bind newb needing guidance
Nick Jones
nicholas-jones at uiowa.edu
Tue Sep 12 19:27:23 UTC 2006
Hello everyone, I've been trying to configure bind with webmin at get
it working persistently through a reboot. Basically I had DNS working
with bind 8, then I rebooted my XServe running Yellow dog. DNS was no
longer working, I noticed the process named was in fact running, so
tried to remove the /etc/named.conf and recreate the whole thing using
webmin. This got it working, although now I don't know why, because
deleting the named.conf and starting over no longer does the trick.
A major part of the problem is that I can't figure out where this
thing logs information. All I've been able to find is useless log
information in messages (syslogd).
tail /var/log/messages
Sep 12 13:34:22 localhost named[23691]: the key 'rndckey' is too short
to be secure
Sep 12 13:34:22 localhost named[23691]: the key 'rndckey' is too short
to be secure
Sep 12 13:40:51 localhost named[23691]: loading configuration from
'/etc/named.conf'
Sep 12 13:40:51 localhost named[23691]: the key 'rndckey' is too short
to be secure
Sep 12 13:40:51 localhost named[23691]: the key 'rndckey' is too short
to be secure
Sep 12 13:41:14 localhost named[23691]: loading configuration from
'/etc/named.conf'
Sep 12 13:41:14 localhost named[23691]: the key 'rndckey' is too short
to be secure
Sep 12 13:41:14 localhost named[23691]: the key 'rndckey' is too short
to be secure
Sep 12 14:06:45 localhost named[23691]: loading configuration from
'/etc/named.conf'
Sep 12 14:06:45 localhost named[23691]: the key 'rndckey' is too short
to be secure
ie. useless
These look like just annoying, pointless messages. rndckey was
created by webmin, so not sure why it's not secure.
I want log information that gives me some indication as to why i get
"Host lcn.gige.uiowa.edu not found: 3(NXDOMAIN)" instead of an
address. I have a client pointing to this host's DNS that fails and
the server that runs DNS pointing to 127.0.0.1 that fails at resolving
as well. Here are my config files.
named.conf
options {
directory "/etc";
pid-file "/var/run/named.pid";
};
zone "." {
type hint;
file "/etc/db.cache";
};
zone "gige.uiowa.edu" {
type master;
file "/etc/gige.uiowa.edu.hosts";
};
zone "0.10.10.in-addr.arpa" {
type master;
file "/etc/10.10.0.rev";
};
controls {
inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { rndc-key; };
};
logging {
channel all_info {
file "/var/log/named.log";
severity debug 2;
print-severity yes;
};
category default {
all_info;
};
};
key rndc-key {
algorithm hmac-md5;
secret "DMwaMWNnWjvuQ69JR6c5AQ==";
};
zone "." {
type hint;
file "/etc/rootdns";
};
gige.uiowa.edu.hosts
gige.uiowa.edu. IN SOA lcn.gige.uiowa.edu. nicholas-jones.uiowa.edu. (
1158085878
10800
3600
604800
30M )
gige.uiowa.edu. IN NS lcn.gige.uiowa.edu.
gige.uiowa.edu. IN A 10.10.0.19
adams.gige.uiowa.edu. IN A 10.10.0.55
lcn.gige.uiowa.edu. IN A 10.10.0.19
10.10.0.rev
0.10.10.in-addr.arpa. IN SOA 10.10.0.19. nicholas-jones.uiowa.edu. (
1158085892
10800
3600
604800
30M )
0.10.10.in-addr.arpa. IN NS 10.10.0.19.
19.0.10.10.in-addr.arpa. IN PTR gige.uiowa.edu.
55.0.10.10.in-addr.arpa. IN PTR adams.gige.uiowa.edu.
[root at localhost log]# ps -A | grep named
23691 ? 00:00:00 named
[root at localhost log]# ls -l /var/run/named.pid
lrwxrwxrwx 1 root root 41 Sep 12 13:34 /var/run/named.pid ->
/var/named/chroot/var/run/named/named.pid
[root at localhost log]# ls -l /var/named/chroot/var/run/named/named.pid
-rw-r--r-- 1 named named 6 Sep 12 14:06
/var/named/chroot/var/run/named/named.pid
Anybody see any problems??
If webmin is the problem, please tell me (if you know) how to modify
the above files so that it works. Also, how did a problem like "turn
this hostname into an IP" get solved by implementing configuration
nightmare that is BIND instead of something much easier to configure.
I mean there should be a default where all you do is enter basic info
along with the mappings, and if you want to get more complicated than
that, well, it may be tough going to configure, but at least you have
a base/default state that works for testing. Anyway that's my bind
rant, and probably a lot of people's bind rant.
Thanks
Nick
More information about the bind-users
mailing list