DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 17th February 2010
Zmyrgel Zmyrgel is offline
Port Guard
 
Join Date: May 2008
Posts: 26
Thanked 0 Times in 0 Posts
Default Problems setting up Bind

I'm trying to setup bind for my home lan but I'm hitting a wall with this.

I've gotten so far that named starts and simple queries work (like google) but log has some errors which I've tried to fix in vain.
For starters I'm not sure about those reverse addresses.

I think its some obvious mistake in the configs but I can't seem to figure it out, any help would be appreciated.

Log output snippet:
Code:
Feb 17 23:25:21 hydra named[9602]: master/db.192.168.1:9: ignoring out-of-zone data (wickedbsd.net)
Feb 17 23:25:21 hydra named[9602]: zone 1.168.192.in-addr.arpa/IN: has no NS records
Feb 17 23:25:21 hydra named[9602]: master/db.192.168.1.32:9: ignoring out-of-zone data (wickedbsd.net)
Feb 17 23:25:21 hydra named[9602]: master/db.192.168.1.32:10: ignoring out-of-zone data (33.1.168.192.in-addr.arpa)
Feb 17 23:25:21 hydra named[9602]: zone 32.1.168.192.in-addr.arpa/IN: has no NS records
interface addresses:
Code:
re1: 192.168.1.1 255.255.255.224
rum0: 192.168.1.33 255.255.255.224
named.conf snippet:
Code:
zone "1.168.192.in-addr.arpa" in {
        type master;
        file "master/db.192.168.1";
};

zone "32.1.168.192.in-addr.arpa" in {
        type master;
        file "master/db.192.168.1.32";
};

zone "wickedbsd.net" {
        type master;
        file "master/db.wickedbsd.net";
};
db.wickedbsd.net:
Code:
$TTL 3h
wickedbsd.net. IN SOA hydra.wickedbsd.net. root.hydra.wickedbsd.net. (
        1        ; Serial
        3h       ; Refresh after 3 hours
        1h       ; Retry after 1 hour
        1w       ; Expire after 1 week
        1h )     ; Negative caching TTL of 1 hour

wickedbsd.net.             IN NS        hydra.wickedbsd.net.
localhost.wickedbsd.net.   IN A         127.0.0.1
hydra.wickedbsd.net.       IN A         192.168.1.1
hydra.wickedbsd.net.       IN A         192.168.1.33
wickedbsd.net.             IN MX    10  hydra.wickedbsd.net.
www.wickedbsd.net.         IN CNAME     hydra.wickedbsd.net.
ftp.wickedbsd.net.         IN CNAME     hydra.wickedbsd.net.
mail.wickedbsd.net.        IN CNAME     hydra.wickedbsd.net.
lan.wickedbsd.net.         IN A         192.168.1.1
wlan.wickedbsd.net.        IN A         192.168.1.33
db.192.168.1
Code:
$TTL 3h
1.168.192.in-addr.arpa. IN SOA hydra.wickedbsd.net. root.hydra.wickedbsd.net. (
        1        ; Serial
        3h       ; Refresh after 3 hours
        1h       ; Retry after 1 hour
        1w       ; Expire after 1 week
        1h )     ; Negative caching TTL of 1 hour

wickedbsd.net.              IN NS   hydra.wickedbsd.net.
1.1.168.192.in-addr.arpa.   IN PTR  hydra.wickedbsd.net.
db.192.168.1.32
Code:
$TTL 3h
32.1.168.192.in-addr.arpa. IN SOA hydra.wickedbsd.net. root.hydra.wickedbsd.net. (
        1        ; Serial
        3h       ; Refresh after 3 hours
        1h       ; Retry after 1 hour
        1w       ; Expire after 1 week
        1h )     ; Negative caching TTL of 1 hour

wickedbsd.net.              IN NS   hydra.wickedbsd.net.
33.1.168.192.in-addr.arpa.  IN PTR  hydra.wickedbsd.net.
Reply With Quote
  #2   (View Single Post)  
Old 17th February 2010
DutchDaemon's Avatar
DutchDaemon DutchDaemon is offline
Real Name: Ben
Spam Refugee
 
Join Date: Jul 2008
Location: Rotterdam, The Netherlands
Posts: 337
Thanked 32 Times in 30 Posts
Default

1)

This does not belong in your reverse zonefile:

Code:
wickedbsd.net.              IN NS   hydra.wickedbsd.net.
Simply make that:

Code:
                              IN NS   hydra.wickedbsd.net.
2)

Put all of the PTR records in your 192.168.1.x zone in one zone file (your current db.192.168.1):

Code:
$TTL 3h
1.168.192.in-addr.arpa. IN SOA hydra.wickedbsd.net. root.hydra.wickedbsd.net. (
        1        ; Serial
        3h       ; Refresh after 3 hours
        1h       ; Retry after 1 hour
        1w       ; Expire after 1 week
        1h )     ; Negative caching TTL of 1 hour

                            IN NS   hydra.wickedbsd.net.
1                           IN PTR  hydra.wickedbsd.net.
33                          IN PTR  hydra.wickedbsd.net.
Your zone files don't care about your interfaces or netmasks
Reply With Quote
  #3   (View Single Post)  
Old 17th February 2010
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,118
Thanked 182 Times in 149 Posts
Default

To start with named[9602]: master/db.192.168.1.32:10: ignoring out-of-zone data (33.1.168.192.in-addr.arpa)

You cannot define the reverse of 192.168.1.33 in a 192.168.1.32 reverse zone file.

Why do you use two .in-addr.arpa zones? Just use one 1.168.192.in-addr.arpa zone for both the 1 and 33 addresses.

Re: checking zone files

From the named man page
Code:
SEE ALSO
       RFC 1033, RFC 1034, RFC 1035, named-checkconf(8),
       named-checkzone(8), rndc(8), lwresd(8), named.conf(5),
       BIND 9 Administrator Reference Manual.
So there is a named-checkzone(8) program and man page.

But let me first suggest the following revision of your zone file:

Code:
$TTL 3h
@       IN SOA hydra.wickedbsd.net. root.hydra.wickedbsd.net. (
        1        ; Serial
        3h       ; Refresh after 3 hours
        1h       ; Retry after 1 hour
        1w       ; Expire after 1 week
        1h )     ; Negative caching TTL of 1 hour

                IN NS           hydra.wickedbsd.net.
                IN MX    10     hydra.wickedbsd.net.

localhost       IN A            127.0.0.1

lan             IN A            192.168.1.1
hydra           IN A            192.168.1.33
www             IN A            192.168.1.33
ftp             IN A            192.168.1.33
mail            IN A            192.168.1.33
wlan            IN A            192.168.1.33

;; end of zone
;;
Notice the use of "@" so you don't have to type the "wickedbsd.net." at the end of all host definitions.

My first run of named-checkzone
Code:
$ named-checkzone wickedbsd.net wickedbsd.net  

dns_rdata_fromtext: wickedbsd.net:17: near '192.168,1.33': bad dotted quad
zone wickedbsd.net/IN: loading from master file wickedbsd.net failed: bad dotted quad
I had a comma somewhere in a 192..168.1.33 address. After replacing the comma culprit with the correct period:

Code:
]$ named-checkzone wickedbsd.net wickedbsd.net  
zone wickedbsd.net/IN: loaded serial 1
OK
The first wickedbsd.net is the file name, the second one specifies the zone. In this case they just happened to be the same
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #4   (View Single Post)  
Old 18th February 2010
ai-danno's Avatar
ai-danno ai-danno is offline
Spam Deminer
 
Join Date: May 2008
Location: Boca Raton, Florida
Posts: 284
Thanked 35 Times in 31 Posts
Default

Can I be picky for a sec? For my serials I like yyyymmdd# where "#" is incremented if the file is modified multiple times within a day (or bind won't process the change, right?).
__________________
Network Firefighter
Reply With Quote
  #5   (View Single Post)  
Old 18th February 2010
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,118
Thanked 182 Times in 149 Posts
Default

Yes, you may be picky, but I even did not look at the serial, I just copied from OP

I prefer to use tinydns , where you don't have to handle things like that.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #6   (View Single Post)  
Old 18th February 2010
Zmyrgel Zmyrgel is offline
Port Guard
 
Join Date: May 2008
Posts: 26
Thanked 0 Times in 0 Posts
Default

Thanks for your replies.
I got bind to start properly and seems to work as it should.

Good to know that Bind doesn't care about my subnets.

I knew those shorter versions existed but I wanted to get the longer version to work before tuning it down.
Reply With Quote
Reply

Tags
bind

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
FreeBSD Three FreeBSD security anouncements (Bind, ntpd and ZFS) J65nko News 0 6th January 2010 11:30 PM
Bind-9.5 Petrocelli08 FreeBSD Ports and Packages 6 29th January 2009 12:03 AM
Help secure old BIND on FreeBSD 5.4 andrewk FreeBSD Security 2 22nd July 2008 08:12 PM
squid bind problem samile Other BSD and UNIX/UNIX-like 0 11th July 2008 02:13 PM
BIND as secondary for Windows DNS? cwhitmore FreeBSD Installation and Upgrading 7 16th May 2008 01:13 PM


All times are GMT. The time now is 07:36 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick