I just recently did a full install of Fedora Core I
(over RH 7.1, possibly not the best move) and I've
having serious problems with named/DNS.
I had thought that there was a problem with the name
servers being registered with IEDR, but that doesn't
seem to be the case.
The named process is running and listening but nothing
in mydomain resolves. It was working for a few days
after (so I don't see how it could be the config
files) I configured it after installing Fedora but it
went down and I haven't been able to get it working
since.
After attempting to re-register the nameservers with
IEDR I'm getting the following message from them:
OK: 09:45:43 UTC on Fri 7 May 2004
OK: Verifying zone mydomain.ie.
OK: Starting verification from server 194.x.x.x
OK: Requesting NS list for zone mydomain.ie. from
194.x.x.x
OK: No NS list in 'answer' section; checking
'authority' section
FATAL: Empty NS list found for zone mydomain.ie. from
194.x.x.x
OK: Querying server 194.x.x.x as 194.x.x.x
FATAL: No authoritative answers obtained
FATAL: Verification failed for zone mydomain.ie.
FATAL: 09:45:43 GMT on Fri 7 May 2004
_____________________________________________
rndc -s host reload
tail -f /var/log/messages
May 7 08:35:21 leviathan named[22884]: loading
configuration from '/etc/named.conf'
May 7 08:35:21 leviathan named[22884]: no IPv6
interfaces found
May 7 08:35:46 leviathan named[22884]: lame server
resolving 'www.mydomain.ie' (in 'mydomain.ie'?):
194.x.x.x#53
May 7 08:35:46 leviathan last message repeated 2
times
ps auxw|less
named 22884 0.0 1.4 40824 3636 ? May06 0:56
/usr/sbin/named -u named -t /var/named/chroot
Here's named.conf:
// generated by named-bootconf.pl
options {
directory "/var/named";
/*
* If there is a firewall between you and
nameservers you want
* to talk to, you might need to uncomment the
query-source
* directive below. Previous versions of BIND
always asked
* questions using port 53, but BIND 8.1 uses
an unprivileged
* port by default.
*/
//query-source address * port 53;
};
//
// File: named.boot
// Purpose: give the DNS its startup parameters and
// list of startup files.
//
//
//
//
// XFRNETS parameter limits the transfer of zone
information
// to machines matching the subnet wildcard/mask
entries listed
//
//
// XFRNETS
//
// establish a loopback entry for this machine, and
tell
// it to load its identity from db.127.0.0
//
zone "0.0.127.IN-ADDR.ARPA" {
type master;
file "db.127.0.0";
};
//
// set ourselves as primary server for the zone
//
zone "mydomain.ie" {
type master;
file "db.zoneinfo";
};
//
// provide reverse address-to-host mapping
//
zone "x.x.194.in-addr.arpa" {
type master;
file "db.194.x.x";
};
//
// prime the DNS with root server 'hint' information
//
zone "." {
type hint;
file "db.cache";
};
logging {
category lame-servers{null;};
};
key rndc {
algorithm hmac-md5 ;
secret "x";
};
controls {
inet 127.0.0.1 allow { localhost; } keys
{rndc; };
};
Here's /var/named/db.zoneinfo:
$ORIGIN .
$TTL 172800 ; 2 days
mydomain.ie IN SOA host.mydomain.ie.
hostmaster.mydomain.ie. (
1998062504 ; serial
21600 ; refresh
(6 hours)
7200 ; retry (2
hours)
1209600 ; expire (2
weeks)
172800 ; minimum
(2 days)
)
NS ns.isi.ie
NS ns2.esat.net
NS titan.mydomain.ie.
NS leviathan.mydomain.ie.
A 194.x.x.x
MX 5 GPO.mydomain.ie.
MX 10 mxbackup.iol.net.
MX 50 relay.pipex.net.
$ORIGIN mydomain.ie.
calisto A 194.x.x.2
MX 1 leviathan
$ORIGIN mydomain.ie.
defunct A 194.x.x.111
ftp CNAME leviathan
$ORIGIN mydomain.ie.
GPO CNAME leviathan
$ORIGIN mydomain.ie.
keeper A 194.x.x.112
leviathan A 194.x.x.x
MX 5 GPO
MX 10 mail.iol.ie.
MX 50 relay.pipex.net.
localhost A 127.0.0.1
mail CNAME leviathan
$ORIGIN mydomain.ie.
ns CNAME leviathan
$ORIGIN mydomain.ie.
titan CNAME leviathan
ww2 CNAME leviathan
www CNAME leviathan
Here's /var/named/db.194.x.x
$TTL 172800 ; 2 days
x.x.194.in-addr.arpa. IN SOA
leviathan.mydomain.ie. hostmaster.mydomain.ie. (
1998062504 ; serial
21600 ; refresh
(6 hours)
7200 ; retry (2
hours)
1209600 ; expire (2
weeks)
172800) ; minimum
(2 days)
NS ns.isi.ie
NS ns2.esat.net
NS leviathan.mydomain.ie.
NS calisto.mydomain.ie
>From the secondary DNS server:
/etc/rc.d/init.d/named restart
Stopping named:
[ OK ]
Starting named:
[ OK ]
[root at calisto root]# tail -f /var/log/messages
May 7 13:07:31 calisto named[23381]: zone
mydomain.ie/IN: expired
May 7 13:07:31 calisto named[23381]: zone
x.x.194.in-addr.arpa/IN: refresh: non-authoritative
answer from master 194.x.x.x#53
May 7 13:07:31 calisto named[23381]: zone
irelands-web.ie/IN: refresh: non-authoritative answer
from master 194.125.22.1#53
Anyway, not sure where to go from here and any help
greatly appreciated.
TIA
Chris
__________________________________
Do you Yahoo!?
Win a $20,000 Career Makeover at Yahoo! HotJobs
http://hotjobs.sweepstakes.yahoo.com/careermakeover
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
