On 6/12/21 8:30 PM, ToddAndMargo via bind-users wrote:
# named-checkzone -t /var/named/chroot/var/named/slaves  abc.local abc.hosts.rev
abc.hosts.rev:3: ignoring out-of-zone data (255.168.192.in-addr.arpa)
abc.hosts.rev:14: ignoring out-of-zone data abc.hosts(10.255.168.192.in-addr.arpa)
abc.hosts.rev:17: ignoring out-of-zone data


# rpm -aq bind\*
bind-export-libs-9.11.11-1.fc30.x86_64
bind-license-9.16.16-1.fc34.noarch
bind-dnssec-doc-9.16.16-1.fc34.noarch
bind-libs-9.16.16-1.fc34.x86_64
bind-utils-9.16.16-1.fc34.x86_64
bind-dnssec-utils-9.16.16-1.fc34.x86_64
bind-9.16.16-1.fc34.x86_64
bind-chroot-9.16.16-1.fc34.x86_64


Oh poop.  I had the zone name wrong again.  The zone
name comes directly from named.conf.   Duh!


# named-checkzone -t /var/named/chroot/var/named/slaves 255.168.192.in-addr.arpa abc.hosts.rev
zone 255.168.192.in-addr.arpa/IN: loaded serial 213
OK

Now I also have

# named-checkzone -t /var/named/chroot/var/named/slaves  abc.local abc.hosts
zone abc.local/IN: loaded serial 265
OK


and

# named-checkconf -l -t /var/named/chroot /etc/named.conf
abc.local IN _default master
255.168.192.in-addr.arpa IN _default master
0.0.127.in-addr.arpa IN _default master


So why am I getting file not found in the following?

# systemctl status named.service

× named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since Sat 2021-06-12 16:31:16 PDT; 3h 46min ago Process: 18368 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is >
        CPU: 12ms

Jun 12 16:31:16 rn6.abc.local bash[18369]: _default/abc.local/IN: file not found Jun 12 16:31:16 rn6.abc.local bash[18369]: zone 255.168.192.in-addr.arpa/IN: loading from master file slaves/abc.hosts.rev failed: file not found Jun 12 16:31:16 rn6.abc.local bash[18369]: zone 255.168.192.in-addr.arpa/IN: not loaded due to errors. Jun 12 16:31:16 rn6.abc.local bash[18369]: _default/255.168.192.in-addr.arpa/IN: file not found Jun 12 16:31:16 rn6.abc.local bash[18369]: zone 0.0.127.in-addr.arpa/IN: loading from master file named.local failed: file not found Jun 12 16:31:16 rn6.abc.local bash[18369]: zone 0.0.127.in-addr.arpa/IN: not loaded due to errors. Jun 12 16:31:16 rn6.abc.local bash[18369]: _default/0.0.127.in-addr.arpa/IN: file not found Jun 12 16:31:16 rn6.abc.local systemd[1]: named.service: Control process exited, code=exited, status=1/FAILURE Jun 12 16:31:16 rn6.abc.local systemd[1]: named.service: Failed with result 'exit-code'. Jun 12 16:31:16 rn6.abc.local systemd[1]: Failed to start Berkeley Internet Name Domain (DNS).



My /etc/named.local

// generated by named-bootconf.pl

options {
        # the following forwarders is Family freindly Open DNS:
        # forwarders { 208.67.222.122; 208.67.220.120; };

        # the following forwarders is for Open DNS
        forwarders { 208.67.222.222; 208.67.220.220; };

        # the following forwarders is for Google's DNS
        #forwarders { 8.8.8.8; 8.8.4.4; };

        directory "/var/named";
        # pid-file "/var/named/chroot/run/named/named.pid";
        # pid-file "/var/named/chroot/run/named/nonamed.pid";
        /*
         * If there is a firewall between you and nameservers you want
         * to talk to, you might need to uncomment the query-source
         * directive below.  Previous versions of BIND always asked
         * questions using port 53, but BIND 8.1 uses an unprivileged
         * port by default.
         */
        // query-source address * port 53;
};


key DHCP_UPDATER {
    algorithm hmac-md5;
    secret cgGq509uDODGTU4J9QZwgQ==;
};

zone "abc.local" {
        type master;
        # file "/var/named/chroot/var/named/slaves/abc.hosts";
        file "slaves/abc.hosts";
        allow-update { key DHCP_UPDATER; };
#       allow-update { 127.0.0.1; };
};

zone "255.168.192.in-addr.arpa" {
        type master;
        # file "/var/named/chroot/var/named/slaves/abc.hosts.rev";
        file "slaves/abc.hosts.rev";
        allow-update { key DHCP_UPDATER; };
#       allow-update { 127.0.0.1; };
};

zone "0.0.127.in-addr.arpa" {
        type master;
        # file "/var/named/chroot/var/named/named.local";
        file "named.local";
};

# logging {
     # channel update_debug {
# file "/var/named/chroot/var/named/slaves/named-update-debug.log";
          # severity  debug 3;
          # print-category yes;
          # print-severity yes;
          # print-time     yes;
      # };
          # channel security_info    {
          # file "slaves/named-auth.info";
          # severity  info;
          # print-category yes;
          # print-severity yes;
          # print-time     yes;
      # };

      # category update { update_debug; };
      # category security { security_info; };
# };


_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to