|
OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below. |
|
Thread Tools | Display Modes |
|
|||
Problems setting up Bind
I'm trying to setup bind for my home lan but I'm hitting a wall with this.
I've gotten so far that named starts and simple queries work (like google) but log has some errors which I've tried to fix in vain. For starters I'm not sure about those reverse addresses. I think its some obvious mistake in the configs but I can't seem to figure it out, any help would be appreciated. Log output snippet: Code:
Feb 17 23:25:21 hydra named[9602]: master/db.192.168.1:9: ignoring out-of-zone data (wickedbsd.net) Feb 17 23:25:21 hydra named[9602]: zone 1.168.192.in-addr.arpa/IN: has no NS records Feb 17 23:25:21 hydra named[9602]: master/db.192.168.1.32:9: ignoring out-of-zone data (wickedbsd.net) Feb 17 23:25:21 hydra named[9602]: master/db.192.168.1.32:10: ignoring out-of-zone data (33.1.168.192.in-addr.arpa) Feb 17 23:25:21 hydra named[9602]: zone 32.1.168.192.in-addr.arpa/IN: has no NS records Code:
re1: 192.168.1.1 255.255.255.224 rum0: 192.168.1.33 255.255.255.224 Code:
zone "1.168.192.in-addr.arpa" in { type master; file "master/db.192.168.1"; }; zone "32.1.168.192.in-addr.arpa" in { type master; file "master/db.192.168.1.32"; }; zone "wickedbsd.net" { type master; file "master/db.wickedbsd.net"; }; Code:
$TTL 3h wickedbsd.net. IN SOA hydra.wickedbsd.net. root.hydra.wickedbsd.net. ( 1 ; Serial 3h ; Refresh after 3 hours 1h ; Retry after 1 hour 1w ; Expire after 1 week 1h ) ; Negative caching TTL of 1 hour wickedbsd.net. IN NS hydra.wickedbsd.net. localhost.wickedbsd.net. IN A 127.0.0.1 hydra.wickedbsd.net. IN A 192.168.1.1 hydra.wickedbsd.net. IN A 192.168.1.33 wickedbsd.net. IN MX 10 hydra.wickedbsd.net. www.wickedbsd.net. IN CNAME hydra.wickedbsd.net. ftp.wickedbsd.net. IN CNAME hydra.wickedbsd.net. mail.wickedbsd.net. IN CNAME hydra.wickedbsd.net. lan.wickedbsd.net. IN A 192.168.1.1 wlan.wickedbsd.net. IN A 192.168.1.33 Code:
$TTL 3h 1.168.192.in-addr.arpa. IN SOA hydra.wickedbsd.net. root.hydra.wickedbsd.net. ( 1 ; Serial 3h ; Refresh after 3 hours 1h ; Retry after 1 hour 1w ; Expire after 1 week 1h ) ; Negative caching TTL of 1 hour wickedbsd.net. IN NS hydra.wickedbsd.net. 1.1.168.192.in-addr.arpa. IN PTR hydra.wickedbsd.net. Code:
$TTL 3h 32.1.168.192.in-addr.arpa. IN SOA hydra.wickedbsd.net. root.hydra.wickedbsd.net. ( 1 ; Serial 3h ; Refresh after 3 hours 1h ; Retry after 1 hour 1w ; Expire after 1 week 1h ) ; Negative caching TTL of 1 hour wickedbsd.net. IN NS hydra.wickedbsd.net. 33.1.168.192.in-addr.arpa. IN PTR hydra.wickedbsd.net. |
|
|||
To start with named[9602]: master/db.192.168.1.32:10: ignoring out-of-zone data (33.1.168.192.in-addr.arpa)
You cannot define the reverse of 192.168.1.33 in a 192.168.1.32 reverse zone file. Why do you use two .in-addr.arpa zones? Just use one 1.168.192.in-addr.arpa zone for both the 1 and 33 addresses. Re: checking zone files From the named man page Code:
SEE ALSO RFC 1033, RFC 1034, RFC 1035, named-checkconf(8), named-checkzone(8), rndc(8), lwresd(8), named.conf(5), BIND 9 Administrator Reference Manual. But let me first suggest the following revision of your zone file: Code:
$TTL 3h @ IN SOA hydra.wickedbsd.net. root.hydra.wickedbsd.net. ( 1 ; Serial 3h ; Refresh after 3 hours 1h ; Retry after 1 hour 1w ; Expire after 1 week 1h ) ; Negative caching TTL of 1 hour IN NS hydra.wickedbsd.net. IN MX 10 hydra.wickedbsd.net. localhost IN A 127.0.0.1 lan IN A 192.168.1.1 hydra IN A 192.168.1.33 www IN A 192.168.1.33 ftp IN A 192.168.1.33 mail IN A 192.168.1.33 wlan IN A 192.168.1.33 ;; end of zone ;; My first run of named-checkzone Code:
$ named-checkzone wickedbsd.net wickedbsd.net dns_rdata_fromtext: wickedbsd.net:17: near '192.168,1.33': bad dotted quad zone wickedbsd.net/IN: loading from master file wickedbsd.net failed: bad dotted quad Code:
]$ named-checkzone wickedbsd.net wickedbsd.net zone wickedbsd.net/IN: loaded serial 1 OK
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
Yes, you may be picky, but I even did not look at the serial, I just copied from OP
I prefer to use tinydns , where you don't have to handle things like that.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
Thanks for your replies.
I got bind to start properly and seems to work as it should. Good to know that Bind doesn't care about my subnets. I knew those shorter versions existed but I wanted to get the longer version to work before tuning it down. |
Tags |
bind |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
FreeBSD Three FreeBSD security anouncements (Bind, ntpd and ZFS) | J65nko | News | 0 | 6th January 2010 11:30 PM |
Bind-9.5 | Petrocelli08 | FreeBSD Ports and Packages | 6 | 29th January 2009 12:03 AM |
Help secure old BIND on FreeBSD 5.4 | andrewk | FreeBSD Security | 2 | 22nd July 2008 08:12 PM |
squid bind problem | samile | Other BSD and UNIX/UNIX-like | 0 | 11th July 2008 02:13 PM |
BIND as secondary for Windows DNS? | cwhitmore | FreeBSD Installation and Upgrading | 7 | 16th May 2008 01:13 PM |