In message <aanlkti=lu1mqttbq=1nnpurab5zf7pdryygy1mxb9...@mail.gmail.com>, Tim
Dunphy writes:
> Hello BIND9!
>
> I've got a bad situation after accidentally selecting the wrong option
> in sysinstall. The DNS server that I've been using for quite a while
> is quite broken.
>
> Normally I could type in the host name of any machine I had configured
> in DNS and it would return the correct network request (in terms of
> ssh, ping, host, dig).
>
> Now this is what get:
>
> Code:
>
> [r...@lbsd2:/etc/namedb]#host bsd2
> Host bsd2 not found: 3(NXDOMAIN)
> [r...@lbsd2:/etc/namedb]#ping bsd2
> ping: cannot resolve bsd2: Unknown host
> [r...@lbsd2:/etc/namedb]#ssh bsd2
> ssh: Could not resolve hostname bsd2: hostname nor servname provided,
> or not known
>
> These requests are taking place on the machine that I have setup as
> the DNS server.
>
> My resolv.conf is setup to use my LBSD2 DNS server:
>
> Code:
>
> [r...@lbsd2:/etc/namedb]#cat /etc/resolv.conf
> domain summitnjhome.com
> nameserver 192.168.1.44
> #nameserver 4.2.2.2
>
> And even tho I don't seem to have an external DNS server setup at the
> moment on this box, network services to external sources seem to work:
>
> Code:
>
> [r...@lbsd2:/etc/namedb]#ping yahoo.com
> PING yahoo.com (98.137.149.56): 56 data bytes
> 64 bytes from 98.137.149.56: icmp_seq=0 ttl=56 time=101.503 ms
> 64 bytes from 98.137.149.56: icmp_seq=1 ttl=56 time=97.850 ms
>
> [r...@lbsd2:/etc/namedb]#host yahoo.com
> yahoo.com has address 72.30.2.43
> yahoo.com has address 98.137.149.56
> yahoo.com has address 209.191.122.70
> yahoo.com has address 67.195.160.76
> yahoo.com has address 69.147.125.65
> yahoo.com mail is handled by 1 g.mx.mail.yahoo.com.
> yahoo.com mail is handled by 1 h.mx.mail.yahoo.com.
> yahoo.com mail is handled by 1 i.mx.mail.yahoo.com.
> yahoo.com mail is handled by 1 j.mx.mail.yahoo.com.
> yahoo.com mail is handled by 1 k.mx.mail.yahoo.com.
> yahoo.com mail is handled by 1 a.mx.mail.yahoo.com.
> yahoo.com mail is handled by 1 b.mx.mail.yahoo.com.
> yahoo.com mail is handled by 1 c.mx.mail.yahoo.com.
> yahoo.com mail is handled by 1 d.mx.mail.yahoo.com.
> yahoo.com mail is handled by 1 e.mx.mail.yahoo.com.
> yahoo.com mail is handled by 1 f.mx.mail.yahoo.com.
>
> [r...@lbsd2:/etc/namedb]#host summitnjhome.com
> summitnjhome.com has address 123.45.67.89
> summitnjhome.com mail is handled by 0 smtp.secureserver.net.
> summitnjhome.com mail is handled by 10 mailstore1.secureserver.net.
>
> [r...@lbsd2:/etc/namedb]#host bsd2.summitnjhome.com
> Host bsd2.summitnjhome.com not found: 3(NXDOMAIN)
What does "dig bsd2.summitnjhome.com" report?
> It looks like I may be using verizon's DNS server tho I am at a loss
> to know where this is set:
>
> Code:
>
> [r...@lbsd2:/etc/namedb]#dig bsd2 bsd2
Dig does not perform searches by default also you probably ment
"dig bsd2 @bsd2" "dig <domain> @<server>".
> DNS _does_ restart correctly:
>
> Code:
>
> [r...@lbsd2:/etc/namedb]#/etc/rc.d/named restart
> Stopping named.
> Waiting for PIDS: 4015.
> Starting named.
>
> But notice what happens in the messages log when I do that:
>
> Code:
>
> Sep 17 00:03:24 LBSD2 named[4170]: starting BIND 9.6.1-P1 -t /var/named -u bi
> nd
> Sep 17 00:03:24 LBSD2 named[4170]: built with '--prefix=/usr'
> '--infodir=/usr/share/info' '--mandir=/usr/share/man'
> '--enable-threads' '--disable-ipv6' '--enable-getifaddrs'
> '--disable-linux-caps' '--with-openssl=/usr'
> '--with-randomdev=/dev/random' '--without-idn' '--without-libxml2'
> Sep 17 00:03:24 LBSD2 named[4170]: command channel listening on 127.0.0.1#953
> Sep 17 00:03:24 LBSD2 named[4170]: command channel listening on ::1#953
> Sep 17 00:03:24 LBSD2 named[4170]: the working directory is not writable
> Sep 17 00:03:24 LBSD2 named[4170]: running
>
>
> So it is complaining about the working directory not being writable.
> In my /etc/namedb/named.conf these are the relevant directories:
>
> Code:
>
> options {
> // Relative to the chroot directory, if any
> directory "/etc/namedb";
> pid-file "/var/run/named/pid";
> dump-file "/var/dump/named_dump.db";
> statistics-file "/var/stats/named.stats";
>
> And these are the permissions on each:
>
> Code:
>
> [r...@lbsd2:/etc/namedb]#ls -l /etc | grep namedb
> lrwxr-xr-x 1 root wheel 21 Sep 17 00:03 namedb ->
> /var/named/etc/namedb
>
> Code:
>
> [r...@lbsd2:/etc/namedb]#ls -l /var | grep named
> drwxr-xr-x 6 root wheel 512 Sep 16 23:13 named
>
> I've tried to change the permissions on each to bind.wheel. For some
> reason this works on /var/named but NOT on /etc/namedb
Because that is where the symbolic link points.
> Code:
>
> [r...@lbsd2:/etc/namedb]#chown -R bind:wheel /etc/namedb/
> [r...@lbsd2:/etc/namedb]#chown -R bind:wheel /var/named
> [r...@lbsd2:/etc/namedb]#ls -l /etc | grep namedb
> lrwxr-xr-x 1 root wheel 21 Sep 17 00:03 namedb ->
> /var/named/etc/namedb
> [r...@lbsd2:/etc/namedb]#ls -l /var | grep named
> drwxr-xr-x 6 bind wheel 512 Sep 16 23:13 named
>
> Here are some more permissions that may be factoring into this situation:
>
> Code:
>
> [r...@lbsd2:/etc/namedb]#ls -l
> total 48
> drwxr-xr-x 2 bind wheel 512 Nov 21 2009 dynamic
> drwxr-xr-x 2 bind wheel 512 Sep 16 18:38 master
> -rw-r--r-- 1 bind wheel 12088 Sep 16 17:44 named.conf
> -rw-r--r-- 1 bind wheel 2969 Nov 21 2009 named.root
> -rw------- 1 bind wheel 97 Aug 21 18:50 rndc.key
> drwxr-xr-x 2 bind wheel 512 Nov 21 2009 slave
> [r...@lbsd2:/etc/namedb]#cd master/
> [r...@lbsd2:/etc/namedb/master]#ls -l
> total 20
> -rw-r--r-- 1 bind wheel 243 Nov 21 2009 empty.db
> -rw-r--r-- 1 bind wheel 265 Nov 21 2009 localhost-forward.db
> -rw-r--r-- 1 bind wheel 333 Nov 21 2009 localhost-reverse.db
> -rw-r--r-- 1 bind wheel 3027 Sep 16 18:37 summitnjhome.com
And the content of summitnjhome.com are?
Also the named.conf zone definition for summitnjhome.com is?
> And lastly it does not appear to be a misconfiguration of the zone
> file, because as SOON as I encountered this problem I rm'd the one in
> /etc/namedb and copied a known working backup to the same location.
>
> Clearly this situation needs a new set of eyes. I would _greatly_
> appreciate your input here. Thank you BIND9!!
> _______________________________________________
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
