Re: named-checkconf error
On 12/8/2008 11:00 AM, Chris Thompson wrote: In message 493b2b5d.40...@shockley.net, Steve Shockley wrote: I'm running BIND 9.4.2 on OpenBSD 4.3. I'm getting some errors with named-checkconf I don't really understand. I'm running: named-checkzone -t /var/named capmarksecurities.com /master/db.capmarksecurities.com and I get: zone capmarksecurities.com/IN: getaddrinfo(quarantine1.capmark.com) failed: non-recoverable failure in name resolution [etc.] This appears to happen with all zones with MX records that are in a different zone. The zone loads and seems to work as expected. What's going wrong? Something is wrong with the configuration of the host on which you ran named-checkzone. Either its resolver configuration is screwed, or getaddrinfo() isn't getting as far as using the resolver. Can you do host address lookups at all there? You can suppress the check by using -i local on named-checkzone (see the man page). But it would be better to fix the configuration problem, of course. For the archives, this error turned out to be because BIND is chrooted, and there was no hosts or resolv.conf in /var/named/etc. I copied those two files from /etc to /var/named/etc and the output came up with no errors. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: named-checkconf error
On Dec 7 2008, Mark Andrews wrote: named-checkzone calls getaddrinfo() to lookup addresses of servers which are not in the zone. That lookup has failed. For a start I would fix this delegation error. The NS RRset on both sides of the delegation should be the same. capmark.com.172800 IN NS ns1.gmaccm.com. capmark.com.172800 IN NS ns2.gmaccm.com. ;; Received 116 bytes from 192.42.93.30#53(G.GTLD-SERVERS.NET) in 175 ms quarantine1.capmark.com. 7200 IN A 216.83.188.21 capmark.com.86400 IN NS ns1.capmark.com. capmark.com.86400 IN NS ns2.capmark.com. ;; Received 125 bytes from 216.83.188.8#53(ns1.gmaccm.com) in 227 ms It seems rather unlikely that this has anything to do with the OP's problem, as the IP addresses of ns{1,2}.gmaccm.com and ns{1,2}.capmark.com are the same, i.e. 216.83.188.{8,9}, in the glue as well as in the zones. But technically, of course, Mark is right: you ought to fix this (for gmaccm.com as well as for capmark.com). In message [EMAIL PROTECTED], Steve Shockley wrote: I'm running BIND 9.4.2 on OpenBSD 4.3. I'm getting some errors with named-checkconf I don't really understand. I'm running: named-checkzone -t /var/named capmarksecurities.com /master/db.capmarksecurities.com and I get: zone capmarksecurities.com/IN: getaddrinfo(quarantine1.capmark.com) failed: non-recoverable failure in name resolution [etc.] This appears to happen with all zones with MX records that are in a different zone. The zone loads and seems to work as expected. What's going wrong? Something is wrong with the configuration of the host on which you ran named-checkzone. Either its resolver configuration is screwed, or getaddrinfo() isn't getting as far as using the resolver. Can you do host address lookups at all there? You can suppress the check by using -i local on named-checkzone (see the man page). But it would be better to fix the configuration problem, of course. -- Chris Thompson Email: [EMAIL PROTECTED] ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: named-checkconf error
named-checkzone calls getaddrinfo() to lookup addresses of servers which are not in the zone. That lookup has failed. For a start I would fix this delegation error. The NS RRset on both sides of the delegation should be the same. capmark.com.172800 IN NS ns1.gmaccm.com. capmark.com.172800 IN NS ns2.gmaccm.com. ;; Received 116 bytes from 192.42.93.30#53(G.GTLD-SERVERS.NET) in 175 ms quarantine1.capmark.com. 7200 IN A 216.83.188.21 capmark.com.86400 IN NS ns1.capmark.com. capmark.com.86400 IN NS ns2.capmark.com. ;; Received 125 bytes from 216.83.188.8#53(ns1.gmaccm.com) in 227 ms There may be other problems which may only be visible from where you are performing the lookup. Mark In message [EMAIL PROTECTED], Steve Shockley writes: I'm running BIND 9.4.2 on OpenBSD 4.3. I'm getting some errors with named-checkconf I don't really understand. I'm running: named-checkzone -t /var/named capmarksecurities.com /master/db.capmarksecurities.com and I get: zone capmarksecurities.com/IN: getaddrinfo(quarantine1.capmark.com) failed: non-recoverable failure in name resolution zone capmarksecurities.com/IN: getaddrinfo(quarantine2.capmark.com) failed: non-recoverable failure in name resolution zone capmarksecurities.com/IN: getaddrinfo(mailhost3.capmark.com) failed: non-recoverable failure in name resolution zone capmarksecurities.com/IN: getaddrinfo(mxo1.capmark.com) failed: non-recoverable failure in name resolution zone capmarksecurities.com/IN: getaddrinfo(mxo2.capmark.com) failed: non-recoverable failure in name resolution zone capmarksecurities.com/IN: loaded serial 235310359 OK The zone file: $ORIGIN . $TTL 86400 ; 1 day capmarksecurities.com IN SOA ns1.capmark.com. dnsadmin.capmark.com. ( 235310359 ; serial 10800 ; refresh (3 hours) 3600 ; retry (1 hour) 604800 ; expire (1 week) 86400 ; minimum (1 day) ) $TTL 300; 5 minutes NS ns1.capmark.com. NS ns2.capmark.com. $TTL 900; 15 minutes MX 10 quarantine1.capmark.com. MX 10 quarantine2.capmark.com. MX 20 mailhost3.capmark.com. MX 200 mxo1.capmark.com. MX 200 mxo2.capmark.com. $ORIGIN capmarksecurities.com. $TTL 7200 ; 2 hours defeasance CNAME idealweb.capmark.com. investorguide A 70.60.19.129 $TTL 86400 ; 1 day www CNAME www.capmark.com. This appears to happen with all zones with MX records that are in a different zone. The zone loads and seems to work as expected. What's going wrong? ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [EMAIL PROTECTED] ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users