I am having the same problem as the OP.
named-checkconf -z /etc/named.conf returns:
/etc/named.conf:17: open: /etc/bogon_acl.conf: file not found
Not sure if it's bad form to resurrect a thread, but seemed more efficient than asking the same question over again.
I used Webmin to configure BIND - I'm really not sure if I have the two zone files which sorted the OP out. Where would I find them?
My nameserver is ns1.bazzaah.com - Where reference is made to femi in the 2 files in bathory's last post, does that relate to the OP's nameserver or is it something else?
The good news is that I can dig/ping one of my nameservers, thus:
; <<>> DiG 9.6.0-P1 <<>> ns1.bazzaah.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43985
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
;; QUESTION SECTION:
;ns1.bazzaah.com. IN A
;; ANSWER SECTION:
ns1.bazzaah.com. 129383 IN A 78.150.125.227
;; AUTHORITY SECTION:
bazzaah.com. 130152 IN NS ns1.bazzaah.com.
bazzaah.com. 130152 IN NS ns2.bazzaah.com.
;; Query time: 23 msec
;; SERVER: 192.168.1.254#53(192.168.1.254)
;; WHEN: Sun Jun 21 19:23:19 2009
;; MSG SIZE rcvd: 81
My distro is Mandriva 64-bit 2009.1.
Here's my named.conf:
// (oe) Loosely based on the document below and from production server configurations.
//
http://www.cymru.com/Documents/secur...-template.html
//
// $Id: named.conf 329224 2009-01-13 22:33:01Z oden $
// $HeadURL: svn+ssh://svn.mandriva.com/svn/packages/cooker/bind/current/SOURCES/named.conf $
// secret must be the same as in /etc/rndc.conf
include "/etc/rndc.key";
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { mykey; };
};
// Access lists (ACL's) should be defined here
include "/etc/bogon_acl.conf";
include "/etc/trusted_networks_acl.conf";
// Define logging channels
include "/etc/logging.conf";
// Enable statistics at
http://127.0.0.1:5380/
statistics-channels {
inet 127.0.0.1 port 5380 allow { 127.0.0.1; };
};
options {
version "";
directory "/var/named";
dump-file "/var/tmp/named_dump.db";
pid-file "/var/run/named.pid";
statistics-file "/var/tmp/named.stats";
zone-statistics yes;
// datasize 256M;
coresize 100M;
// fetch-glue no;
// recursion no;
// recursive-clients 10000;
auth-nxdomain yes;
query-source address * port *;
listen-on port 53 { any; };
cleaning-interval 120;
transfers-in 20;
transfers-per-ns 2;
lame-ttl 0;
max-ncache-ttl 10800;
// forwarders { first_public_nameserver_ip; second_public_nameserver_ip; };
// allow-update { none; };
// allow-transfer { any; };
// Prevent DoS attacks by generating bogus zone transfer
// requests. This will result in slower updates to the
// slave servers (e.g. they will await the poll interval
// before checking for updates).
notify no;
// notify explicit;
// also-notify { secondary_name_server };
// Generate more efficient zone transfers. This will place
// multiple DNS records in a DNS message, instead of one per
// DNS message.
transfer-format many-answers;
// Set the maximum zone transfer time to something more
// reasonable. In this case, we state that any zone transfer
// that takes longer than 60 minutes is unlikely to ever
// complete. WARNING: If you have very large zone files,
// adjust this to fit your requirements.
max-transfer-time-in 60;
// We have no dynamic interfaces, so BIND shouldn't need to
// poll for interface state {UP|DOWN}.
interface-interval 0;
// Uncoment these to enable IPv6 connections support
// IPv4 will still work
// listen-on { none; };
// listen-on-v6 { any; };
// allow-query { trusted_networks; };
allow-recursion { trusted_networks; };
// Deny anything from the bogon networks as
// detailed in the "bogon" ACL.
blackhole { bogon; };
};
// workaround stupid stuff... (OE: Wed 17 Sep 2003)
zone "ac" { type delegation-only; };
zone "cc" { type delegation-only; };
zone "com" { type delegation-only; };
zone "cx" { type delegation-only; };
zone "lv" { type delegation-only; };
zone "museum" { type delegation-only; };
zone "net" { type delegation-only; };
zone "nu" { type delegation-only; };
zone "ph" { type delegation-only; };
zone "sh" { type delegation-only; };
zone "tm" { type delegation-only; };
zone "ws" { type delegation-only; };
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "master/localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "master/localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "reverse/named.local";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "reverse/named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "reverse/named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "reverse/named.zero";
allow-update { none; };
};
zone "www.bazzaah.com" {
type master;
file "/var/named/www.bazzaah.com.hosts";
};
since the file does not exist, restart bind and test.
