named error: expected prefix length near '4'
Benu
flashl at bigfoot.com
Mon Oct 11 19:11:08 UTC 2004
I have been worked religiously for the past four weeks to understand
DNS and get it up and running on my linux box. I have read and re-read
Bind 9 administrator guide (daily), BIND FAQS, and various posts on
the net. Now, I am at the point where I am no longer certain of
anything.
I have a homenetwork with three machines (Fedora Core 2, XP, and
Win2K) using a Belkin router on a Cable Network (Dynamic IP). I
urgently need to move a website from a hosting service.
To prepare for the move of the website, I have been testing my DNS
configuration with a parked domain (rescue911design.com) and free
domain (benu.widge.net) before addressing the live site.
Currently, all seems to be working internally, but I have sporadic
success serving the internal network while accessing the internet.
What have been particularly confusing to me is: there is root domain
information in the cache and a dig command with +norec correctly looks
up the A records for various hosts. I do not understand why the dig
and host commands returns SERVFAIL when the data is in the cache for
the homelan view.
All files passed named-checkconf, and named-checkzone, there are no
complaints in /var/log/messages or audit_log. My configuration files
are:
--/etc/named.conf
// generated by named-bootconf.pl
acl my-nets {
192.168.2.0/24;
127.0.0.1/24;
localhost;
};
acl xfer {
none;
};
acl external-ns {
68.105.161.20; //Cable NS1
68.1.18.25; //Cable NS2
};
acl bogus-net3 {
208.0.0.0/4;
200.0.0.0/5;
196.0.0.0/6;
194.0.0.0/7;
193.0.0.0/8;
};
acl bogus-net2 {
0.0.0.0/3;
16.0.0.0/3;
64.0.0.0/3;
96.0.0.0/3;
128.0.0.0/3;
160.0.0.0/3;
};
acl bogus-net1 {
0.0.0.0/8;
1.0.0.0/8;
2.0.0.0/8;
192.0.2.0/24;
224.0.0.0/3;
10.0.0.0/8;
172.16.0.0/16;
};
logging {
[snip]
};
options {
blackhole {
bogus-net1;
bogus-net2;
bogus-net3;
};
directory "/var/named/";
cleaning-interval 30;
allow-query { "my-nets"; "external-ns"; };
allow-recursion { "my-nets"; };
forward first;
forwarders {
68.105.161.20; //Cable NS1
68.1.18.25; //Cable NS2
};
minimal-responses no;
//notify no;
//query-source address * port 53;
transfer-format many-answers;
version "Guess";
zone-statistics yes;
};
controls {
inet 127.0.0.1 allow {
127.0.0.1;
}
keys {
rndckey;
};
};
include "/etc/rndc.key";
view "homelan" {
additional-from-auth yes;
additional-from-cache yes;
match-clients { "my-nets"; };
recursion yes;
zone "2.168.192.in-addr.arpa" in {
type master;
file "2.168.192.in-addr.arpa.hosts";
allow-query { localnets; };
allow-transfer { localnets; };
forwarders { };
};
zone "blkdiamonds.lan" in {
type master;
file "blkdiamonds.lan.hosts";
allow-query { localnets; };
allow-transfer { localnets; };
};
zone "localhost" in {
type master;
file "named.local";
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "0.0.127.in-addr.arpa.hosts";
allow-query { localnets; };
allow-transfer { xfer; };
notify no;
};
};
view "external-nets" {
additional-from-auth no;
additional-from-cache no;
match-clients { any; };
recursion no;
zone "benu.widge.net" in {
type slave;
file "benu.widge.net.hosts";
masters { 64.49.244.135; 66.216.81.145; };
notify yes;
};
zone "rescue911design.com" {
type slave;
file "rescue911design.com.hosts";
masters { 64.202.167.129; };
notify yes;
};
};
view "external-chaos" chaos {
match-clients { any; };
recursion no;
zone "." {
type hint;
file "/dev/null";
};
zone "bind" {
type master;
file "bind.hosts";
allow-query { "my-nets"; };
allow-transfer { "xfer"; };
};
};
--0.0.127.in-addr.arpa.hosts
$TTL 86400
@ IN SOA ns1.blkdiamonds.lan. root.blkdiamonds.lan. (
200410104 ; serial
28800 ; refresh (8 hours)
7200 ; retry (2 hours)
2419200 ; expire (4 weeks)
86400 ; minimum (1 day)
)
IN NS ns1.blkdiamonds.lan.
1 IN PTR localhost.
--2.168.192.in-addr.arpa.hosts
$TTL 86400 ; 1 day
@ IN SOA ns1.blkdiamonds.lan. root.blkdiamonds.lan. (
2004101001 ; serial
10800 ; refresh (3 hours)
900 ; retry (15 minutes)
604800 ; expire (1 week)
3600 ; minimum (1 hour)
)
NS ns1.blkdiamonds.lan.
;
1 PTR gw.blkdiamonds.lan
2 PTR ftp.blkdiamonds.lan.
PTR ns1.blkdiamonds.lan.
PTR www.blkdiamonds.lan.
PTR roxie.blkdiamonds.lan.
--benu.widge.net.hosts
$ORIGIN .
$TTL 259200 ; 3 days
benu.widge.net. IN SOA ns1.widge.net. root.benu.widge.net. (
200410103 ; serial
28800 ; refresh (8 hours)
7200 ; retry (2 hours)
2419200 ; expire (4 weeks)
86400 ; minimum (1 day)
)
NS ns1.widge.net.
NS ns1.blkdiamonds.lan.
MX 10 mail.benu.widge.net.
$ORIGIN benu.widge.net.
$TTL 259200 ; 3 days
ftp CNAME ns1
gw A 192.168.2.1
HINFO "Belkin" "BEF"
TXT "The router"
localhost A 127.0.0.1
mail CNAME ns1
ns1 A 192.168.2.2
HINFO "Pentium" "Fedora 2.0"
MX 10 mail
www CNAME ns1
--bind.hosts
; @(#)db.bind v1.2 25 JAN 2001 Rob Thomas robt at cymru.com
;
$TTL 1D
@ 1D CHAOS SOA localhost. root.localhost. (
2004100601 ; serial
3H ; refresh
1H ; retry
1W ; expiry
1D ) ; minimum
CHAOS NS localhost.
version.bind. CHAOS TXT "BIND 9.1.3+robhacks"
authors.bind. CHAOS TXT "are better coders than I. :)"
--blkdiamonds.lan.hosts
$ORIGIN .
$TTL 259200 ; 3 days
blkdiamonds.lan. IN SOA ns1.blkdiamonds.lan. root.blkdiamonds.lan. (
200410103 ; serial
28800 ; refresh (8 hours)
7200 ; retry (2 hours)
2419200 ; expire (4 weeks)
86400 ; minimum (1 day)
)
NS ns1.blkdiamonds.lan.
MX 10 mail.blkdiamonds.lan.
$ORIGIN blkdiamonds.lan.
$TTL 21600 ; 6 hours
4X7II6FO4Y A 192.168.2.140
$TTL 259200 ; 3 days
ftp CNAME ns1
gw A 192.168.2.1
HINFO "Belkin" "BEF"
TXT "The router"
localhost A 127.0.0.1
mail CNAME ns1
ns1 A 192.168.2.2
HINFO "Pentium" "Fedora 2.0"
MX 10 mail
www CNAME ns1
--rescue911design.com.hosts
;
; Zone file rescue911design.com
$TTL 3D
rescue911design.com. IN SOA ns1.rescue911design.com.
root.rescue911design.com. (
200410101 ; serial, todays date + todays
serial #
8H ; refresh, seconds
2H ; retry, seconds
4W ; expire, seconds
1D ) ; minimum, seconds
;
NS ns1 ; Inet Address of name server
NS part5.secureserver.net.
NS part6.secureserver.net.
MX 10 mail ; Primary Mail Exchanger
;
ns1 A 192.168.2.2
MX 10 mail
HINFO "Pentium" "Fedora 2.0"
www CNAME ns1
mail CNAME ns1
ftp CNAME ns1
localhost A 127.0.0.1
gw A 192.168.2.1
HINFO "Belkin" "BEF"
TXT "The router"
--/etc/resolv.conf
search blkdiamonds.lan
domain blkdiamonds.lan
nameserver 192.168.2.2
nameserver 68.105.161.20 //ISP DSN
--/etc/resolv.conf2
search blkdiamonds.lan
domain blkdiamonds.lan
nameserver 127.0.0.1
nameserver 192.168.2.2
I will greatly appreciate a nudge in the right direction.
Benu
More information about the bind-users
mailing list