Hi all.

I have for 3 years now tried to configure and set up my own dns server. Now i have it up and it is working, but until now it is not working when i do "host kentb.se" in my konsol. I am not sure if my configuration is right.

Please help me understand if I have got something wrong.

Kind regards Kent

I did named checkzone and got this error (thats a lot i did wrong, embarrising)

--------------------------------------------------------------

Named checkzone

dns_rdata_fromtext: kentb.se.zone:6: near eol: unexpected end of input
kentb.se.zone:8: unknown RR type 'ns1.kentb.se.'
kentb.se.zone:9: unknown RR type 'ns2.kentb.se.'
kentb.se.zone:10: unknown RR type 'ns.domain.se.'
kentb.se.zone:12: no TTL specified; zone rejected
kentb.se.zone:14: no TTL specified; zone rejected
kentb.se.zone:15: no TTL specified; zone rejected
kentb.se.zone:16: no TTL specified; zone rejected
kentb.se.zone:18: unknown RR type 'ns.kentb.se.'
kentb.se.zone:19: no TTL specified; zone rejected
kentb.se.zone:20: no TTL specified; zone rejected
kentb.se.zone:21: no TTL specified; zone rejected
kentb.se.zone:23: no TTL specified; zone rejected
dns_master_load: kentb.se.zone:23: www.kentb.se: CNAME and other data
kentb.se.zone:24: no TTL specified; zone rejected
kentb.se.zone:25: no TTL specified; zone rejected
kentb.se.zone:26: no TTL specified; zone rejected
kentb.se.zone:27: no TTL specified; zone rejected
zone kentb.se/IN: loading from master file kentb.se.zone failed: unexpected end of input

End of named checkzone

-----------------------------------------------


Here is me named.conf

--------------------------------------------------------------------------
// (oe) Loosely based on the document below and from production server configurations.

//
// $Id: named.conf 80849 2007-09-06 11:56:48Z oden $
// $HeadURL: svn+ssh://svn.mandriva.com/svn/packages/cooker/bind/current/SOURCES/named.conf $


// secret must be the same as in /etc/rndc.conf
include "/etc/rndc.key";

controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};


// Access lists (ACL's) should be defined here
include "/etc/bogon_acl.conf";
include "/etc/trusted_networks_acl.conf";

// Define logging channels
include "/etc/logging.conf";

options {
version "";
directory "/var/named";
dump-file "/var/tmp/named_dump.db";
pid-file "/var/run/named.pid";
statistics-file "/var/tmp/named.stats";
zone-statistics yes;
// datasize 256M;
coresize 100M;
// fetch-glue no;
// recursion no;
// recursive-clients 10000;
auth-nxdomain yes;
query-source address * port *;
listen-on port 53 { any; };
cleaning-interval 120;
transfers-in 20;
transfers-per-ns 2;
lame-ttl 0;
max-ncache-ttl 10800;

// forwarders { first_public_nameserver_ip; second_public_nameserver_ip; };

// allow-update { none; };
// allow-transfer { any; };

// Prevent DoS attacks by generating bogus zone transfer
// requests. This will result in slower updates to the
// slave servers (e.g. they will await the poll interval
// before checking for updates).
notify no;
// notify explicit;
// also-notify { secondary_name_server };

// Generate more efficient zone transfers. This will place
// multiple DNS records in a DNS message, instead of one per
// DNS message.
transfer-format many-answers;

// Set the maximum zone transfer time to something more
// reasonable. In this case, we state that any zone transfer
// that takes longer than 60 minutes is unlikely to ever
// complete. WARNING: If you have very large zone files,
// adjust this to fit your requirements.
max-transfer-time-in 60;

// We have no dynamic interfaces, so BIND shouldn't need to
// poll for interface state {UP|DOWN}.
interface-interval 0;

// Uncoment these to enable IPv6 connections support
// IPv4 will still work
// listen-on { none; };
// listen-on-v6 { any; };

// allow-query { trusted_networks; };
allow-recursion { trusted_networks; };

// Deny anything from the bogon networks as
// detailed in the "bogon" ACL.
blackhole { bogon; };
};

// workaround stupid stuff... (OE: Wed 17 Sep 2003)
zone "ac" { type delegation-only; };
zone "cc" { type delegation-only; };
zone "com" { type delegation-only; };
zone "cx" { type delegation-only; };
zone "lv" { type delegation-only; };
zone "museum" { type delegation-only; };
zone "net" { type delegation-only; };
zone "nu" { type delegation-only; };
zone "ph" { type delegation-only; };
zone "sh" { type delegation-only; };
zone "tm" { type delegation-only; };
zone "ws" { type delegation-only; };

zone "." IN {
type hint;
file "named.ca";
};

zone "localdomain" IN {
type master;
file "master/localdomain.zone";
allow-update { none; };
};

zone "localhost" IN {
type master;
file "master/localhost.zone";
allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
type master;
file "reverse/named.local";
allow-update { none; };
};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "reverse/named.ip6.local";
allow-update { none; };
};

zone "255.in-addr.arpa" IN {
type master;
file "reverse/named.broadcast";
allow-update { none; };
};

zone "0.in-addr.arpa" IN {
type master;
file "reverse/named.zero";
allow-update { none; };
};
zone "kentb.se" IN {
type master;
file "kentb.se.zone";
allow-update { none; };
};
zone "59.193.xx.xx.in-addr.arpa" IN {
type master;
file "59.193.233.89.rev";
allow-update { none; };
};

---------------------------------------------------------------------

End of named.conf

Start of my zone file kentb.se.zone

@ IN SOA ns1.kentb.se root.localhost (
2006012103; serial
28800; refresh, seconds
7200; retry, seconds
604800; expire, seconds
86400); minimum, seconds

NS ns1.kentb.se.
NS ns2.kentb.se.
NS ns.domain.se.

kentb.se. MX 5 mail.kentb.se.

kentb.se. A 192.168.15.102

localhost A 127.0.0.1

NS ns.kentb.se.;
kentb.se. A 89.233.xx.xx
www A 89.233.xx.xx
ns A 89.233.xx.xx

www CNAME kentb.se.
ftp CNAME kentb.se.
mail CNAME kentb.se.
ns1 CNAME kentb.se.
ns2 CNAME kentb.se.


-------------------------------------------------------

End of zone file.

There are several errors, and they all have to do with your zone file. As named-checkzone says, you have no $TTL value determined. Putting:
as the first line of your zone file will correct that problem.

The zone itself is a mess. First you put 3 nameservers up, but all 3 have the same address! That is pointless. You also have 2 A records for kentb.se which is fine, but one is your LAN address (192.168.15.102), then the other is your WAN address. That will be a poor configuration. I see you actually have registered the name kentb.se. That is good, but it means people can send you email, or visit your site. So think about this:

Somebody asks for the MX of kentb.se. The DNS says, "ok, the MX for kentb.se is mail.kentb.se. Mail.kentb.se is a CNAME for kentb.se. Kentb.se has 2 addresses. I'm sending you the first one, which is 192.168.15.102, and you can't reach that from anywhere in the world, as 192.168.X.Y is a non-routeable address. The same thing happens for your DNS records, and www records.

You need to enable views in named.conf. Have anyone looking for kentb.se on the LAN get the 192.168.15.102 address, and anyone looking from the public WAN gets the 89.233.193.59 address.

So basically, add a $TTL value, change the serial (anytime you change, the serial should go up), reload/restart/rndc BIND, and see if it works better.

Peace,
JimBass

Thanks Jimbass

I really appreciate your answer. I sat up late last night and i found a websight with a script to create a zone file along with your comments i created a new zone file and now i only had two problems in the named checkzone answer and the answer was:

named checkzone:

---------------------------------
zone kentb.se/IN: kentb.se/MX 'mail.kentb.se' has no address records (A or AAAA)
zone kentb.se/IN: kentb.se/MX 'mail-spool.kentb.se' has no address records (A or AAAA)
zone kentb.se/IN: loaded serial 2008021501
OK


-------------------------------------------------------
kentb.se.zone
-----------------------
; BIND db file for kentb.se

$TTL 86400

@ IN SOA ns1.kentb.se. kent.kentb.se. (
2008021501 ; serial number YYMMDDNN
28800 ; Refresh
7200 ; Retry
864000 ; Expire
86400 ; Min TTL
)

NS ns1.kentb.se.
NS ns2.kentb.se.

MX 10 mail.kentb.se.
MX 20 mail-spool.kentb.se.


$ORIGIN kentb.se.

localhost IN A 127.0.0.1
localhost IN A 192.168.15.102
kentb.se IN A 89.233.xx.xx
ns1 IN A 89.233.xx.xx
ns2 IN A 89.233.xx.xx

You need an entry each one of your MX servers:

Thank very much for all help.

I have it up now and running.

The thing is that I get this when i do dig kentb.se

I get this answer but nothing about what ip leads to kentb.se

Anyone have any idea what is the matter now. I use 127.1.0.1 and my domain name kentb,se in resolv,conf
----------------------------------------------
<<>> DiG 9.4.1-P1 <<>> kentb.se
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8182
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;kentb.se. IN A

;; AUTHORITY SECTION:
kentb.se. 3600 IN SOA ns1.kentb.se. kent.kentb.se. 2008021501 28800 7200 864000 86400

;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Feb 17 00:09:54 2008
;; MSG SIZE rcvd: 71
------------------------------------------

This "ANSWER: 0" means that you get no answer.
Use the IP or name of your dns to see if you get an answer:
You can also re-post named.conf and the zone file to see if we find any error.

Regards

Did what you said and here is my answer

I so much appreciate all the help i got in this matter.

Greetings Kent.
----------------------------------------------------
[root@www master]# dig kentb.se @ns1.kentb.se

; <<>> DiG 9.4.1-P1 <<>> kentb.se @ns1.kentb.se
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44001
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;kentb.se. IN A

;; ANSWER SECTION:
kentb.se. 3600 IN A 89.233.xx.xx

;; AUTHORITY SECTION:
kentb.se. 3600 IN NS ns2.kentb.se.
kentb.se. 3600 IN NS ns1.kentb.se.

;; ADDITIONAL SECTION:
ns1.kentb.se. 3600 IN A 89.233.xx.xx
ns2.kentb.se. 3600 IN A 217.75.xx.xx

;; Query time: 7 msec
;; SERVER: 89.233.193.59#53(89.233.193.59)
;; WHEN: Mon Feb 18 18:25:20 2008
;; MSG SIZE rcvd: 110

Glad to see you've made it.
I guess that you have an error in /etc/resolv.conf (you use 127.1.0.1 instead of 127.0.0.1) looking at your previous answer:
Regards