Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: named do not work

  1. #1

    Default named do not work

    I have many problems. The first was that forwarding do not work. Local resolveing works but nslookup on windows tells me that dns is not avadable. and my last problem is that i cant start named when i schwicht the DHCP_UPDATER on.

    can somebody help me?



    My named.conf

    # Copyright (c) 2001-2004 SuSE Linux AG, Nuernberg, Germany.
    # All rights reserved.
    #
    # Author: Frank Bodammer, Lars Mueller <lmuelle@suse.de>
    #
    # /etc/named.conf
    #
    # This is a sample configuration file for the name server BIND 9. It works as
    # a caching only name server without modification.
    #
    # A sample configuration for setting up your own domain can be found in
    # /usr/share/doc/packages/bind/sample-config.
    #
    # A description of all available options can be found in
    # /usr/share/doc/packages/bind/misc/options.

    options {

    # The directory statement defines the name server's working directory

    directory "/var/lib/named";

    # Write dump and statistics file to the log subdirectory. The
    # pathenames are relative to the chroot jail.

    dump-file "/var/log/named_dump.db";
    statistics-file "/var/log/named.stats";

    # The forwarders record contains a list of servers to which queries
    # should be forwarded. Enable this line and modify the IP address to
    # your provider's name server. Up to three servers may be listed.

    forwarders {
    # 195.50.140.178;
    192.168.13.1;
    };

    # Enable the next entry to prefer usage of the name server declared in
    # the forwarders section.

    # forward first;

    # The listen-on record contains a list of local network interfaces to
    # listen on. Optionally the port can be specified. Default is to
    # listen on all interfaces found on your system. The default port is
    # 53.

    listen-on port 53 { 127.0.0.1; 127.0.0.2; 192.168.13.11; };

    # The listen-on-v6 record enables or disables listening on IPv6
    # interfaces. Allowed values are 'any' and 'none' or a list of
    # addresses.

    listen-on-v6 { none; };

    # The next three statements may be needed if a firewall stands between
    # the local server and the internet.

    # query-source address * port 53;
    # transfer-source * port 53;
    # notify-source * port 53;

    # The allow-query record contains a list of networks or IP addresses
    # to accept and deny queries from. The default is to allow queries
    # from all hosts.

    allow-query { any;};

    # If notify is set to yes (default), notify messages are sent to other
    # name servers when the the zone data is changed. Instead of setting
    # a global 'notify' statement in the 'options' section, a separate
    # 'notify' can be added to each zone definition.

    notify no;
    };

    # To configure named's logging remove the leading '#' characters of the
    # following examples.
    #logging {
    # # Log queries to a file limited to a size of 100 MB.
    # channel query_logging {
    # file "/var/log/named_querylog"
    # versions 3 size 100M;
    # print-time yes; // timestamp log entries
    # };
    # category queries {
    # query_logging;
    # };
    #
    # # Or log this kind alternatively to syslog.
    # channel syslog_queries {
    # syslog user;
    # severity info;
    # };
    # category queries { syslog_queries; };
    #
    # # Log general name server errors to syslog.
    # channel syslog_errors {
    # syslog user;
    # severity error;
    # };
    # category default { syslog_errors; };
    #
    # # Don't log lame server messages.
    # category lame-servers { null; };
    #};

    # The following zone definitions don't need any modification. The first one
    # is the definition of the root name servers. The second one defines
    # localhost while the third defines the reverse lookup for localhost.

    zone "." in {
    type hint;
    file "root.hint";
    };

    zone "localhost" in {
    type master;
    file "localhost.zone";
    };

    zone "0.0.127.in-addr.arpa" in {
    type master;
    file "127.0.0.zone";
    };

    # Include the meta include file generated by createNamedConfInclude. This
    # includes all files as configured in NAMED_CONF_INCLUDE_FILES from
    # /etc/sysconfig/named

    include "/etc/named.conf.include";

    # You can insert further zone records for your own domains below or create
    # single files in /etc/named.d/ and add the file names to
    # NAMED_CONF_INCLUDE_FILES.
    # See /usr/share/doc/packages/bind/README.SUSE for more details.
    #key DHCP_UPDATER {
    #algorithm HMAC-MD5.SIG-ALG.REG.INT;
    #secret "XXX";
    #};


    zone "lipton" {
    type master;
    file "/var/lib/named/master/lipton.hosts";
    };
    zone "0.13.168.192.in-addr.arpa" {
    type master;
    file "/var/lib/named/master/192.168.13.0.rev";
    };

  2. #2
    Join Date
    Jun 2008
    Location
    Finland, European Union
    Posts
    1,879

    Default Re: named do not work

    Well the first question is - do you have UDP/TCP port 53 open on the Linux server?

  3. #3

    Default Re: named do not work

    yes the firewall is switcht off so the port has to be free.

  4. #4
    Join Date
    Jun 2008
    Location
    Finland, European Union
    Posts
    1,879

    Default Re: named do not work

    tail -f /var/lib/named/log/named_querylog

    While doing that, do a few queries from localhost and Windows - see if they reach the server.

    Also check:
    netstat -anp|grep 53

    Make sure it's listening to the IP (or 0.0.0.0:53 if you want to listen to all interfaces)

    Also make sure that named does actually run at the time with: rcnamed status

    /var/log/messages should also contain information about the named service startup.

  5. #5
    Join Date
    Jul 2008
    Location
    Antwerp, Belgium
    Posts
    42

    Default Re: named do not work

    Hi,

    I think you have to edit your named.conf a little more.

    In the section forwarders should be the ip-address of the dns-server of your ISP, so that your dns-server can forward the queries to the internet

    forwarders {
    # 195.50.140.178;
    192.168.13.1; => should be ISP dns-address
    };

    If you want to work with dynamic updates, you will have to edit your zone's as well like this:

    zone "lipton" {
    type master;
    allow-update { key your_key; };
    allow-transfer { any; };
    file "dyn/lipton";
    };

    zone "13.168.192.in-addr.arpa" {
    type master;
    allow-update { key your_key; };
    allow-transfer { any; };
    file "dyn/13.168.192.in-addr.arpa";
    };

    You can find the name of the key in the file /etc/named.d/*.key

    Next you will have to edit your zone-files:
    They should be like this:

    => /var/lib/named/dyn/lipton (replace nameserver with the name of your server):

    $TTL 172800
    @ IN SOA nameserver.lipton. root.nameserver.lipton. (
    2008072300
    10800
    3600
    604800
    86400)
    IN NS nameserver.lipton.
    nameserver IN A 192.168.13.11 (this should be your server ip)
    ns1 IN CNAME nameserver

    and /var/lib/named/dyn/13.168.192.in-addr.arpa (replace nameserver with the name of your server):

    $TTL 172800
    @ IN SOA nameserver.lipton. root.nameserver.lipton. (
    2008072300
    10800
    3600
    604800
    86400)
    IN NS 11.13.168.192.in-addr.arpa. (replace ip with the server IP)
    1 IN PTR nameserver.lipton.

    Then restart your dns server with rcnamed restart (as su)

    This how I've set it up and it seems to be working

    For more info: Configuring DNS and DHCP on Suse Linux Enterprise Server

  6. #6

    Default Re: named do not work

    thanks for all the informations i will test it next days.

  7. #7

    Default Re: named do not work

    i have done all the thinks but the named do not run.

    fist the netstat -anp|grep 53 command:
    tcp 0 0 192.168.13.11:53 0.0.0.0:* LISTEN 18038/named
    tcp 0 0 127.0.0.2:53 0.0.0.0:* LISTEN 18038/named
    tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 18038/named
    tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 2535/cupsd
    tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 18038/named
    udp 0 0 0.0.0.0:53 0.0.0.0:* 18038/named
    udp 0 0 192.168.13.11:53 0.0.0.0:* 18038/named
    udp 0 0 127.0.0.2:53 0.0.0.0:* 18038/named
    udp 0 0 127.0.0.1:53 0.0.0.0:* 18038/named
    udp 0 0 0.0.0.0:36831 0.0.0.0:* 2537/avahi-daemon:
    udp 0 0 0.0.0.0:5353 0.0.0.0:* 2537/avahi-daemon:
    udp 0 0 0.0.0.0:631 0.0.0.0:* 2535/cupsd
    unix 2 [ ACC ] STREAM LISTENING 6295 2537/avahi-daemon: /var/run/avahi-daemon/socket
    unix 2 [ ACC ] STREAM LISTENING 6302 2534/audispd /var/run/audispd_events
    unix 2 [ ACC ] STREAM LISTENING 6322 2535/cupsd /var/run/cups/cups.sock
    unix 3 [ ] STREAM CONNECTED 6753 2677/master
    unix 3 [ ] STREAM CONNECTED 6394 2537/avahi-daemon: /var/run/avahi-daemon/socket
    unix 2 [ ] DGRAM 6304 2534/audispd
    unix 3 [ ] STREAM CONNECTED 6297 2537/avahi-daemon:
    unix 2 [ ] DGRAM 6288 2537/avahi-daemon:
    unix 2 [ ] DGRAM 6268 2532/auditd
    unix 3 [ ] STREAM CONNECTED 6267 2532/auditd
    unix 3 [ ] STREAM CONNECTED 6266 2534/audispd
    unix 3 [ ] STREAM CONNECTED 4853 1965/kdm_greet
    unix 3 [ ] STREAM CONNECTED 4113 1530/acpid.socket
    unix 3 [ ] STREAM CONNECTED 4109 1530/acpid.socket

    after that my new named.conf :

    options {

    # The directory statement defines the name server's working directory

    directory "/var/lib/named";

    # Write dump and statistics file to the log subdirectory. The
    # pathenames are relative to the chroot jail.

    dump-file "/var/log/named_dump.db";
    statistics-file "/var/log/named.stats";

    # The forwarders record contains a list of servers to which queries
    # should be forwarded. Enable this line and modify the IP address to
    # your provider's name server. Up to three servers may be listed.

    forwarders {
    192.168.13.1;
    };

    # Enable the next entry to prefer usage of the name server declared in
    # the forwarders section.

    # forward first;

    # The listen-on record contains a list of local network interfaces to
    # listen on. Optionally the port can be specified. Default is to
    # listen on all interfaces found on your system. The default port is
    # 53.

    listen-on port 53 { 127.0.0.1; 127.0.0.2; 192.168.13.11; };

    # The listen-on-v6 record enables or disables listening on IPv6
    # interfaces. Allowed values are 'any' and 'none' or a list of
    # addresses.

    listen-on-v6 { none; };

    # The next three statements may be needed if a firewall stands between
    # the local server and the internet.

    query-source address * port 53;
    transfer-source * port 53;
    notify-source * port 53;
    allow-query { any;};

    # If notify is set to yes (default), notify messages are sent to other
    # name servers when the the zone data is changed. Instead of setting
    # a global 'notify' statement in the 'options' section, a separate
    # 'notify' can be added to each zone definition.

    notify no;
    };
    zone "." in {
    type hint;
    file "root.hint";
    };

    zone "localhost" in {
    type master;
    file "localhost.zone";
    };

    zone "0.0.127.in-addr.arpa" in {
    type master;
    file "127.0.0.zone";
    };
    zone "lipton" {
    type master;
    # file "/var/lib/named/master/lipton.hosts";
    allow-update { key H94JQHKbevJZwzd4OOTu5G==; };
    allow-transfer { any; };
    file "dyn/lipton";
    };
    zone "0.13.168.192.in-addr.arpa" {
    type master;
    #file "/var/lib/named/master/192.168.13.0.rev";
    allow-update { key H94JQHKbevJZwzd4OOTu5G==; };
    allow-transfer { any; };
    file "dyn/13.168.192.in-addr.arpa";
    };
    logging {
    channel named_test {
    file "/var/lib/named/log/named_querylog";
    severity error;
    print-category yes;
    print-severity yes;
    print-time yes;
    };
    };

    I have Created the new zone files at /var/lib/named/dyn/lipton and /var/lib/named/dyn/13.168.192.in-addr.arpa

    and now i have the problem that the server cant resaolve any name.

  8. #8
    Join Date
    Jul 2008
    Location
    Antwerp, Belgium
    Posts
    42

    Default Re: named do not work

    change the name of the keys in your zone sections:

    allow-update { key H94JQHKbevJZwzd4OOTu5G==; };

    to something like

    allow update { key dyn_dns }; (this the name of the key)

    And there seems to be a bug in opensuse 11 with dhcp and dns:

    https://bugzilla.novell.com/show_bug.cgi?id=404663

    where you can't resolve hostnames in the network

  9. #9

    Default Re: named do not work

    thats not the problem i have commented the lines with the keys first the dns have to resolve forwarded adresses. thats the main problem.

  10. #10
    Join Date
    Jul 2008
    Location
    Antwerp, Belgium
    Posts
    42

    Default Re: named do not work

    What do you mean by forwarded addresses? Do you mean like Google or opensuse.org? then try to change the ip-address of the forwarder to the ip-address of your internet-provider or use the ip-address of openDNS (OpenDNS | Providing A Safer And Faster Internet.

    ip for opendns:

    208.67.222.222
    208.67.220.220

    That way if you ask your dns-server for an address, and he doesn't know it, it will ask on the internet for the address.

    So change this:
    forwarders {
    192.168.13.1;
    };

    to

    forwarders {
    208.67.222.222;
    208.67.220.220;
    };


    in your case, if you send an address to your dns server and he doesn't know about it, he's going to forward it to 192.168.13.1, but because this on your local network, it will forward it again to your dns-server for the address, wich will forward it again to 192.168.13.1

    you should also change your reverse zone from 0.13.168.192.in-addr-arpa to 13.168.192.in-addr.arpa

    A reverse zone have to translate 192.168.13.xxx to a hostname,

    so if you have an ip-address (for example 192.168.13.150 and you want to have a hostname, your dns-server will do

    150.13.168.192.in-addr.arpa and translate this to a host name.

    Because you have 0.13.168.192.in-addr.arpa, your dns server can't add the 150 to it.

    I hope this is helping, I know a lot about this (I had to find all this by myself at home), and I know this is difficult stuff, but I will do my best to help you.
    http://www.philipraets.be
    Hardware: Dell Mini 9, Dell Vostro 1510, Sony Vaio FZ21M, SelfMade PC
    Software: openSUSE, Xen, openLDAP, Samba, Nagios, Apache, MySQL, Oracle, Still no mailserver

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •