| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] |
Hello all,
Any CentOS people out there with DNS experience?
I am having a hell of an issue configuring dns on a CentOS 4 box which
was installed clean after a drive failure. It is installed in a chroot
and the issues are twofold at this point. It will not do lookups for
anything outside of the domains it is authoritive for, which is a
problem because it is also my secondary mail server. We are getting a
lot of senders address does not resolve errors in the logs for addresses
that I know are good. It is talking and updating the secondary servers
as well. There could be network issues I suppose as it is also flaky.
Most times it will respond if I force it to do a query for something
like ford.ca but then sometimes right after a successful query, I will
get a server can't be reached error. It isn't a network at large error
because I can still get the web sites that are hosted on the same box.
The other, and perhaps even more puzzling issue is one of permissions. I
made a backup of the primary domain file folder and renamed it to
something else. I then created a new folder and copied in my zone files
from the backup. They had the same permissions as the files in the
backup folder but I kept getting startup errors saying could not load
zone file .. permission denied. When I restored the backup folder again,
the permissions went away. Very curious and very frustrating.
There is no difference in the actual Bind program between a caching
server and a primary name server is there?
I will summarize if I can get this straightened out.
a bit of my named.conf to follow.
thanks
Dave
acl "secondary" { server1; server2; };
logging {
channel "default_syslog" {
// Send most of the named messages to syslog.
syslog local2;
severity debug;
};
channel "audit_log" {
file "/var/named/data/nameddbg" versions 2 size 50m;
print-time yes;
print-category yes;
print-severity yes;
};
category lame-servers { null; };
category default { default_syslog; };
category general { default_syslog; };
category config { default_syslog; };
category security { audit_log; };
category resolver { audit_log; };
category network { audit_log; };
category xfer-in { audit_log; };
category xfer-out { audit_log; };
category queries { audit_log; };
category update { audit_log; };
};
options {
directory "/var/named";
pid-file "/var/run/named/named.pid";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
transfer-format many-answers;
version "[secured]";
zone-statistics yes;
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
//query-source address * port 53;
};
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.root";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone
"0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa"
IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
// ZUKA DOMAINS
zone "97-102.39.244.204.in-addr.arpa" {
type master;
file "primary/db.97-102.39.244.204";
allow-update { secondary; };
allow-query { any; };
};
zone "151.243.199.in-addr.arpa" {
type master;
file "primary/db.zuka.151.243.199";
allow-update { secondary; };
allow-query { any; };
};
zone "zuka.net" {
type master;
file "primary/zuka.net";
allow-update { secondary; };
allow-query { any; };
};
_______________________________________________
LinuxManagers mailing list - http://www.linuxmanagers.org
submissions: LinuxManagers@xxxxxxxxxxxxxxxxx
subscribe/unsubscribe: http://www.linuxmanagers.org/mailman/listinfo/linuxmanagers
[Home] [Kernel List] [Linux SCSI] [Video 4 Linux] [Linux Admin] [Yosemite News] [Motherboards]