* EDIT 1 * After monkeying with additional debug logging I see some log entries of interest.
27-Jul-2012 23:45:26.537 general: error: zone example.lan/IN/internal: journal rollforward failed: no more
27-Jul-2012 23:45:26.537 general: error: zone example.lan/IN/internal: not loaded due to errors.
^^^ If I can remedy the above messages I think I'll be good to go ^^^
* EDIT 2 * Grasping at straws I touched a forward and a reverse zone journal file and restarted named. Boom! Works. Despite documentation stating the files are created automatically and what I have seen before... dunno why but that did the trick. Also re-checked perms on the dir the files live in. As certain as I was, they were correct with named having rw.
- CentOS 6 (final)
- dhcpd 4.1.1-P1
- named BIND 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6
Basic DHCP and DNS functionality are in place on 192.168.111.2. Clients are assigned addresses as intended and can resolve local DNS names as well as Internet names. My problem is that named's zone journal files are not created.
- chroot: /var/named/chroot
I tried placing the zone files in various directories (/var/named/data, /var/named, /var/named/dynamic - no matter which dir with named owning and wide open perms I now get nowhere). Along the way I, at one point, got a permission denied when named tried to create the journal. Resolved the issue by:
- chown --recursive named:named /var/named
- chmod --recursive 777 /var/named
The journal was then created and here's where things fell apart. I attempted to tame permissions to something more sane and broke it. Once changed and having restarted named it threw an error indicating the journal was out of sync (or something to that affect)... didn't matter since this is a new setup so I deleted it and now it is not recreated. Now though I see no errors in /var/log/messages, my chrooted /var/log/named.log, or chrooted /var/log/named.debug. I increased the debug level with 'rndc trace' - no love. Increased trace to 10, still nothing.
SELinux is disabled...
[root@server temp]# sestatus
SELinux status: disabled
dhcpd.conf...
allow client-updates;
ddns-update-style interim;
subnet 192.168.111.0 netmask 255.255.255.224 {
...
key dhcpudpate {
algorithm hmac-md5;
secret LDJMdPdEZED+/nN/AGO9ZA==;
}
zone example.lan. {
primary 192.168.111.2;
key dhcpudpate;
}
}
named.conf...
key dhcpudpate {
algorithm hmac-md5;
secret "LDJMdPdEZED+/nN/AGO9ZA==";
};
zone "example.lan" {
type master;
file "/var/named/dynamic/example.lan.db";
allow-transfer { none; };
allow-update { key dhcpudpate; };
notify false;
check-names ignore;
};
The following shows /var/log/named.log output of named starting up - no errors.
27-Jul-2012 21:33:39.349 general: info: zone 111.168.192.in-addr.arpa/IN/internal: loaded serial 2012072601
27-Jul-2012 21:33:39.349 general: info: zone example.lan/IN/internal: loaded serial 2012072501
27-Jul-2012 21:33:39.350 general: info: zone example2.lan/IN/internal: loaded serial 2012072501
27-Jul-2012 21:33:39.350 general: info: zone example3.lan/IN/internal: loaded serial 2012072601
27-Jul-2012 21:33:39.350 general: info: zone example4.lan/IN/internal: loaded serial 2012072501
27-Jul-2012 21:33:39.351 general: info: zone example5.lan/IN/internal: loaded serial 2012072501
27-Jul-2012 21:33:39.351 general: info: managed-keys-zone ./IN/internal: loaded serial 0
27-Jul-2012 21:33:39.351 general: info: zone example.lan/IN/external: loaded serial 2012072501
27-Jul-2012 21:33:39.352 general: info: zone example1.lan/IN/external: loaded serial 2012072501
27-Jul-2012 21:33:39.352 general: info: zone example2.lan/IN/external: loaded serial 2012072501
27-Jul-2012 21:33:39.352 general: info: zone example3.lan/IN/external: loaded serial 2012072501
27-Jul-2012 21:33:39.353 general: info: managed-keys-zone ./IN/external: loaded serial 0
27-Jul-2012 21:33:39.353 general: notice: running
27-Jul-2012 21:34:03.825 general: info: received control channel command 'trace 10'
27-Jul-2012 21:34:03.825 general: info: debug level is now 10
...and /var/log/messages for a named start...
Jul 27 23:02:04 server named[9124]: ----------------------------------------------------
Jul 27 23:02:04 server named[9124]: BIND 9 is maintained by Internet Systems Consortium,
Jul 27 23:02:04 server named[9124]: Inc. (ISC), a non-profit 501(c)(3) public-benefit
Jul 27 23:02:04 server named[9124]: corporation. Support and training for BIND 9 are
Jul 27 23:02:04 server named[9124]: available at https://www.isc.org/support
Jul 27 23:02:04 server named[9124]: ----------------------------------------------------
Jul 27 23:02:04 server named[9124]: adjusted limit on open files from 4096 to 1048576
Jul 27 23:02:04 server named[9124]: found 2 CPUs, using 2 worker threads
Jul 27 23:02:04 server named[9124]: using up to 4096 sockets
Jul 27 23:02:04 server named[9124]: loading configuration from '/etc/named.conf'
Jul 27 23:02:04 server named[9124]: using default UDP/IPv4 port range: [1024, 65535]
Jul 27 23:02:04 server named[9124]: using default UDP/IPv6 port range: [1024, 65535]
Jul 27 23:02:04 server named[9124]: listening on IPv4 interface eth0, 192.168.111.2#53
Jul 27 23:02:04 server named[9124]: generating session key for dynamic DNS
Jul 27 23:02:04 server named[9124]: sizing zone task pool based on 12 zones
Jul 27 23:02:04 server named[9124]: set up managed keys zone for view internal, file 'dynamic/3bed2cb3a3acf7b6a8ef408420cc682d5520e26976d354254f528c965612054f.mkeys'
Jul 27 23:02:04 server named[9124]: set up managed keys zone for view external, file 'dynamic/3c4623849a49a53911c4a3e48d8cead8a1858960bccdea7a1b978d73ec2f06d7.mkeys'
Jul 27 23:02:04 server named[9124]: command channel listening on 127.0.0.1#953
What can I do to troubleshoot this further? It almost seems as though dhcpd is not triggering the update. Maybe I should troubleshoot here and, if so, how?
Many thanks.