Oliver, et al: I figured out port 53 wasn't open in iptables.
Also I remembered BIND was installed after Packetfence, maybe this is the reason my BIND configuration isn't right. During server boot I noticed a message scroll by that says "locating /var/named/chroot//etc/named.conf failed" - note the double backlash, i..e '//', it was really in the message. I couldn't find this error logged and tried unsuccessfully to capture the error. I didn't find any 'named' /var/log/messages from this boot. Then I linked /etc/named.conf to /var/named/chroot/etc/named.conf, reloaded named and got the following /var/log/messages: May 13 16:27:38 packetfence named[4631]: starting BIND 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 May 13 16:27:38 packetfence named[4631]: adjusted limit on open files from 1024 to 1048576 May 13 16:27:38 packetfence named[4631]: found 4 CPUs, using 4 worker threads May 13 16:27:38 packetfence named[4631]: using up to 4096 sockets May 13 16:27:38 packetfence named[4631]: loading configuration from '/etc/named.conf' May 13 16:27:39 packetfence named[4631]: using default UDP/IPv4 port range: [1024, 65535] May 13 16:27:39 packetfence named[4631]: using default UDP/IPv6 port range: [1024, 65535] May 13 16:27:39 packetfence named[4631]: listening on IPv4 interface eth1.53, 192.168.3.1#53 May 13 16:27:39 packetfence named[4631]: listening on IPv4 interface eth1.51, 192.168.2.1#53 May 13 16:27:39 packetfence named[4631]: command channel listening on 127.0.0.1#953 May 13 16:27:39 packetfence named[4631]: couldn't open pid file '/var/run/named/named.pid': Permission denied May 13 16:27:39 packetfence named[4631]: exiting (due to early fatal error) If I reboot with this configuration (the /etc/named.conf file linked to /var/named/...) I get: May 13 16:33:58 packetfence named: zone ./IN: loading master file named-registration.ca: file not found May 13 16:33:58 packetfence named: registration/./IN: file not found May 13 16:33:58 packetfence named: zone ./IN: loading master file named-isolation.ca: file not found May 13 16:33:58 packetfence named: isolation/./IN: file not found Is there any hope of getting this system set right? Thanks again! Steve Wittstruck Colorado School of Mines ________________________________________ From: Olivier Bilodeau [[email protected]] Sent: Thursday, May 13, 2010 9:12 AM To: [email protected] Subject: Re: [Packetfence-users] DNS issues in registration VLAN (WAS: no 1.8.8 snmptraps from Cisco 3750?) Hi Steve, Steve Wittstruck wrote: > Hi Olivier, > > Sorry for the delay. > > Yes, I did follow the installation guide for setting up the 3 DNS files: > /etc/named.conf, /var/named/named-registration.ca, and > /var/named/named-isolation.ca. I just reviewed all 3 and the only difference > from the installation guide was 'admin.nac.mines.edu' in both SOA entries. > > Is there anything else I can check? The goal for DHCP / DNS in the registration and isolation VLANs is the following: - PacketFence is the only one who serves DHCP and DNS in that VLAN - The DHCP is configured to give an IP in a new subnet and with following options: - DNS Server is the PacketFence IP in that VLAN - Default gateway is the PacketFence IP in that VLAN - The DNS is configured to ALWAYS return PacketFence's IP no matter what the question was This way, PacketFence's web server gets the HTTP request and we use a rewrite rule to rewrite the URL to something that is more meaningful to a user and present the captive portal. I'll need you to doublecheck that each required step in accomplished in the right way. One good way to do that is to put a PC in such a VLAN and validate DHCP first then network reachability, routing (if any), DNS, etc. If you want your problem solved quickly (you are under time constraints), you can always pay for support and we will log into your setup, diagnose what's wrong and suggest fix. Otherwise keep posting your progress and the community will troubleshoot you on the mailing list for free. Have a nice day! -- Olivier Bilodeau [email protected] :: +1.514.447.4918 *115 :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.scalableogo.org) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
