dns server error -- out of zone data error
Hi I'm Muruganandan
I am configuring my dns server with Centos 6.5 bind Version 9.8.2 I configured everthing but if start the server I m getting out of zone error, Here my named.conf /acl "slave" { ip-address; };// acl "blacklist" { 210.10.10.1; 192.168.10.1; 162.168.20.0/24; 192.168.0.0/24; }; acl "spoofingnetwork" { 10.0.0.0/8; 192.168.0.0/16; }; options { listen-on port 53 { 127.0.0.1; any; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { localhost; mynet; }; allow-recursion { wls-net; }; blackhole { blacklist; spoofingnetwork; }; recursion yes; dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; include "/etc/named.rfc1912.zones"; #include "/etc/named.root.key"; Im configuring for the ISP with multiple zone I want allow our own network to query What shoul I do But I try named-checkconf named.conf -z it does not give any error same I checked the zone file also not give error the structures looking okay but I could not find the reason any one help out named.rf19192.zone file view "internal" { match-clients { "allow"; }; recursion yes; allow-recursion { "allow"; }; zone "." IN { type hint; file "named.ca"; }; zone "102.122.202.in.addr-arpa" IN { type master; file "102.122.202.zone"; allow-update { none; }; allow-query { allow; }; }; zone "101.121.202.in.addr-arpa" IN { type master; file "101.121.202.zone"; where allow is my network in both named.conf and named.rfc so tell me what could be the reason in details Thanaks in advance Muruganandan.C linux Anandhc is online now |
I don't think the word "allow" is valid element in your statements:
Your post shows elements like: match-clients { "allow"; }; and allow-recursion { "allow"; }; etc. But, I think you mean { "any"; } instead of { "allow"; }, if by 'allow' you want to allow 'any'body. 'allow' would be valid, if there was an 'acl' statement defining 'allow' as an acl, but I don't see that in your post. Try changing all occurances of "{ "allow"; }" to "{ "any"; }" in named.conf. |
Hi Thanks for your reply
Your post shows elements like: match-clients { "allow"; }; and allow-recursion { "allow"; }; etc where "allow" is my acl's name. But some how I managed to resolve the error, but I figured this is because some mis-configuration in zone files, Now I have I another error my named.conf is starting well. but its not resolving names, I try to ping IP its pinging, I try to ping names like ping yahoo.com it gives me error unknown host, what would be be the reason DNS-Bind 9.9.* in OS-centos 7 /* Sample named.conf BIND DNS server 'named' configuration file for the Red Hat BIND distribution. See the BIND Administrator's Reference Manual (ARM) for details, in: file:///usr/share/doc/bind-{version}/arm/Bv9ARM.html Also see the BIND Configuration GUI : /usr/bin/system-config-bind and its manual. */ acl “allow” { 127.0.0.1; 192.168.180.0/24; xx.x.x.x/21;}; options { // Put files that named is allowed to write in the data/ directory: directory "/var/named"; // "Working" directory dump-file "data/cache_dump.db"; statistics-file "data/named_stats.txt"; memstatistics-file "data/named_mem_stats.txt"; /* Specify listenning interfaces. You can use list of addresses (';' is delimiter) or keywords "any"/"none" */ //listen-on port 53 { any; }; listen-on port 53 { 127.0.0.1; allow; }; //listen-on-v6 port 53 { any; }; //listen-on-v6 port 53 { ::1; }; }; */ allow-query { localhost; }; allow-query-cache { localhost; }; recursion yes; //dnssec-enable yes; //dnssec-validation yes; //dnssec-lookaside auto; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; view "localhost_resolver" { match-clients { localhost; allow; }; recursion yes; # all views must contain the root hints zone: zone "." IN { type hint; file "/var/named/named.ca"; }; include "/etc/named.rfc1912.zones"; }; view "internal" { match-clients { localnets; }; allow-recursion { localhost; allow; }; allow-query { localhost; allow; }; recursion yes; zone "." IN { type hint; file "/var/named/named.ca"; }; */ include "/etc/named.rfc1912.zones"; }; view "external" { match-clients { any; allow; }; zone "." IN { type hint; file "/var/named/named.ca"; }; recursion no; }; }; Here is my named.conf file Please tell me what could be reason ther is error in lg broken key chain I have checked zone individually and named.conf file there is error reported but if try resolve names its gives me unknown host, Thanks in advance Regads Muruganandan.C ---------- Post added 09-24-14 at 03:23 PM ---------- Hi Thanks for your reply Your post shows elements like: match-clients { "allow"; }; and allow-recursion { "allow"; }; etc where "allow" is my acl's name. But some how I managed to resolve the error, but I figured this is because some mis-configuration in zone files, Now I have I another error my named.conf is starting well. but its not resolving names, I try to ping IP its pinging, I try to ping names like ping yahoo.com it gives me error unknown host, what would be be the reason DNS-Bind 9.9.* in OS-centos 7 /* Sample named.conf BIND DNS server 'named' configuration file for the Red Hat BIND distribution. See the BIND Administrator's Reference Manual (ARM) for details, in: file:///usr/share/doc/bind-{version}/arm/Bv9ARM.html Also see the BIND Configuration GUI : /usr/bin/system-config-bind and its manual. */ acl “allow” { 127.0.0.1; 192.168.180.0/24; xx.x.x.x/21;}; options { // Put files that named is allowed to write in the data/ directory: directory "/var/named"; // "Working" directory dump-file "data/cache_dump.db"; statistics-file "data/named_stats.txt"; memstatistics-file "data/named_mem_stats.txt"; /* Specify listenning interfaces. You can use list of addresses (';' is delimiter) or keywords "any"/"none" */ //listen-on port 53 { any; }; listen-on port 53 { 127.0.0.1; allow; }; //listen-on-v6 port 53 { any; }; //listen-on-v6 port 53 { ::1; }; }; */ allow-query { localhost; }; allow-query-cache { localhost; }; recursion yes; //dnssec-enable yes; //dnssec-validation yes; //dnssec-lookaside auto; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; view "localhost_resolver" { match-clients { localhost; allow; }; recursion yes; # all views must contain the root hints zone: zone "." IN { type hint; file "/var/named/named.ca"; }; include "/etc/named.rfc1912.zones"; }; view "internal" { match-clients { localnets; }; allow-recursion { localhost; allow; }; allow-query { localhost; allow; }; recursion yes; zone "." IN { type hint; file "/var/named/named.ca"; }; */ include "/etc/named.rfc1912.zones"; }; view "external" { match-clients { any; allow; }; zone "." IN { type hint; file "/var/named/named.ca"; }; recursion no; }; }; Here is my named.conf file Please tell me what could be reason ther is error in lg broken key chain I have checked zone individually and named.conf file there is error reported but if try resolve names its gives me unknown host, Thanks in advance Regads Muruganandan.C |
All times are GMT -5. The time now is 02:52 AM. |