| View previous topic :: View next topic |
| Author |
Message |
misterLu
Guru
Joined: 14 Sep 2003
Posts: 430
Location: Poland
|
 Posted: Thu Apr 01, 2004 7:36 am Post subject: bind doesn't start |
 |
|
As in subject, my bind doesn't wont to start:
| Code: |
# ls -l /var/run/named/
total 0
mail root # /etc/init.d/named status
* status: started
mail root # /etc/init.d/named stop
* Stopping named... [ !! ]
mail root # /etc/init.d/named restart
* Stopping named... [ !! ]
* WARNING: "named" has already been started.
|
and my /etc/bind/named.conf
| Code: |
options {
directory "/var/bind";
// uncomment the following lines to turn on DNS forwarding,
// and change the forwarind ip address(es) :
forward only;
forwarders {
212.33.64.2;
213.25.200.5;
};
listen-on-v6 { none; };
listen-on { eth0; };
// to allow only specific hosts to use the DNS server:
allow-query {
lu;
192.168.99.1;
192.168.99.2;
};
// if you have problems and are behind a firewall:
//query-source address * port 53;
pid-file "/var/run/named/named.pid";
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "pri/localhost.zone";
allow-update { none; };
notify no;
};
zone "127.in-addr.arpa" IN {
type master;
file "pri/127.zone";
allow-update { none; };
notify no;
}; |
any suggestions ? |
|
| Back to top |
|
 |
Chris W
l33t
Joined: 25 Jun 2002
Posts: 972
Location: Brisbane, Australia
|
| Posted: Thu Apr 01, 2004 8:23 am Post subject: |
|
|
The | Code: | allow-query {
lu;
192.168.99.1;
192.168.99.2;
}; |
may be suspect. Are host names permitted as access-elements in the named.conf allow-query{...} section?
What output is going in to /var/log/daemon.log (or the equivalent)?
What do you get if you run named manually? | Code: | | # /usr/sbin/named -g -u named -n 1 |
Are you trying to run in a chroot jail? Are the configuration files in the correct place for this? Have you run the config action from the ebuild?
_________________
Cheers,
Chris W
"Common sense: The collection of prejudices acquired by age 18." -- Einstein |
|
| Back to top |
|
|
zeky
Guru
Joined: 24 Feb 2003
Posts: 470
Location: Vukojebina, Europe
|
| Posted: Thu Apr 01, 2004 12:20 pm Post subject: |
|
|
What does your syslogger have to say about this?
Paste some lines.
_________________
Beat your dick like it owes you money |
|
| Back to top |
|
|
misterLu
Guru
Joined: 14 Sep 2003
Posts: 430
Location: Poland
|
| Posted: Thu Apr 01, 2004 2:16 pm Post subject: |
|
|
Now I have only "localhost" in my /etc/resolv.conf on my server (just to check if it works).
When I start named, i can see in my /var/log/everything/current :
| Code: |
Apr 1 16:10:22 [named] starting BIND 9.2.2 -u named -n 1
Apr 1 16:10:22 [named] using 1 CPU
Apr 1 16:10:22 [named] loading configuration from '/etc/bind/named.conf'
Apr 1 16:10:22 [named] listening on IPv4 interface eth0, 192.168.99.2#53
Apr 1 16:10:22 [named] command channel listening on 127.0.0.1#953
Apr 1 16:10:22 [named] zone 127.in-addr.arpa/IN: loaded serial 2002081601
Apr 1 16:10:22 [named] zone localhost/IN: loaded serial 2002081601
Apr 1 16:10:22 [named] running
|
And when I try to relosve any address , being logged on the server, a can't 
| Code: |
# dig gentoo.org
; <<>> DiG 9.2.2 <<>> gentoo.org
;; global options: printcmd
;; connection timed out; no servers could be reached
|
Nothing new in log file
So now I can start my bind, but I can't query it |
|
| Back to top |
|
|
Chris W
l33t
Joined: 25 Jun 2002
Posts: 972
Location: Brisbane, Australia
|
| Posted: Thu Apr 01, 2004 10:11 pm Post subject: |
|
|
Your bind instance is starting and running as configured.
From the log output the DNS server only seems to be listening on 192.168.99.2 (presumably eth0). This is also evident (in hindsight) in your configuration file. If you try to connect to localhost (127.0.0.1) then your connection won't succeed. Try: | Code: | | # dig @192.168.99.2 gentoo.org |
to test if this is the problem. To correct this problem, you want to also listen on interface lo: | Code: | | listen-on { eth0; lo; }; |
_________________
Cheers,
Chris W
"Common sense: The collection of prejudices acquired by age 18." -- Einstein |
|
| Back to top |
|
|
zeky
Guru
Joined: 24 Feb 2003
Posts: 470
Location: Vukojebina, Europe
|
| Posted: Fri Apr 02, 2004 8:07 am Post subject: |
|
|
What do you have in your /etc/resolv.conf?
Do you want to run your own DNS server, or just caching DNS server for you?
_________________
Beat your dick like it owes you money |
|
| Back to top |
|
|
misterLu
Guru
Joined: 14 Sep 2003
Posts: 430
Location: Poland
|
| Posted: Fri Apr 02, 2004 10:27 am Post subject: |
|
|
I want to have my own DNS server.
Now I have in my resolv.conf :
nameserver localhost
nameserver 212.33.64.2
nameserver 213.25.200.5
But when comment out two last servers, no nama is resolved, so I know that named doesn't work |
|
| Back to top |
|
|
nikolei
n00b
Joined: 15 Dec 2003
Posts: 37
|
| Posted: Fri Apr 02, 2004 10:45 am Post subject: |
|
|
hi,
looks to me like named is started, but the pid file was not created or created in a directory other used in your init script. when you try to stop the service, the pid file cannot be found and the sevice cannot be stoped. the service cannot be started, because it is already running and the port is used.
nikolei |
|
| Back to top |
|
|
misterLu
Guru
Joined: 14 Sep 2003
Posts: 430
Location: Poland
|
| Posted: Fri Apr 02, 2004 10:55 am Post subject: |
|
|
Now everything seems to be OK, I have in my named.conf:
| Code: |
options {
directory "/var/bind";
// uncomment the following lines to turn on DNS forwarding,
// and change the forwarind ip address(es) :
//forward first;
//forwarders {
// 212.33.64.2;
// 213.25.200.5;
//};
listen-on-v6 { none; };
listen-on { 192.168.99.2; 127.0.0.1; };
// to allow only specific hosts to use the DNS server:
allow-query {
192.168.99.1;
192.168.99.2;
127.0.0.1;
};
// if you have problems and are behind a firewall:
//query-source address * port 53;
pid-file "/var/run/named/named.pid";
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "pri/localhost.zone";
allow-update { none; };
notify no;
};
zone "127.in-addr.arpa" IN {
type master;
file "pri/127.zone";
allow-update { none; };
notify no;
};
|
The problem was that when i started it like '/etc/init.d/named start' I DIDN'T see errors, and named was written as started, but ti wasn't due to errors . Even named-checkconf DIDN'T report theese errors. Only when I run 'named -g -u named -n 1' i was able to realize , that there were errors in conf.file:
# named -g -u named -n 1
Apr 02 12:36:32.650 starting BIND 9.2.2 -g -u named -n 1
Apr 02 12:36:32.651 using 1 CPU
Apr 02 12:36:32.660 loading configuration from '/etc/bind/named.conf'
Apr 02 12:36:32.663 /etc/bind/named.conf:14: undefined ACL 'lo'
Apr 02 12:36:32.663 not listening on any interfaces
Apr 02 12:36:32.673 command channel listening on 127.0.0.1#953
Apr 02 12:36:32.674 ignoring config file logging statement due to -g option
Apr 02 12:36:32.677 zone 127.in-addr.arpa/IN: loaded serial 2002081601
Apr 02 12:36:32.679 zone localhost/IN: loaded serial 2002081601
Apr 02 12:36:32.680 running
Apr 02 12:36:46.908 shutting down
Apr 02 12:36:46.908 stopping command channel on 127.0.0.1#953
Apr 02 12:36:46.914 exiting
So I've changed my conf file (as above) and now everythig is OK.
But I have one last question:
when I uncomment those lines:
//forward first;
//forwarders {
// 212.33.64.2;
// 213.25.200.5;
//};
my DNS works fine too, but what is the difference ? |
|
| Back to top |
|
|
|
Networking & Security
