How to make DNS master server?? Problems!!!

kayasaman · 09-22-2008, 11:47 PM

Hmm....

I managed to create a zone in named.conf:

Code:

Zone "optiplex-networks" {
        type master;
        file "/etc/bind/named.conf.local";
};

which loaded??

Don't know if this is correct though as I still can't resolve anything on internal network!

kayasaman · 09-22-2008, 11:52 PM

I took out the zone and added the .local include line; this is result:

Code:

Sep 23 07:50:41 gx110 named[19718]: shutting down: flushing changes
Sep 23 07:50:41 gx110 named[19718]: stopping command channel on 127.0.0.1#953
Sep 23 07:50:41 gx110 named[19718]: no longer listening on ::#53
Sep 23 07:50:41 gx110 named[19718]: no longer listening on 127.0.0.1#53
Sep 23 07:50:41 gx110 named[19718]: no longer listening on 192.168.1.51#53
Sep 23 07:50:41 gx110 named[19718]: exiting
Sep 23 07:50:47 gx110 named[20755]: starting BIND 9.3.4-P1.1 -u bind -t /var/lib/named
Sep 23 07:50:47 gx110 named[20755]: found 1 CPU, using 1 worker thread
Sep 23 07:50:47 gx110 named[20755]: loading configuration from '/etc/bind/named.conf'
Sep 23 07:50:47 gx110 named[20755]: /etc/bind/named.conf.local:13: expected quoted string near ''�\200\234'
Sep 23 07:50:47 gx110 named[20755]: loading configuration: unexpected token
Sep 23 07:50:47 gx110 named[20755]: exiting (due to fatal error)

kayasaman · 09-22-2008, 11:55 PM

This is my named.conf.local file in full:

Code:

//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

zone “optiplex-networks.com” {
   type master;
   notify no;
   allow-query { 192.168.1.0/24; };
   file “/var/named/optiplex-networks.db”;

};

zone “1.168.192.in-addr.arpa” {
   type master;
   notify no;
   allow-query { 192.168.1.0/24; };
   file “/var/named/192.168.1.rev”;
};

I'm guessing it doesn't like the syntax somewhere but where?

billymayday · 09-22-2008, 11:56 PM

Depends on what's in named.conf.local.

I'd expect named.conf.local to look more or less like what you had on page 1 of this thread, which was

Code:

//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "optiplex-networks.com" {
       type master;
       file "/var/named/optiplex-networks.db";
};

zone "1.168.192.IN-ADDR.ARPA" {
       type master;
       file "/var/named/192.168.1.rev";
};

and then have your zone file as you did in optiplex-networks.db.

If your named.conf.local now looks like optiplex-networks.db used to (or similar), then that should work but isn't standard Debian.

So, if you meet the requirements above, it's just a matter of debugging. What does dig give you now?

kayasaman · 09-23-2008, 12:07 AM

Alright I changed the named.conf.local file back to the original state which you just described!

then added in the include line for the file in named and output is same??

Code:

Sep 23 08:04:53 gx110 named[21273]: shutting down: flushing changes
Sep 23 08:04:53 gx110 named[21273]: stopping command channel on 127.0.0.1#953
Sep 23 08:04:53 gx110 named[21273]: no longer listening on ::#53
Sep 23 08:04:53 gx110 named[21273]: no longer listening on 127.0.0.1#53
Sep 23 08:04:53 gx110 named[21273]: no longer listening on 192.168.1.51#53
Sep 23 08:04:53 gx110 named[21273]: exiting
Sep 23 08:04:56 gx110 named[22793]: starting BIND 9.3.4-P1.1 -u bind -t /var/lib/named
Sep 23 08:04:56 gx110 named[22793]: found 1 CPU, using 1 worker thread
Sep 23 08:04:56 gx110 named[22793]: loading configuration from '/etc/bind/named.conf'
Sep 23 08:04:56 gx110 named[22793]: /etc/bind/named.conf.local:11: expected quoted string near ''�\200\234'
Sep 23 08:04:56 gx110 named[22793]: loading configuration: unexpected token
Sep 23 08:04:56 gx110 named[22793]: exiting (due to fatal error)

On both occassions named fails to start when 'include' line is added?

dig gives same result since new config not in the system yet.

kayasaman · 09-23-2008, 12:10 AM

What does this specifically mean:

Code:

Sep 23 08:04:56 gx110 named[22793]: /etc/bind/named.conf.local:11: expected quoted string near '''�\200\234'

as thats the error it's coming up with. Line 11 in named.conf.local is a closing brase }??

billymayday · 09-23-2008, 12:22 AM

Post your named.conf.local You are probably missing a quote or similar further up.

kayasaman · 09-23-2008, 12:23 AM

Does the line 'include'

have to be somewhere specific in the file as I added it at the top under the include for the named.conf.options file?

kayasaman · 09-23-2008, 12:24 AM

Code:

//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

zone “optiplex-networks.com” {
   type master;
   file “/var/named/optiplex-networks.db”;

};

zone “1.168.192.in-addr.arpa” {
   type master;
   file “/var/named/192.168.1.rev”;
};

Mr. C. · 09-23-2008, 12:59 AM

Wow! This thread has gone wild!

Thanks for the kind words early folks.

The syntax errors shown in post, gad, 92, and the odd characters in post 93 where quotes should be, seem to indicate a foul up with an editor. If you are using some text editor that is not saving your files in plain simple ASCII text, or is doing some formatting, set it to use simple text mode. If you copy/paste, be sure to change fancy formatting to simple ASCII. I'm wondering if this was a source of the earlier config problems.

kayasaman - an observation. Your thrashing like a fish on hot asphalt! :-) It would be far more useful to yourself, and for others to help you, to make one change at a time, test, and understand the results before making any more changes. And always look at the log files after each change for errors or problems. It would also surely be beneficial to learn some more DNS fundamentals.

I started to write the following this morning, but had some meetings to attend, so didn't have time to complete or post. I'll add it here, just as an FYI:

--
The correct tool to analyze DNS is dig, not ping. A resolved hostname in ping output is not as useful as the results given from dig.

In another thread, you commented something about the system possibly querying two DNS servers (primary, secondary) at the same time. This doesn't happen. The primary is always used first, and if no response is received, then the secondary is queried, and then the same for the third. The timeouts are about 10 seconds.

The file /etc/resolv.conf is the file that specifies the set of name server to be used for a system. This file is created or updated in numerous ways in various distributions. But it is the file to examine, as well as results of dig, to determine which NS is being used. A nameserver line in a resolv.conf file more correctly should be 0.0.0.0 or 127.0.0.1, and generally not the IP address of one of the interfaces. Yet it is superfluous - the linux/unix system resolver will automatically query a name server running on the localhost even without a nameserver entry in /etc/resolv.conf.
--

I would suggest in the future, and if necessary here, to start small and then add more complexity incrementally. I would personally just start with getting named working correctly as a simple caching name server, add the local domain zone files, and then add a single zone file for one domain and ignore all the reverse domain zones until last. To affect this, I would move all named.conf and zone files aside, and build them one step at a time. THEN use short cuts like file inclusion, etc.

Some comments on your zone files:

*) Use short names in zone files (avoid duplication of the zone name in each host). This avoids typos
*) Reduce your TTLs - some are needlessly high
*) If they aren't formated nicely, do so. It helps you spot errors. Perhaps they are already formatted nicely, and only formatted poorly in these posts.

A final note. I used to teach UNIX admin, and in two night's lecture/labs, had 30 or more students each running their own authoritative DNS server by night's end. You should be able to get your server up and running within this amount of time as well. I think it may have been more difficult here because you've pursued a How To approach, focusing on a step-by-step recipe rather than learning the basics and building upon knowledge one step at a time. DNS server's are complex - if you are going to run one, you should have the fundamentals well learned.

billymayday · 09-23-2008, 01:08 AM

I like the fish on the asphalt line.

You may have missed the odd post along the way, but the primary issue seems to have been the deletion of the include named.conf.local, so the designation for the domain effectively wasn't there, hence the non-authoritative behaviour.

Should be pretty simple to finalise from here I would expect - I'm not sure if the current named.conf.local contains an include statement to the zone file or the zone file itself (don't ask).

On the include positioning, it shouldn't matter, but was originally the last line.

kayasaman · 09-23-2008, 01:13 AM

Thanks so much MR C. for the tips, hints and suggestions.

In terms of editors I'm using ssh sessions with nano, which I gather should be alright.

In terms of learning DNS I wish I could've taken your courses as you seem well versed in loads of things

but I guess I just have to wait for it to come up in my Cisco CCNA which is starting in just under a week now and I'm already nearly finished with the first sommester having started studying for it early, also since the stuff was covered in my university degree about 4 years ago now I think.

Hmm... After all this I just wish that the DNS was functioning as it should be but I guess it's going to take a bit more 'thrashing about' as you put it since my router keeps timing out after a while of being used as a DNS server. So I need to migrate into my main server.

I am still open to suggestions as to what to do but all of this thrashing at least does teach you some if not all about things; just not very efficiently!

kayasaman · 09-23-2008, 01:19 AM

Well again tried to change position of }; in the named.conf.local file to wrap round the text but no luck

Guess I still have a few more years to go before I get to 'Guru' status and can go ahead with starting my own consulting company LOL

UH

billymayday · 09-23-2008, 01:22 AM

Post named.conf.local

kayasaman · 09-23-2008, 01:23 AM

Curretnly:

Code:

//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

zone “optiplex-networks.com” {
   type master;
   file “/var/named/optiplex-networks.db”;
};

zone “1.168.192.in-addr.arpa” {
   type master;
   file “/var/named/192.168.1.rev”;
};