Hello,
Attempting to set up a small dns server purely for testing purposes,
using a non-existent domain name.
I have run into problems with my very simple setup, have tried
changing multiple tokens in the config files, no success, but have
found a few items:
- The zone file loads, and BIND starts, if the $ORIGIN line is
commented out of the zone file. Apparently, $ORIGIN is not required,
but why would its presence cause an error?
- dig lookups do not succeed even when $ORIGIN is commented out,
with named running.
There is an error somewhere in the config files, but I cannot locate
it, or I'm doing something fundamentally wrong.
NS and SOA records exist, contrary to bind's output messages.
Any insight or corrections appreciated.
Thanks.
START OF PASTED DATA
START OF PASTED DATA
START OF PASTED DATA
1 Running on CentOS 6.x, with the following packages:
2
3 bind-9.7.3-8.P3.el6_2.2.i686
4 bind-chroot-9.7.3-8.P3.el6_2.2.i686
5 bind-libs-9.7.3-8.P3.el6_2.2.i686
6 bind-utils-9.7.3-8.P3.el6_2.2.i686
7
8
9
10
11
12 Output from dig when looking up a nameserver on the fictitious domain:
13
14 dig @localhost keith1q2w.com ns
15
16 ; DiG 9.5.2-P3 @localhost keith1q2w.com ns
17 ; (2 servers found)
18 ;; global options: printcmd
19 ;; Got answer:
20 ;; -HEADER- opcode: QUERY, status: NXDOMAIN, id: 38557
21 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
22
23 ;; QUESTION SECTION:
24 ;keith1q2w.com. IN NS
25
26 ;; AUTHORITY SECTION:
27 com.900 IN SOA
a.gtld-servers.net. nstld.verisign-grs.com. 1331061717 1800 900 604800
86400
28
29 ;; Query time: 144 msec
30 ;; SERVER: 127.0.0.1#53(127.0.0.1)
31 ;; WHEN: Tue Mar 6 12:22:29 2012
32 ;; MSG SIZE rcvd: 104
33
34
35
36
37 Error messages from BIND when $ORIGIN is un-commented in the zone file:
38
39 Stopping named:[ OK ]
40 Starting named:
41 Error in named configuration:
42 zone localhost/IN: loaded serial 0
43 zone 0.0.127.in-addr.arpa/IN: loaded serial 0
44 zone/zone001:5: ignoring out-of-zone data (keith1q2w.com)
45 zone/zone001:21: ignoring out-of-zone data (nameserver01.keith1q2w.com)
46 zone/zone001:22: ignoring out-of-zone data (mail.keith1q2w.com)
47 zone/zone001:23: ignoring out-of-zone data (mail2.keith1q2w.com)
48 zone/zone001:24: ignoring out-of-zone data (mail3.keith1q2w.com)
49 zone zone001/IN: has 0 SOA records
50 zone zone001/IN: has no NS records
51 zone zone001/IN: not loaded due to errors.
52 _default/zone001/IN: bad zone
53 [FAILED]
54 rndc: connect failed: 127.0.0.1#953: connection refused
55 named is stopped
56
57
58
59
60 Contents of /etc/named.conf:
61
62
63 options {
64 directory /etc/named;
65 pid-file/var/run/named.pid;
66 statistics-file /var/run/named.stats;
67 # hide our real version number
68 version [secured];
69 dump-file /var/run/named.db;
70
71
72 /*
73* If there is a firewall between you and nameservers you want
74* to talk to, you might need to uncomment the query-source
75* directive below. Previous versions of BIND always asked
76* questions using port 53, but BIND 8.1 uses an unprivileged
77* port by default.
78*/
79
80 // query-source address * port 53;
81 allow-recursion { any; };
82 allow-query { any; };
83 //allow-query-cache { any; };
84 //also-notify { www.xxx.yyy.zzz ; www.xxx.yyy.zzz ;
www.xxx.yyy.z
85 };
86
87
88 logging {
89 channel querylog {
90 file /var/run/named-query.log versions 5 size 10M;
91 print-severity yes;
92 print-time yes;
93 };
94 category queries { querylog; };
95 };
96
97
98 //
99 // a caching only nameserver config
100 //
101 #Use with the following in named.conf, adjusting the allow
list as needed
102 #
103