Re: hey Bandel! (was Re: BIND 9.x: Part II)
no, unfortunately I have not had time to getback to all this. quick checks of messages and a couple of post and usually time to either head back out the door for something else or time to goto bed for work. Im alos clearing land int he country to get sarted on building our first house. I will get to it as soon as possible though. thanks for asking, On Wednesday 06 February 2002 01:33, you were heard blurting out: On Wed, 30 Jan 2002, Bill Day wrote: Thanks Keith But Im still lost 8^( Going on with the trial and error... On Wednesday 30 January 2002 18:45, you were heard blurting out: Bill, just another quick reference I got turned on to by a friend is: http://www.cymru.com/~robt/Docs/Articles/secure-bind-template.html Helped alot for my first setup of Bind 9.x Just curious and following up, Bill. Did you get anywhere with this? ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL. -- Bill Day Our crystal tears now fall upon the ashes, but from the dust shall grow a spirit, to be in compassion for those who are lost, and one in determination to break those who dare test our resolve to be free... 9/11/01 http://www.daysdomain.com/tribute.html 7:30am up 188 days, 22:24, 13 users, load average: 0.00, 0.00, 0.00 ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
Re: hey Bandel! (was Re: BIND 9.x: Part II)
On Wed, 30 Jan 2002, Bill Day wrote: Thanks Keith But Im still lost 8^( Going on with the trial and error... On Wednesday 30 January 2002 18:45, you were heard blurting out: Bill, just another quick reference I got turned on to by a friend is: http://www.cymru.com/~robt/Docs/Articles/secure-bind-template.html Helped alot for my first setup of Bind 9.x Just curious and following up, Bill. Did you get anywhere with this? ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
Re: hey Bandel! (was Re: BIND 9.x: Part II)
On Tue, 29 Jan 2002 20:12:55 -0500 begin Bill Day [EMAIL PROTECTED] spewed forth: hey david, something else... attached is my named.conf I have yet to get a dns book, so I am truly lost in its 'operations'. Where in this file would I locate the reverse information? It's not, it's locate in: /var/named/pz/127.0.0 and /var/named/pz/192.168.1 (the above names came from your named.conf file) Ciao, David A. Bandel -- Focus on the dream, not the competition. -- Nemesis Racing Team motto Internet (H323) phone: 206.28.187.30 ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
Re: hey Bandel! (was Re: BIND 9.x: Part II)
ok, I was assuming that I had to create 2 more files under /var/named/pz and then put int the reverse information. but I just put them in the current zone files.. could you point/post me an example with the proper setup..? I realize I am getting annoying 8^) but until my book arrives Im really in the dark on this BIND - DNS stuff and really unsure where/how to place and format the reverse information in the file(s) I really can't wait for my book to arrive... [root@linuxbox /root]# ll /var/named/pz total 1 -rwxr-xr-x 1 namednamed 282 Jan 20 11:42 127.0.0 lrwxrwxrwx 1 namednamed 7 Jan 20 11:55 192.168.1 - 127.0.0 current 127.0.0 and 192.168.1 (since they are ln -s ): --- $TTL 1D @ 1D IN SOA localhost. root.localhost 42 ; serial (d. adams) 3H ; refresh 15M ; retry 1W ; expiry 1D ); minimum 1D IN NS localhost. 1 1D IN PTR localhost. Again, thanks for all your help. -- Bill Day ( a.k.a. BadMan )188133 http://counter.li.org #linux-users irc.openprojects.net:6667 Our crystal tears now fall upon the ashes, but from the dust shall grow a spirit, to be in compassion for those who are lost, and one in determination to break those who dare test our resolve to be free... 9/11/01 http://www.daysdomain.com/tribute.html 8:30am up 181 days, 23:24, 15 users, load average: 0.00, 0.00, 0.00 ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
Re: hey Bandel! (was Re: BIND 9.x: Part II)
On Wed, 30 Jan 2002 09:08:58 -0500 begin Bill Day [EMAIL PROTECTED] spewed forth: [snip] --- $TTL 1D @ 1D IN SOA localhost. root.localhost 42 ; serial (d. adams) 3H ; refresh 15M ; retry 1W ; expiry 1D ); minimum your problem is in this section above. All else looks good. The problem is, you don't reference anywhere what your reverse zone is. You have $TTL 1D (your zone's default time to live), then you have an @, which needs to reference the domain (which needs to be listed before this @), but can't because the domain isn't listed. This is why named is whining at startup. 1D IN NS localhost. 1 1D IN PTR localhost. Again, thanks for all your help. -- Bill Day ( a.k.a. BadMan ) 188133 http://counter.li.org #linux-usersirc.openprojects.net:6667 Our crystal tears now fall upon the ashes, but from the dust shall grow a spirit, to be in compassion for those who are lost, and one in determination to break those who dare test our resolve to be free... 9/11/01 http://www.daysdomain.com/tribute.html 8:30am up 181 days, 23:24, 15 users, load average: 0.00, 0.00, 0.00 ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL. -- Focus on the dream, not the competition. -- Nemesis Racing Team motto Internet (H323) phone: 206.28.187.30 ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
Re: hey Bandel! (was Re: BIND 9.x: Part II)
Bill, just another quick reference I got turned on to by a friend is: http://www.cymru.com/~robt/Docs/Articles/secure-bind-template.html Helped alot for my first setup of Bind 9.x ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
Re: hey Bandel! (was Re: BIND 9.x: Part II)
Thanks Keith But Im still lost 8^( Going on with the trial and error... On Wednesday 30 January 2002 18:45, you were heard blurting out: Bill, just another quick reference I got turned on to by a friend is: http://www.cymru.com/~robt/Docs/Articles/secure-bind-template.html Helped alot for my first setup of Bind 9.x ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL. -- Bill Day ( a.k.a. BadMan )188133 http://counter.li.org #linux-users irc.openprojects.net:6667 Our crystal tears now fall upon the ashes, but from the dust shall grow a spirit, to be in compassion for those who are lost, and one in determination to break those who dare test our resolve to be free... 9/11/01 http://www.daysdomain.com/tribute.html 9:30pm up 182 days, 12:24, 14 users, load average: 0.30, 0.13, 0.03 ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
Re: hey Bandel! (was Re: BIND 9.x: Part II)
On Saturday 26 January 2002 07:48, you were heard blurting out: Greek PTR RR... I appreciate your help David, but what will the reverse zone file contain differently that the forwards...? TIA, Based on the above, I'd say your /etc/named.conf has entries for reverse, but you haven't created the reverse zone files. You need reverse zone files for every IP range you have a forward in. In your case, you need zone files for 127.0.0.0/8 and 192.168.1.0/24. Difference between a forward and reverse zone: the reverse zone uses PTR RRs to point to A RRs. Create reverse zone files, make sure /etc/named.conf point to the correct file names (the name of the zone file is unimportant). Ciao, David A. Bandel -- Bill Day ( a.k.a. BadMan )188133 http://counter.li.org #linux-users irc.openprojects.net:6667 Our crystal tears now fall upon the ashes, but from the dust shall grow a spirit, to be in compassion for those who are lost, and one in determination to break those who dare test our resolve to be free... 9/11/01 http://www.daysdomain.com/tribute.html 3:30pm up 181 days, 6:24, 15 users, load average: 0.00, 0.00, 0.00 ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
Re: hey Bandel! (was Re: BIND 9.x: Part II)
On Tue, 29 Jan 2002 16:06:17 -0500 begin Bill Day [EMAIL PROTECTED] spewed forth: On Saturday 26 January 2002 07:48, you were heard blurting out: Greek PTR RR... I appreciate your help David, but what will the reverse zone file contain differently that the forwards...? instead of: hostnametimeout IN A IP you have: 0.0.127.in-addr.arpa. timeout IN PTR hostname.domain.name. see the difference? The rest is the same (SOA). Ciao, David A. Bandel -- Focus on the dream, not the competition. -- Nemesis Racing Team motto Internet (H323) phone: 206.28.187.30 ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
Re: hey Bandel! (was Re: BIND 9.x: Part II)
OK, I will prolly get to it tomorrow. Thanks for all your help. On Tuesday 29 January 2002 19:00, you were heard blurting out: On Tue, 29 Jan 2002 16:06:17 -0500 begin Bill Day [EMAIL PROTECTED] spewed forth: On Saturday 26 January 2002 07:48, you were heard blurting out: Greek PTR RR... I appreciate your help David, but what will the reverse zone file contain differently that the forwards...? instead of: hostname timeout IN A IP you have: 0.0.127.in-addr.arpa. timeout IN PTR hostname.domain.name. see the difference? The rest is the same (SOA). Ciao, David A. Bandel -- Bill Day ( a.k.a. BadMan )188133 http://counter.li.org #linux-users irc.openprojects.net:6667 Our crystal tears now fall upon the ashes, but from the dust shall grow a spirit, to be in compassion for those who are lost, and one in determination to break those who dare test our resolve to be free... 9/11/01 http://www.daysdomain.com/tribute.html 6:30pm up 181 days, 9:24, 15 users, load average: 0.00, 0.00, 0.00 ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
Re: hey Bandel! (was Re: BIND 9.x: Part II)
hey david, something else... attached is my named.conf I have yet to get a dns book, so I am truly lost in its 'operations'. Where in this file would I locate the reverse information? TIA -- Bill Day ( a.k.a. BadMan )188133 http://counter.li.org #linux-users irc.openprojects.net:6667 Our crystal tears now fall upon the ashes, but from the dust shall grow a spirit, to be in compassion for those who are lost, and one in determination to break those who dare test our resolve to be free... 9/11/01 http://www.daysdomain.com/tribute.html 7:30pm up 181 days, 10:24, 15 users, load average: 0.00, 0.03, 0.00 // This is a configuration file for named (from BIND 9.0 or later). // It would normally be installed as /etc/named.conf. // // Changed to match secure example from LASG 5/17/00 // Changed to match Linux Journal example 9/17/00 // Added new view' sections to stop fingerprinting of Bind 9.x per // Bugtraq 1/31/00 // Added rndc key stuff per DNS Bind (Rev. 4) Chapter 11 // added use-id-pool and more comments based on above chapter options { // Directory where bind should create files if // not explicitly stated directory /var/named; // whom do we allow to do zone tranfers allow-transfer { 192.168.1.0/24; }; // new in Bind 9.x to allow RFC1886 - RFC2874 conversion // to support IPv6 // allow-v6-synthesis { 192.168.1.10; }; // tell Bind to check the names in zone files // since it no longer does this by default // (currently unimplemented) // check-names master warn; // sets the size of something or other to 20Mb ;) datasize 20M; // Bind 9.x doesn't recognize this yet :( // deallocate-on-exit no; // where should Bind put a dump of its cache // if told to dump it dump-file named_dump.db; // how often should bind check for new // interfaces toi listen on. we turn // this off by setting it to 0 interface-interval 0; // specify what interfaces/ips to listen on // as the default is all of them listen-on { 192.168.1.10; 127.0.0.1; }; // define a mximum size of cached records // new in Bind 9.x max-cache-size 20M; // where to right stats of memory usage // Bind 9.x doesn't recognize this yet :( // memstatistics-file named.memstats; // where to put out pid file // absolute path since we don't want // it in /var/named pid-file /var/run/named.pid; // force Bind to use port 53 for its // outbound queries to other DNS // servers (Bind 9 uses high ports // by default). Makes firewalling easier query-source address * port 53; // where to dump Bind server stats statistics-file named.stats; // force Bind to be more random in assiging // message ids // use-id-pool yes; // If the chaos view below doesn't work // for some reason, still give out a bogus // answer for Bind version requests version This is not the port you're looking for.; // keep stats on a zone basis zone-statistics yes; }; controls { // this allows rndc to be used from the localhost // to talk to bind on the loopback interface // using the key defined as 'rndc-key' inet 127.0.0.1 allow { localhost; } keys { rndc-key; }; }; // the rest of the key configuration is in // /etc/rndc.conf and the key itself is in // /etc/rndc.key key rndc-key { algorithm hmac-md5; secret YmFkbWFu ; }; logging { channel named_info { // log to syslog instead of a file syslog; // include the category of the event in the log print-category yes; // include the severity of the event in the log print-severity yes; // include the time of the event in the log print-time yes; }; // Processing of client requests category client { named_info; }; // named.conf parsing and processing category config { named_info; }; // Messages relating to internal memory structures category database { named_info; }; // This is the default for any category not specifically defined category default { named_info; }; // The catch-all. Anything without a category of its own category general { named_info; }; // Uncomment if you dont want to know about lame server. // Leave commented and it defaults to the //
Re: hey Bandel! (was Re: BIND 9.x: Part II)
GREAT BIGGIE snippage [root@linuxbox /root]# dig -x 127.0.0.1 SOA ; DiG 9.2.0 -x 127.0.0.1 SOA ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 35519 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;1.0.0.127.in-addr.arpa.IN SOA ;; AUTHORITY SECTION: 0.0.127.in-addr.arpa. 10800 IN SOA b.root-servers.net. root.b.root-servers.net. 19970624 360 3600 390 360 ;; Query time: 2287 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Sat Jan 26 05:30:53 2002 ;; MSG SIZE rcvd: 99 [root@linuxbox /root]# dig -x 192.168.1 SOA ; DiG 9.2.0 -x 192.168.1 SOA ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NXDOMAIN, id: 7018 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;1.168.192.in-addr.arpa.IN SOA ;; AUTHORITY SECTION: 168.192.in-addr.arpa. 0 IN SOA blackhole.iana.org. crain.icann.org. 19971502 10800 900 604800 86400 ;; Query time: 558 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Sat Jan 26 05:31:02 2002 ;; MSG SIZE rcvd: 106 Also these are in tail f-f /var../messages I guess this mean that it is able to query in reverse...? Jan 26 05:30:50 linuxbox named[23782]: Jan 26 05:30:50.966queries: info: client 127.0.0.1#2837: query: 1.0.0.127.in-addr.arpa IN SOA Jan 26 05:31:02 linuxbox named[23782]: Jan 26 05:31:02.275queries: info: client 127.0.0.1#2837: query: 1.168.192.in-addr.arpa IN SOA -- Bill Day ( a.k.a. BadMan )188133 http://counter.li.org #linux-users irc.openprojects.net:6667 Our crystal tears now fall upon the ashes, but from the dust shall grow a spirit, to be in compassion for those who are lost, and one in determination to break those who dare test our resolve to be free... 9/11/01 http://www.daysdomain.com/tribute.html 4:30am up 177 days, 19:24, 15 users, load average: 0.00, 0.00, 0.00 ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
Re: hey Bandel! (was Re: BIND 9.x: Part II)
On Sat, 26 Jan 2002 05:33:31 -0500 Bill Day [EMAIL PROTECTED] spewed into the bitstream: GREAT BIGGIE snippage [root@linuxbox /root]# dig -x 127.0.0.1 SOA ; DiG 9.2.0 -x 127.0.0.1 SOA ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 35519 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;1.0.0.127.in-addr.arpa.IN SOA ;; AUTHORITY SECTION: 0.0.127.in-addr.arpa. 10800 IN SOA b.root-servers.net. root.b.root-servers.net. 19970624 360 3600 390 360 ;; Query time: 2287 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Sat Jan 26 05:30:53 2002 ;; MSG SIZE rcvd: 99 [root@linuxbox /root]# dig -x 192.168.1 SOA ; DiG 9.2.0 -x 192.168.1 SOA ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NXDOMAIN, id: 7018 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;1.168.192.in-addr.arpa.IN SOA ;; AUTHORITY SECTION: 168.192.in-addr.arpa. 0 IN SOA blackhole.iana.org. crain.icann.org. 19971502 10800 900 604800 86400 ;; Query time: 558 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Sat Jan 26 05:31:02 2002 ;; MSG SIZE rcvd: 106 Also these are in tail f-f /var../messages I guess this mean that it is able to query in reverse...? Jan 26 05:30:50 linuxbox named[23782]: Jan 26 05:30:50.966queries: info: client 127.0.0.1#2837: query: 1.0.0.127.in-addr.arpa IN SOA Jan 26 05:31:02 linuxbox named[23782]: Jan 26 05:31:02.275queries: info: client 127.0.0.1#2837: query: 1.168.192.in-addr.arpa IN SOA Based on the above, I'd say your /etc/named.conf has entries for reverse, but you haven't created the reverse zone files. You need reverse zone files for every IP range you have a forward in. In your case, you need zone files for 127.0.0.0/8 and 192.168.1.0/24. Difference between a forward and reverse zone: the reverse zone uses PTR RRs to point to A RRs. Create reverse zone files, make sure /etc/named.conf point to the correct file names (the name of the zone file is unimportant). Ciao, David A. Bandel -- Focus on the dream, not the competition. -- Nemesis Racing Team motto Internet (H323) phone: 206.28.187.30 ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
hey Bandel! (was Re: BIND 9.x: Part II)
Bill Day babbled on about: The secret for the example and then having secret in the named.conf, rndc.conf and rndc.key I replaced all the 'secrets with the pass and then also replaced all the quoted spots next to it with my output from encode, as soon as I returned it to secret and left the output from the pass and mmencode it fired up. OIC. You changed the secret c2VjcmV0; in /etc/named.conf and actually changed the word secret. you should only change the value inside the quotes. I'll change the page to make it more clear and use a different example. Jan 23 15:24:56 linuxbox named[20466]: Jan 23 15:24:56.504general: error: dns_master_load: pz/127.0.0:3: no current owner name It still has the 'no owner' problem and 'no current owner'. I have no idea on this one. Perhaps David knows? Should I be starting named as named or root? This is the command I'm using to start it: /usr/sbin/named -u named #assuming this is starting it as named already.. anyother ideas? this is correct. it starts up as root, then switches to named. it is the correct way -- Douglas J Hunley (doug at hunley.homeip.net) - Linux User #174778 Admin: Linux StepByStep - http://linux.nf /* After several hours of tedious analysis, the following hash * function won. Do not mess with it... -DaveM */ 2.2.16 /usr/src/linux/fs/buffer.c ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
Re: hey Bandel! (was Re: BIND 9.x: Part II)
On Fri, 25 Jan 2002 11:42:20 -0500 Douglas J Hunley [EMAIL PROTECTED] spewed into the bitstream: Bill Day babbled on about: The secret for the example and then having secret in the named.conf, rndc.conf and rndc.key I replaced all the 'secrets with the pass and then also replaced all the quoted spots next to it with my output from encode, as soon as I returned it to secret and left the output from the pass and mmencode it fired up. OIC. You changed the secret c2VjcmV0; in /etc/named.conf and actually changed the word secret. you should only change the value inside the quotes. I'll change the page to make it more clear and use a different example. Jan 23 15:24:56 linuxbox named[20466]: Jan 23 15:24:56.504general: error: dns_master_load: pz/127.0.0:3: no current owner name It still has the 'no owner' problem and 'no current owner'. I have no idea on this one. Perhaps David knows? post your SOA (dig domain.dom SOA or dig -x IP SOA). I suspect your authority section is hosed. Ciao, David A. Bandel -- Focus on the dream, not the competition. -- Nemesis Racing Team motto Internet (H323) phone: 206.28.187.30 ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
Re: hey Bandel! (was Re: BIND 9.x: Part II)
; DiG 9.2.0 daysdomain.com ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 53641 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0 ;; QUESTION SECTION: ;daysdomain.com.IN A ;; ANSWER SECTION: daysdomain.com. 15 IN A 63.140.120.51 ;; AUTHORITY SECTION: daysdomain.com. 109908 IN NS NS1.DNS2GO.com. daysdomain.com. 109908 IN NS NS2.DNS2GO.com. ;; Query time: 244 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Fri Jan 25 19:50:35 2002 ;; MSG SIZE rcvd: 91 host ns1.dns2go.com ns1.dns2go.com has address 63.64.164.8 host ns2.dns2go.com ns2.dns2go.com has address 63.149.6.93 post your SOA (dig domain.dom SOA or dig -x IP SOA). I suspect your authority section is hosed. Ciao, David A. Bandel -- Bill Day ( a.k.a. BadMan )188133 http://counter.li.org #linux-users irc.openprojects.net:6667 Our crystal tears now fall upon the ashes, but from the dust shall grow a spirit, to be in compassion for those who are lost, and one in determination to break those who dare test our resolve to be free... 9/11/01 http://www.daysdomain.com/tribute.html 7:30pm up 177 days, 10:24, 15 users, load average: 0.00, 0.00, 0.00 ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
Re: hey Bandel! (was Re: BIND 9.x: Part II)
On Fri, 25 Jan 2002 19:54:19 -0500 Bill Day [EMAIL PROTECTED] spewed into the bitstream: ; DiG 9.2.0 daysdomain.com not quite. I need your SOA: dig daysdomain.com SOA Note, this should be for whatever zone BIND is barfing on. If it's a reverse, use a valid IP: dig -x 127.0.0.1 SOA My SOA looks like: ; DiG 8.3 pananix.com SOA ;; res options: init recurs defnam dnsrch ;; got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 4 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUERY SECTION: ;; pananix.com, type = SOA, class = IN ;; ANSWER SECTION: pananix.com.2W IN SOA ns1.panamanow.com. david.pananix.com. (2002012500 ; serial1W ; refresh 1H ; retry 4W ; expiry 2W ); minimum Capiche? Ciao, David A. Bandel -- Focus on the dream, not the competition. -- Nemesis Racing Team motto Internet (H323) phone: 206.28.187.30 ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
Re: hey Bandel! (was Re: BIND 9.x: Part II)
Not really.. (Capiche..) but I'll give er hell... 8^) From fresh start I get this: Jan 25 20:46:14 linuxbox named[23782]: starting BIND 9.2.0 -u named Jan 25 20:46:14 linuxbox named[23782]: using 1 CPU Jan 25 20:46:14 linuxbox named[23782]: loading configuration from '/etc/named.conf' Jan 25 20:46:14 linuxbox named[23782]: listening on IPv4 interface lo, 127.0.0.1#53 Jan 25 20:46:14 linuxbox named[23782]: the key 'rndc-key' is too short to be secure Jan 25 20:46:14 linuxbox last message repeated 3 times Jan 25 20:46:14 linuxbox named[23782]: command channel listening on 127.0.0.1#953 Jan 25 20:46:14 linuxbox named[23782]: Jan 25 20:46:14.352general: error: dns_master_load: pz/127.0.0:3: no current owner name Jan 25 20:46:14 linuxbox named[23782]: Jan 25 20:46:14.356general: error: zone 0.0.127.in-addr.arpa/IN: loading master file pz/127.0.0: no owner Jan 25 20:46:14 linuxbox named[23782]: Jan 25 20:46:14.359general: error: dns_master_load: pz/192.168.1:3: no current owner name Jan 25 20:46:14 linuxbox named[23782]: Jan 25 20:46:14.362general: error: zone 1.168.192.in-addr.arpa/IN: loading master file pz/192.168.1: no owner Jan 25 20:46:14 linuxbox named[23782]: Jan 25 20:46:14.363general: info: running [root@linuxbox /root]# dig daysdomain.com SOA ; DiG 9.2.0 daysdomain.com SOA ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 4599 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1 ;; QUESTION SECTION: ;daysdomain.com.IN SOA ;; ANSWER SECTION: daysdomain.com. 3582IN SOA d2gdns1.dns2go.com. admin.dns2go.com. 650 30 60 86400 15 ;; AUTHORITY SECTION: daysdomain.com. 106743 IN NS NS2.dns2go.com. daysdomain.com. 106743 IN NS NS1.dns2go.com. ;; ADDITIONAL SECTION: NS1.dns2go.com. 169716 IN A 63.64.164.8 ;; Query time: 17 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Fri Jan 25 20:43:20 2002 ;; MSG SIZE rcvd: 141 [root@linuxbox /root]# dig -x 63.140.120.51 SOA ; DiG 9.2.0 -x 63.140.120.51 SOA ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NXDOMAIN, id: 35602 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;51.120.140.63.in-addr.arpa.IN SOA ;; AUTHORITY SECTION: 140.63.in-addr.arpa.10780 IN SOA ns1.winstar.net. dns.winstar.net. 260201 21600 900 604800 43200 ;; Query time: 15 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Fri Jan 25 20:54:59 2002 ;; MSG SIZE rcvd: 99 I likely am missing something, yet I aint got a clue what... -- Bill Day ( a.k.a. BadMan )188133 http://counter.li.org #linux-users irc.openprojects.net:6667 Our crystal tears now fall upon the ashes, but from the dust shall grow a spirit, to be in compassion for those who are lost, and one in determination to break those who dare test our resolve to be free... 9/11/01 http://www.daysdomain.com/tribute.html 8:30pm up 177 days, 11:24, 15 users, load average: 0.00, 0.01, 0.00 ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
Re: hey Bandel! (was Re: BIND 9.x: Part II)
On Fri, 25 Jan 2002 21:02:46 -0500 Bill Day [EMAIL PROTECTED] spewed into the bitstream: Not really.. (Capiche..) but I'll give er hell... 8^) From fresh start I get this: Jan 25 20:46:14 linuxbox named[23782]: starting BIND 9.2.0 -u named Jan 25 20:46:14 linuxbox named[23782]: using 1 CPU Jan 25 20:46:14 linuxbox named[23782]: loading configuration from '/etc/named.conf' Jan 25 20:46:14 linuxbox named[23782]: listening on IPv4 interface lo, 127.0.0.1#53 Jan 25 20:46:14 linuxbox named[23782]: the key 'rndc-key' is too short to be secure self-expanatory Jan 25 20:46:14 linuxbox last message repeated 3 times Jan 25 20:46:14 linuxbox named[23782]: command channel listening on 127.0.0.1#953 Jan 25 20:46:14 linuxbox named[23782]: Jan 25 20:46:14.352general: error: dns_master_load: pz/127.0.0:3: no current owner name pls post the result of: dig -x 127.0.0.1 SOA Jan 25 20:46:14 linuxbox named[23782]: Jan 25 20:46:14.356general: error: zone 0.0.127.in-addr.arpa/IN: loading master file pz/127.0.0: no owner Jan 25 20:46:14 linuxbox named[23782]: Jan 25 20:46:14.359general: error: dns_master_load: pz/192.168.1:3: no current owner name pls post the result of: dig -x 192.168.1 SOA Jan 25 20:46:14 linuxbox named[23782]: Jan 25 20:46:14.362general: error: zone 1.168.192.in-addr.arpa/IN: loading master file pz/192.168.1: no owner Jan 25 20:46:14 linuxbox named[23782]: Jan 25 20:46:14.363general: info: running [snippage of SOA info that does not pertain to errors above] Ciao, David A. Bandel -- Focus on the dream, not the competition. -- Nemesis Racing Team motto Internet (H323) phone: 206.28.187.30 ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
Re: BIND 9.x: Part II
Bill Day babbled on about: hmm Well, metamail does not seem to like my eD2.4 I see the mmencode.c in the metamail tree... is there a way I can pull just it out of the system and build it in or is this even possible.. looked at dnssec-keygen does look quite irritating to try using it... would really rather prefer to use the mmencode especailly if I can get it out of the package Any ideas on doing that or suggestions on other keygens I can use? you could try just 'cc mmencode.c' and see what happens I could send you mine ;) -- Douglas J Hunley (doug at hunley.homeip.net) - Linux User #174778 Admin: Linux StepByStep - http://linux.nf panic (No CPUs found. System halted.\n); 2.4.3 linux/arch/parisc/kernel/setup.c ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
BIND 9.x: Part II
When I finish compiling and installing and move on to creating the files etc.. step 18 wants me to create and rndc password using 'mmencode', command not found. Locate can find nothing on my ssytem for it as well.. what is this that I'm missing..? Thanks, -- Bill Day ( a.k.a. BadMan )188133 http://counter.li.org #linux-users irc.openprojects.net:6667 Our crystal tears now fall upon the ashes, but from the dust shall grow a spirit, to be in compassion for those who are lost, and one in determination to break those who dare test our resolve to be free... 9/11/01 http://www.daysdomain.com/tribute.html 11:30am up 172 days, 2:24, 17 users, load average: 0.01, 0.56, 0.98 ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
Re: BIND 9.x: Part II
Dang, I gotta stop hitting that 'cntrl+return' to soon 8^) I left out some details and questions... On step 18 of bind9.html, it wants me to create a pass word using mmencode..? I have command not found, obviously it is an encryption program that I do not have...? So what to use instead? I am running a fairly stock, eD2.4 system, all major updates( except to kernel) including an updated kde2 Im not sure what I am looking for to create this password for 'rndc' in the bind9 SxS. Thanks for any idears.. -- Bill Day ( a.k.a. BadMan )188133 http://counter.li.org #linux-users irc.openprojects.net:6667 Our crystal tears now fall upon the ashes, but from the dust shall grow a spirit, to be in compassion for those who are lost, and one in determination to break those who dare test our resolve to be free... 9/11/01 http://www.daysdomain.com/tribute.html 11:30am up 172 days, 2:24, 17 users, load average: 0.01, 0.56, 0.98 ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
Re: BIND 9.x: Part II
Douglas J Hunley babbled on about: you can use dnssec-keygen instead. see the man page. but it's not as easy as mmencode. mmencode comes from metamail .. (check freshmeat) i added a note about needing metamail to the web page. sorry for not catching this one earlier Bill -- Douglas J Hunley (doug at hunley.homeip.net) - Linux User #174778 Admin: Linux StepByStep - http://linux.nf printk(MASQUERADE: No route: Rusty's brain broke!\n); 2.4.3 linux/net/ipv4/netfilter/ipt_MASQUERADE.c ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
Re: BIND 9.x: Part II
hmm Well, metamail does not seem to like my eD2.4 I see the mmencode.c in the metamail tree... is there a way I can pull just it out of the system and build it in or is this even possible.. looked at dnssec-keygen does look quite irritating to try using it... would really rather prefer to use the mmencode especailly if I can get it out of the package Any ideas on doing that or suggestions on other keygens I can use? On Sunday 20 January 2002 23:23, you were heard blurting out: Douglas J Hunley babbled on about: you can use dnssec-keygen instead. see the man page. but it's not as easy as mmencode. mmencode comes from metamail .. (check freshmeat) i added a note about needing metamail to the web page. sorry for not catching this one earlier Bill -- Bill Day ( a.k.a. BadMan )188133 http://counter.li.org #linux-users irc.openprojects.net:6667 Our crystal tears now fall upon the ashes, but from the dust shall grow a spirit, to be in compassion for those who are lost, and one in determination to break those who dare test our resolve to be free... 9/11/01 http://www.daysdomain.com/tribute.html 12:30am up 172 days, 15:24, 16 users, load average: 1.43, 1.23, 1.03 ___ Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.