    I know that I've asked this in the past, but after a fresh reinstall of the 
machine on my local network that provided (amongst other services) DNS to all other 
machines (FreeBSD, Solaris, WIn2K & WinXP Pro), I find that I am not having much 
success setting up BIND in a sandbox.

The box is running FreeBSD-4.9Stable (after initially installing 4.8-Rel) after cvsup 
of sources.

Basically, the errors I get on start up is here:
/etc/namedb/etc # tail /var/log/messages
Nov 29 15:42:39 Demon named[226]: 'masters' statement present for master zone 
Nov 29 15:42:39 Demon named[226]: zone 'vickiandstacey.com' did not validate, skipping
Nov 29 15:42:39 Demon named[226]: bind(dfd=20, [].53): Address already in 
Nov 29 15:42:39 Demon named[226]: deleting interface [].53
Nov 29 15:42:39 Demon named[226]: bind(dfd=20, [].53): Address already in use
Nov 29 15:42:39 Demon named[226]: deleting interface [].53
Nov 29 15:42:39 Demon named[226]: not listening on any interfaces
Nov 29 15:42:39 Demon named[233]: Ready to answer queries.
Nov 29 15:42:39 Demon named[234]: can't exec /bin/named-xfer: No such file or directory
Nov 29 15:43:47 Demon named-xfer[240]: [] not authoritative for 
1.168.192.in-addr.arpa, SOA query got rcode 0, aa 0, ancount 0, aucount 13
/etc/namedb/etc #

Here's the layout for named as followed from the HandBook 
$ ls -la /etc/namedb
total 22
drwxr-xr-x   8 root  wheel   512 Nov 29 12:43 .
drwxr-xr-x  17 root  wheel  2048 Nov 25 12:49 ..
-rw-r--r--   1 root  wheel   427 Apr  3  2003 PROTO.localhost-v6.rev
-rw-r--r--   1 root  wheel   423 Apr  3  2003 PROTO.localhost.rev
drwxr-xr-x   2 root  wheel   512 Nov 29 11:33 bin
drwxr-xr-x   2 root  wheel   512 Nov 29 15:33 dev
drwxr-xr-x   2 root  wheel   512 Nov 29 11:39 etc
-rw-r--r--   1 root  wheel  1032 Apr  3  2003 make-localhost
drwxr-xr-x   2 root  wheel   512 Nov 29 12:22 master
lrwxr-xr-x   1 root  wheel    14 Nov 29 11:19 named.conf -> etc/named.conf
drwxr-xr-x   2 bind  bind    512 Nov 29 16:03 slave
drwxr-xr-x   4 root  wheel   512 Nov 29 12:43 var

$ ls -la /etc/namedb/etc
total 14
drwxr-xr-x  2 root  wheel   512 Nov 29 11:39 .
drwxr-xr-x  8 root  wheel   512 Nov 29 12:43 ..
-r--r--r--  1 root  wheel  1323 Nov 29 11:18 localtime
-rw-r--r--  1 root  wheel  3892 Nov 29 15:42 named.conf
-rw-r--r--  1 root  wheel  3478 Nov 29 11:39 named.conf-29112003

[EMAIL PROTECTED] ~ $ ls -la /etc/namedb/master/
total 16
drwxr-xr-x  2 root  wheel   512 Nov 29 12:22 .
drwxr-xr-x  8 root  wheel   512 Nov 29 12:43 ..
-rw-r--r--  1 root  wheel   493 Nov 29 11:20 localhost-v6.rev
-rw-r--r--  1 root  wheel   489 Nov 29 11:20 localhost.rev
-rw-r--r--  1 root  wheel   200 Nov 29 15:40 named.localhost
-rw-r--r--  1 root  wheel  2583 Apr  3  2003 named.root
-rw-r--r--  1 root  wheel   473 Nov 29 15:31 vickiandstacey.com.db

[EMAIL PROTECTED] ~ $ ls -la /etc/namedb/slave/
total 6
drwxr-xr-x  2 bind  bind   512 Nov 29 16:03 .
drwxr-xr-x  8 root  wheel  512 Nov 29 12:43 ..
-rw-r--r--  1 root  bind   460 Nov 29 13:15 1.168.192.in-addr.arpa

Here are the config files: -

[EMAIL PROTECTED] /etc/namedb/etc $ cat named.conf
// $FreeBSD: src/etc/namedb/named.conf,v 2003/02/13 13:16:51 keramida Exp $
// Refer to the named.conf(5) and named(8) man pages for details.  If
// you are ever going to set up a primary server, make sure you
// understand the hairy details of how DNS works.  Even with
// simple mistakes, you can break connectivity for affected parties,
// or cause huge amounts of useless Internet traffic.
options {
        directory "/";
        named-xfer "/bin/named-xfer";
        version "";     // Don't reveal BIND version
// In addition to the "forwarders" clause, you can force your name
// server to never initiate queries of its own, but always ask its
// forwarders only, by enabling the following line:
//      forward only;
// If you've got a DNS server around at your upstream provider, enter
// its IP address here, and enable the line below.  This will make you
// benefit from its cache, thus reduce overall DNS traffic in the Internet.
        forwarders {
         * If there is a firewall between you and nameservers you want
         * to talk to, you might need to uncomment the query-source
         * directive below.  Previous versions of BIND always asked
         * questions using port 53, but BIND 8.1 uses an unprivileged
         * port by default.
        query-source address * port 53;
         * If running in a sandbox, you may have to specify a different
         * location for the dumpfile.
        // dump-file "s/named_dump.db";
// ndc control socket
controls {
        unix "/var/run/ndc" perm 0600 owner 0 group 0;
// Note: the following will be supported in a future release.
host { any; } {
        topology {
// Setting up secondaries is way easier and a rough example for this
// is provided below.
// If you enable a local name server, don't forget to enter
// first in your /etc/resolv.conf so this server will be queried.
// Also, make sure to enable it in /etc/rc.conf.
zone "." {
        type hint;
        file "master/named.root";
zone "localhost" IN {
        type master;
        file "master/named.localhost";
        allow-transfer { localhost; };
        notify no;
zone "0.0.127.IN-ADDR.ARPA" {
        type master;
        file "master/localhost.rev";
        allow-transfer { localhost; };
        notify no;
// RFC 3152
zone "" {
        type master;
        file "master/localhost-v6.rev";
        allow-transfer { localhost; };
        notify no;
// RFC 1886 -- deprecated
zone "" {
        type master;
        file "master/localhost-v6.rev";
// NB: Do not use the IP addresses below, they are faked, and only
// serve demonstration/documentation purposes!
// Example secondary config entries.  It can be convenient to become
// a secondary at least for the zone your own domain is in.  Ask
// your network administrator for the IP address of the responsible
// primary.
// Never forget to include the reverse lookup (IN-ADDR.ARPA) zone!
// (This is named after the first bytes of the IP address, in reverse
// order, with ".IN-ADDR.ARPA" appended.)
// Before starting to set up a primary zone, make sure you fully
// understand how DNS and BIND works.  There are sometimes
// non-obvious pitfalls.  Setting up a secondary is simpler.
// NB: Don't blindly enable the examples below. :-)  Use actual names
// and addresses instead.
// NOTE!!! FreeBSD can run bind in a sandbox (see named_flags in rc.conf).
// The directory containing the secondary zones must be write accessible
// to bind.  The following sequence is suggested:
//      mkdir /etc/namedb/s
//      chown bind:bind /etc/namedb/s
//      chmod 750 /etc/namedb/s
zone "vickiandstacey.com" {
        type master;
        file "master/vickiandstacey.com.db";
        allow-transfer {; };
        masters {
zone "1.168.192.in-addr.arpa" {
        type slave;
        file "slave/1.168.192.in-addr.arpa";
        masters {
[EMAIL PROTECTED] /etc/namedb/etc $

[EMAIL PROTECTED] /etc/namedb $ cat master/vickiandstacey.com.db
$TTL 3600
vickiandstacey.com.     IN      SOA     Demon.vickiandstacey.com.       
stacey.vickiandstacey.com. (
                                        6               ; Serial
                                        10800           ; Refresh
                                        3600            ; Retry
                                        604800          ; Expire
                                        86400 )         ; Minimum TTL
; DNS Servers
@                       IN      NS      Demon.vickiandstacey.com.
; Host Names
localhost               IN      A
snowball                IN      A
omni                    IN      A
Demon                   IN      A
crom                    IN      A
conan                   IN      A
ibm                     IN      A
; Aliases
;www                    IN      CNAME   @
[EMAIL PROTECTED] /etc/namedb $

[EMAIL PROTECTED] /etc/namedb $ cat slave/1.168.192.in-addr.arpa
$TTL 3600
1.168.192.in-addr.arpa  IN      SOA     Demon.vickiandstacey.com.       
stacey.vickiandstacey.com. (
                                6               ; Serial
                                10800           ; Refresh
                                3600            ; Retry
                                604800          ; Expire
                                3600 )          ; Minimum TTL
@                       IN      NS      Demon.vickiandstacey.com.
6                       IN      PTR     snowball.vickiandstacey.com.
7                       IN      PTR     omni.vickiandstacey.com.
8                       IN      PTR     Demon.vickiandstacey.com.
10                      IN      PTR     crom.vickiandstacey.com.
12                      IN      PTR     conan.vickiandstacey.com.
14                      IN      PTR     ibm.vickiandstacey.com.
[EMAIL PROTECTED] /etc/namedb $

Here is the relevant entries in /etc/rc.conf:
[EMAIL PROTECTED] /etc/namedb $ grep -i named /etc/rc.conf
syslogd_flags="-ss -l /etc/namedb/dev/log"
named_flags="-u bind -g bind -t /etc/namedb /etc/named.conf"
[EMAIL PROTECTED] /etc/namedb $

Here's what I've got in resolv.conf:
[EMAIL PROTECTED] /etc/namedb # cat /etc/resolv.conf
domain  vickiandstacey.com
[EMAIL PROTECTED] /etc/namedb #

An example of my problem follows:
[EMAIL PROTECTED] /etc/namedb # nslookup
Default Server:  localhost.vickiandstacey.com
> server Demon.vickiandstacey.com
Default Server:  Demon.vickiandstacey.com

What I had prior to installing, I would get "Demon.vickiandstacey.com" returned as the 
Default Server, not localhost as above.

Secondly, the address is the real IP address of Demon (I have a block of 
8) that is translated to, the internal IP address of Demon. So I'd have 
hoped that trying to set server to Demon, would have resulted in "Address:" instead of the machine's real IP address.

I'd gladly provide more information here if anyone thinks it would assist in helping 
me here. Thanks for the time.


Stacey Roberts
B. Sc (HONS) Computer Science

Web: www.vickiandstacey.com
[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to