named refuses to start; using OpenSUSE 11.4

Starting

named

does not work: it returns the error

/etc/init.d/named start returned 1 (unspecified error):

I have set up the DNS server using Yast, and it is straightforward.
It is for internal network traffic only. There are two master zones: 168.192.in-addr.arpa and site.

The file site contains the following:

168.192.in-addr.arpa  site
$TTL 2d
@               IN SOA          katie.site.     root.katie.site. (
                                2013072000      ; serial
                                3h              ; refresh
                                1h              ; retry
                                1w              ; expiry
                                1d )            ; minimum

site.           IN NS           katie.site.
katie.site.     IN A            192.168.1.17
jeeesus         IN A            192.168.1.21
katie           IN A            192.168.1.17

The file 168.192.in-addr.arpa contains:

 $TTL 2d
@               IN SOA          katie.site.     root.katie.site. (
                                2013072000      ; serial
                                3h              ; refresh
                                1h              ; retry
                                1w              ; expiry
                                1d )            ; minimum

site.           IN NS           katie.site.
katie.site.     IN A            192.168.1.17
jeeesus         IN A            192.168.1.21
katie           IN A            192.168.1.17

I have two forwarders for my ISP nameservers. Otherwise everything is according to the default settings. The systen log output from attempting to start DNS is as follows:

Jul 20 12:24:20 katie named[17285]: starting BIND 9.7.4-P1 -t /var/lib/named -u named
Jul 20 12:24:20 katie named[17285]: built with '--prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--localstatedir=/var' '--libdir=/usr/lib' '--includedir=/usr/include/bind' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-openssl' '--enable-threads' '--with-libtool' '--enable-runidn' '--with-libxml2' '--with-dlz-mysql' '--with-dlz-ldap' '--with-gssapi' 'CFLAGS=-fomit-frame-pointer -fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -g -fno-strict-aliasing' 'LDFLAGS=-L/usr/lib'
Jul 20 12:24:20 katie named[17285]: adjusted limit on open files from 8192 to 1048576
Jul 20 12:24:20 katie named[17285]: found 2 CPUs, using 2 worker threads
Jul 20 12:24:20 katie named[17285]: using up to 4096 sockets
Jul 20 12:24:20 katie named[17285]: loading configuration from '/etc/named.conf'
Jul 20 12:24:20 katie named[17285]: using default UDP/IPv4 port range: [1024, 65535]
Jul 20 12:24:20 katie named[17285]: using default UDP/IPv6 port range: [1024, 65535]
Jul 20 12:24:20 katie named[17285]: listening on IPv6 interfaces, port 53
Jul 20 12:24:20 katie named[17285]: binding TCP socket: address in use
Jul 20 12:24:20 katie named[17285]: listening on IPv4 interface lo, 127.0.0.1#53
Jul 20 12:24:20 katie named[17285]: binding TCP socket: address in use
Jul 20 12:24:20 katie named[17285]: listening on IPv4 interface lo, 127.0.0.2#53
Jul 20 12:24:20 katie named[17285]: binding TCP socket: address in use
Jul 20 12:24:20 katie named[17285]: listening on IPv4 interface eth0, 192.168.1.17#53
Jul 20 12:24:20 katie named[17285]: binding TCP socket: address in use
Jul 20 12:24:20 katie named[17285]: generating session key for dynamic DNS

Any idea what might be wrong? Thanks

On 2013-07-20 13:36, cgcenet wrote:

> Any idea what might be wrong? Thanks

Is it set for chroot? Don’t, at least while you investigate.


Cheers / Saludos,

Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)

No, there is no chroot set up at all.

It will be a bit difficult for many people to help you because you use an unsupported version of openSUSE. Thus people can not try to do the same as you did in the hope to recreate the problem at their systems.

What looks strange to me is the messages:

ul 20 12:24:20 katie named[17285]: binding TCP socket: address in use

IMHO it means that another program is already listening on port 53. Are you sure there isn’t another name server already running?

You can see which program listens on port 53 (domain) by running as root:

netstat -tulp | grep domain

# netstat -tulp | grep domain
tcp        0      0 *:domain                *:*                     LISTEN      1693/dnsmasq        
tcp        0      0 *:domain                *:*                     LISTEN      1693/dnsmasq        
udp        0      0 *:domain                *:*                                 1693/dnsmasq        
udp        0      0 *:domain                *:*                                 1693/dnsmasq 

I stopped dnsmasq and tried starting named again, still no success.

That might be about the result told in human chitchat, but imho it would be of interest of course what the logging says now.

It doesn’t say anything about the address being in use anymore, but it still won’t start.

Jul 21 10:38:48 katie named[18064]: starting BIND 9.7.4-P1 -t /var/lib/named -u named
Jul 21 10:38:48 katie named[18064]: built with '--prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--localstatedir=/var' '--libdir=/usr/lib' '--includedir=/usr/include/bind' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-openssl' '--enable-threads' '--with-libtool' '--enable-runidn' '--with-libxml2' '--with-dlz-mysql' '--with-dlz-ldap' '--with-gssapi' 'CFLAGS=-fomit-frame-pointer -fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -g -fno-strict-aliasing' 'LDFLAGS=-L/usr/lib'
Jul 21 10:38:48 katie named[18064]: adjusted limit on open files from 8192 to 1048576
Jul 21 10:38:48 katie named[18064]: found 2 CPUs, using 2 worker threads
Jul 21 10:38:48 katie named[18064]: using up to 4096 sockets
Jul 21 10:38:48 katie named[18064]: loading configuration from '/etc/named.conf'
Jul 21 10:38:48 katie named[18064]: using default UDP/IPv4 port range: [1024, 65535]
Jul 21 10:38:48 katie named[18064]: using default UDP/IPv6 port range: [1024, 65535]
Jul 21 10:38:48 katie named[18064]: listening on IPv6 interfaces, port 53
Jul 21 10:38:48 katie named[18064]: listening on IPv4 interface lo, 127.0.0.1#53
Jul 21 10:38:48 katie named[18064]: listening on IPv4 interface lo, 127.0.0.2#53
Jul 21 10:38:48 katie named[18064]: listening on IPv4 interface eth0, 192.168.1.17#53
Jul 21 10:38:48 katie named[18064]: generating session key for dynamic DNS

Again, every conclusion youi come to must (if possible ny any means) be supported by the technical facts that brought you to that conclusion. Only then we can see if we come to the same conclusions.

Thus, when you say “it won’t start” we want to see the facts that brought yopu to that conclusion. I guess you used things like:

ps -ef | grep named

and the same as before:

netstat -tulp | grep domain

On 2013-07-20 15:56, hcvv wrote:
>
> It will be a bit difficult for many people to help you because you use
> an unsupported version of openSUSE. Thus people can not try to do the
> same as you did in the hope to recreate the problem at their systems.

Huh, 11.4 is still supported, as Evergreen.

cgcenet: you need this:
openSUSE:Evergreen

Cheers / Saludos,

Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)

On 2013-07-20 15:46, cgcenet wrote:
>
> No, there is no chroot set up at all.
>

Please run:


cat /etc/sysconfig/named | egrep -v "^:space:]]*$|^#"


Cheers / Saludos,

Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)

Results of both commands indicate named is not running.

Whenever you setup a Network Service that provides a Service on your network, you will need to listen to incoming traffic.

So,
Double-check to make sure your FW is configured to permit incoming packets for that Service.

Remember also you can always doublecheck service functionality by runniing Telnet from a remote machine querying the specific port.

So, SOP when installing and running a new Network Service

  1. Install
  2. Start the service and be certain it’s configured to start on boot. You can do this either with the YAST runlevels applet or if you are running a later version of openSUSE you now have a standardized way to configure using systemctl start|enable.
  3. Doublecheck your FW. Some installations will automatically configure your FW, others won’t so you always need to verify.

HTH,
TSU

On 2013-07-21 23:26, tsu2 wrote:
>
> Whenever you setup a Network Service that provides a Service on your
> network, you will need to listen to incoming traffic.

None of that would cause named not to start, which is his problem.


Cheers / Saludos,

Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)

You’re right. I skimmed the thread tooo quickly.

Dnsmasq and anything else which might be using port 53 shouldn’t just be stopped, it should be uninstalled altogether. Or, configured for a different port.

TSU

Thanks for that, it was chrooted. I changed the relevant line to read

NAMED_RUN_CHROOTED="no"

named now works !! :)Also thanks for the link to Evergreen, I’ve added this to my repositories and it’s now up to date.Sorry for delay in response; busy during the working week so don’t get the chance to modify my server at home…