opened for user root by tech1(uid=500)

then I restarted and:

Jun 17 13:30:33 ns1 named[4839]: shutting down: flushing changes
Jun 17 13:30:33 ns1 named[4839]: stopping command channel on 127.0.0.1#953
Jun 17 13:30:33 ns1 named[4839]: stopping command channel on ::1#953
Jun 17 13:30:33 ns1 named[4839]: no longer listening on 192.168.1.10#53
Jun 17 13:30:33 ns1 named[4837]: exiting
Jun 17 07:30:33 ns1 named: succeeded
Jun 17 13:30:35 ns1 named[4905]: starting BIND 9.2.3 -u named -t /var/named/chroot
Jun 17 13:30:35 ns1 named[4905]: using 1 CPU
Jun 17 13:30:35 ns1 named[4907]: loading configuration from '/etc/named.conf'
Jun 17 13:30:35 ns1 named[4907]: listening on IPv4 interface eth0, 192.168.1.10#53
Jun 17 13:30:35 ns1 named[4907]: command channel listening on 127.0.0.1#953
Jun 17 13:30:35 ns1 named[4907]: command channel listening on ::1#953
Jun 17 13:30:35 ns1 named[4907]: zone 0.0.127.in-addr.arpa/IN: loaded serial 2004061501
Jun 17 13:30:35 ns1 named[4907]: dns_master_load: tech-magic.rev:1: no current owner name
Jun 17 13:30:35 ns1 named[4907]: zone 63.91.64.in-addr.arpa/IN: loading master file tech-magic.rev: no owner
Jun 17 13:30:35 ns1 named[4907]: dns_master_load: tech-magic.forward:5: no current owner name
Jun 17 13:30:35 ns1 named[4907]: zone tech-maigc.net/IN: loading master file tech-magic.forward: no owner
Jun 17 13:30:35 ns1 named[4907]: running
Jun 17 07:30:35 ns1 named: named startup succeeded

There it is Sir...

Hi Jason

Well Well it finally works, I really pleased for you now you can get on with the rest of your life that's unless you want to learn about Sendmail ?

Ok enough of that back to work

First off unless your machine is switched off it is refusing to answer queries from the net go here and try yourself

DNS Check

Check the serial numbers of your zones, believe it or not these are important and are not just for your own reference

The recommended syntax is YYYYMMDDnn
YYYY=year, MM=month, DD=day, nn=revision number

There is a limit to the size of these serial numbers and the revision number should be incremented by 1 only if make any changes to the zone file

Have you given your machine a correct host name 'tech1@ns1 tech1' does'nt look right to me ?

/etc/hosts should look like
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 tech1.tech-magic.net tech1 localhost.localdomain localhost

Assuming tech1 is the name of your machine

/etc/sysconfig/network should look like this
NETWORKING=yes
HOSTNAME=tech1

You will have to reboot to make these changes take effect

Are you sure Port forwarding is correct on your router, Port 53 to IP address 192.168.1.10

Sorry for it's not all good news, but you are getting there

Pete

Well Pete we just keep chizzling away at this don't we ! Nothing like Progress !!!

Here yet another one of my problems "output of

NETWORKING=yes
HOSTNAME=ns1.tech-magic.net

now changed to:

NETWORKING=yes
HOSTNAME=tech1

You know what really gripes me about that file, is the fact that during the installation, Fedore gives me an example that led me to put that in there.

Now my Server complains about booting up because of the change, I just looked in my book
( not as if it's been all that accurate anyway ) but again it specifically mentions that I must put my hostname back the way I had it. I know I just installed Slackware last weekend on a desktop computer for a friend of mine, and I had to go back and command line "netconfig" and make that change, but it won't work on this Fedora core 2...

OK Pete I could not make that one work, but like I had mentioned before, it would be the case in a slackware install and probably most distributions our there. And yes I would like help with sendmail, then I'll kick back for a little while. I've been reading about that a little lately while waiting for answers.
I however felt the need to modify /var/named/chroot/etc/named.conf
see if this little bit looks right now.

options {
directory "/var/named";
query-source address * port 53;
allow-query { 127.0.0.1; localhost; };
allow-recursion { 127.0.0.1; localhost; };
listen-on { 192.168.1.10; };
version "Hey that's my business!";
};

I added this line: query-source address * port 53;

I was reading earlier that, that may be helpful behind a firewall.

and something else I question, goes along with one of your questions as well.
As far as the port forwarding goes I have the port forwarded to 192.168.1.10
but to make it work I went into advanced setup, must go to upnp forwarding, and forward port 53 via UDP ( "NOT TCP" or it will not work, atleast with windows 2000 advanced server ) I really don't know why they call it advanced either, because it is quite limited. And locks up often, but it is really easy to setup.

Back to my question, I haven't read that Linux was any different, regarding the UDP, seems like everyone Linux or Windows at dslwebserver.com uses this UDP, that was my quickstart guide unitll I understood what the router was actually doing.
So what's your $0.02 on that one?

I checked my records and the serial numbers are within standards.

I also went to dnsreports and it shows a lot of red, it just aint workin quite yet...
But hey, the DNS server is still Up And Running !

Think it is time for me to put the rndc key in the files ? I'm thinking that maybe the files are not communicating properly. It looks pretty easy from what the book says.

bsurfin, i dont have rndc key entry in my named.conf and named didnt complain, i can forward my zone to my isp without a problem.

i think rndc.key is an option, well, i guess for security.

Well I'll get to that later then. I just now got back from www.dnsreports.com, now granted that with Bind I've never been this successful yet in the feedback it gives me, Atleast it finished all the tests tonight, I put in tech-magic.net , I find the feedback screwy , like my TTL is 0, ( Hate DNS reports at the moment, but it's a great tool )

ERROR: I couldn't find any A records for www.tech-magic.net. If you want a website at www.tech-magic.net, you will need an A record for www.tech-magic.net. If you do not want a website at www.tech-magic.net, you can ignore this error.

WARNING: Your SOA EXPIRE time is : 0 seconds. This seems very low. You should consider increasing this value to about 1209600 to 2419200 seconds (2 to 4 weeks). RFC1912 recommends 2-4 weeks. This is how long a secondary/slave nameserver will wait before considering its DNS data stale if it can't reach the primary nameserver.

WARNING: Your SOA serial number is: 0. That is OK, but the recommended format (per RFC1912 2.2) is YYYYMMDDnn, where 'nn' is the revision. For example, if you are making the 3rd change on 02 May 2000, you would use 2000050203. This number must be incremented every time you make a DNS change.

And these are only ones I picked out of 13 answers I did not want to see tonight.

I think I smell Bullcrap here, you've inspected the forward and reverse record for yourself in earlier posts. What's up with that, any idea ? $0.02 right here please...

My $0.02 is something isn't communicationg properly. ( I know: DA ) But what could it possibly be? $0.02 right here please...

I just put the server on DMZ host, NA DA no different, so I know it's not the firewall...

And I don't believe it should be either because I binded the nameserver to port #53
So now I will go back and // in front my my port#53 command because it noticably slows my server down. Without it My DSL rocks once again...
Then I go back to DNS reports & no difference there either, so I think it is a fair assessment to assume that it's not a port issue.
Any more Ideas? Still got the chizzle handy ?