Bind9 minimal zone configuration seems not working

Question

I have installed bind9 on debian squeeze. This is my named.conf.local file:

options {
    directory "/var/cache/bind";
    auth-nxdomain no;
    listen-on { any; };
    listen-on-v6 { any; };
};

zone "devhub.pl" IN {
    type master;
    file "db.devhub";
};

And this is my zone file:

$TTL 3h

devhub.pl. IN SOA ns1.devhub.pl. root.devhub.pl. (
    2012051201 ; serial
    3h ; refresh
    1h ; retry
    1w ; expire
    1h ) ; negative caching

    IN NS ns1.devhub.pl.
    IN NS ns2.devhub.pl.

ns1.devhub.pl. IN A 193.93.207.231
ns2.devhub.pl. IN A 193.93.207.231

www IN CNAME devhub.pl.

named-checkconf and named-checkzone report that all it's ok, but when I'm trying to setup external DNS as

ns1.devhub.pl -> 193.93.207.231
ns2.devhub.pl -> 193.93.207.231

my provider's admin panel show some error like this:

dns1: ns1.devhub.pl server isn't configured for devhub.pl domain. Please contact admin...
dns2: ns2.devhub.pl server isn't configured for devhub.pl domain. Please contact admin...

What I'm missing? Any suggestions?

And logs:

starting BIND 9.7.3 -u bind -t /var/jail/bind
built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-dlz-postgres=no' '--with-dlz-mysql=no' '--with-dlz-bdb=yes' '--with-dlz-filesystem=yes' '--with-dlz-ldap=yes' '--with-dlz-stub=yes' '--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2' 'LDFLAGS=' 'CPPFLAGS='
adjusted limit on open files from 1024 to 1048576
found 2 CPUs, using 2 worker threads
using up to 4096 sockets
loading configuration from '/etc/bind/named.conf'
reading built-in trusted keys from file '/etc/bind/bind.keys'
using default UDP/IPv4 port range: [1024, 65535]
using default UDP/IPv6 port range: [1024, 65535]
listening on IPv6 interfaces, port 53
binding TCP socket: address in use
listening on IPv4 interface lo, 127.0.0.1#53
binding TCP socket: address in use
listening on IPv4 interface eth0, 172.16.7.1#53
binding TCP socket: address in use
listening on IPv4 interface eth1, 193.93.207.231#53
binding TCP socket: address in use
generating session key for dynamic DNS
set up managed keys zone for view _default, file 'managed-keys.bind'
automatic empty zone: 254.169.IN-ADDR.ARPA
automatic empty zone: 2.0.192.IN-ADDR.ARPA
automatic empty zone: 100.51.198.IN-ADDR.ARPA
automatic empty zone: 113.0.203.IN-ADDR.ARPA
automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
automatic empty zone: D.F.IP6.ARPA
automatic empty zone: 8.E.F.IP6.ARPA
automatic empty zone: 9.E.F.IP6.ARPA
automatic empty zone: A.E.F.IP6.ARPA
automatic empty zone: B.E.F.IP6.ARPA
automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
couldn't add command channel 127.0.0.1#953: address in use
couldn't add command channel ::1#953: address in use
zone 0.in-addr.arpa/IN: loaded serial 1
zone 127.in-addr.arpa/IN: loaded serial 1
zone 255.in-addr.arpa/IN: loaded serial 1
zone localhost/IN: loaded serial 2
zone devhub.pl/IN: loaded serial 2012051201
managed-keys-zone ./IN: loading from master file managed-keys.bind failed: file not found
managed-keys-zone ./IN: loaded serial 0
zone devhub.pl/IN: sending notifies (serial 2012051201)
running

What about this address in use - is it problem?

BTW bind is chrooted and running /etc/init.d/bind9 start and then /etc/init.d/bind9 status says could not access PID file for bind9 ... failed!

score 1 · Answer 1 · answered May 12 '12 at 20:25

1

Have you checked your logs in /var/log/syslog?

Also, Have a look at http://wiki.debian.org/Bind9#Configuration.

Finally, one thing that I have in my /etc/named.conf that you don't have is an Options section, like this: (Granted, I'm running CentOS, not Debian, but Bind9 is Bind9. You probably need to tell it the actual path (with the directory set inside options) of your zone files, if they're in a different directory).

    options
{
                directory "/var/named"; // the default
                recursion no;
                listen-on { localhost; 127.0.0.1; My Public IP Address; };
                allow-transfer {My Slave DNS Server;};
};

                zone "domain.com" {
                type master;
                file "domain.com.db";
                };

And then of course, my zone files (I have lots of domains I provide NS for) are in /var/named/.

answered May 12 '12 at 20:25

David W

3,405
5
34
61

I have not another server, so I use as `ns2` same address like `ns1`. So `allow-transfer` is required? – kbec May 12 '12 at 20:36
No you don't need allow transfer for your setup to works, although if you had a real DNS setup like David mentioned you would probably want to allow transfers between them. – gparent May 12 '12 at 20:45
Correct, as gparent mentioned, you don't necessarily "have" to have a second NS, but this is standard practice. Having two different nameservers is also an RFC requirement, although I don't know the RFC # or section off hand (have a look at http://www.iana.org/procedures/nameserver-requirements.html). – David W May 12 '12 at 21:00
So what I can do if I don't have another machine yet and want only test/learn nameserving? – kbec May 12 '12 at 21:06
Just continue to do what you're doing. :) It is technically possible to do exactly what you're doing - run only 1 nameserver. I just wouldn't recommend doing this in a production environment. :) – David W May 12 '12 at 21:09
If you just want to learn you can basically run your own internet in VMs. `.` is a zone, you could delegate `.com` and then `example.com` and so on. Also obviously if this is for a real domain you'll have to tell your domain name provider to set your two nameservers to the IP you have above so that the root nameservers are updated. Regarding that, namecheap didn't let me use only one nameserver. I didn't try two nameservers with the same IP, but I suspect they block that as well. – gparent May 13 '12 at 02:48

score 1 · Accepted Answer · answered May 12 '12 at 20:46

1

May 12 22:11:17 mango named[22583]: zone devhub.pl/IN: loading from master file db.devhub failed: file not found

Specify the full path to your file (e.g.: /etc/bind/master/db.devhub is where I would place my file)

answered May 12 '12 at 20:46

gparent

3,561
2
23
28

Thanks, path specified. Log above updated. BTW what is `managed-keys.bind`? – kbec May 12 '12 at 21:00
I don't know but I always get some errors about control channels and managed keys. I'm not running a chrooted setup though. – gparent May 13 '12 at 02:45

Bind9 minimal zone configuration seems not working

2 Answers2