Bind failing to start on new 9.9.4 server
Robert Moskowitz
rgm at htt-consult.com
Thu Feb 9 15:32:15 UTC 2017
Strange..
On 02/09/2017 09:31 AM, Ray Bellis wrote:
> On 09/02/2017 14:28, Robert Moskowitz wrote:
>> I am migrating to Centos7 from Centos6. Going from Bind 9.8.2 to 9.9.4,
>> I am building this on a new server. I currently do not have DNSSEC
>> enabled, and not enabling it for the initial migration work.
>>
>> I have looked over changes in named.conf and believe I have made the
>> necessary changes. My named.conf is loading as are the zone files.
>> This is what 'systemctl -l status named' shows:
> I'd suggest that you try starting named manually with the '-g' flag so
> that it sends all output to stderr without forking.
>
> This should hopefully reveal why it's failing to start.
Now doing it 'right' and seeing:
09-Feb-2017 09:59:52.191 could not open file '/run/named/named.pid':
Permission denied
09-Feb-2017 09:59:52.192 generating session key for dynamic DNS
09-Feb-2017 09:59:52.192 could not open file '/run/named/session.key':
Permission denied
09-Feb-2017 09:59:52.193 could not create /run/named/session.key
09-Feb-2017 09:59:52.193 failed to generate session key for dynamic DNS:
permission denied
09-Feb-2017 09:59:52.193 sizing zone task pool based on 21 zones
so perhaps some permissions problems? I am su as root.
then after all the auto zones:
09-Feb-2017 09:59:53.682 all zones loaded
09-Feb-2017 09:59:53.690 running
09-Feb-2017 09:59:53.691 zone 128.168.192.in-addr.arpa/IN/internal:
sending notifies (serial 2009031701)
09-Feb-2017 09:59:53.692 zone labs.htt-consult.com/IN/internal: sending
notifies (serial 2015031801)
09-Feb-2017 09:59:53.695 zone home.htt/IN/internal: sending notifies
(serial 2013041501)
09-Feb-2017 09:59:53.719 zone labs.htt-consult.com/IN/external: sending
notifies (serial 2015031801)
09-Feb-2017 09:59:53.726 zone htt-consult.com/IN/external: sending
notifies (serial 2015123001)
09-Feb-2017 09:59:53.732 error (network unreachable) resolving
'ns1.icsl.net/A/IN': 2001:503:c27::2:30#53
09-Feb-2017 09:59:53.734 error (network unreachable) resolving
'./DNSKEY/IN': 2001:503:c27::2:30#53
09-Feb-2017 09:59:53.735 error (network unreachable) resolving
'ns1.icsl.net/AAAA/IN': 2001:503:c27::2:30#53
09-Feb-2017 09:59:53.736 error (network unreachable) resolving
'./NS/IN': 2001:503:c27::2:30#53
09-Feb-2017 09:59:53.818 error (unexpected RCODE REFUSED) resolving
'ns1.icsl.net/A/IN': 12.36.173.2#53
09-Feb-2017 09:59:53.820 error (unexpected RCODE REFUSED) resolving
'ns1.icsl.net/AAAA/IN': 12.36.173.2#53
09-Feb-2017 09:59:53.822 error (unexpected RCODE REFUSED) resolving
'ns2.icsl.net/A/IN': 12.36.173.2#53
09-Feb-2017 09:59:53.843 error (unexpected RCODE REFUSED) resolving
'ns2.icsl.net/AAAA/IN': 12.36.173.2#53
09-Feb-2017 09:59:53.918 error (network unreachable) resolving
'ns1.mudkips.net/A/IN': 2607:f4b8:2600:6::1#53
Now why am I getting network unreachable? I can ping out to a lot of addrs.
More information about the bind-users
mailing list