On Wed, 5 Oct 2011 09:38:01 -0400
Andrey Moshbear wrote:
> No clue, as logging isn't yet enabled. However, chechzone says that
> all is fine.
Well that's your primary error right there. How can you run a daemon
that isn't logging and consider that even halfway proper? Get some real
logs from when bind loads the zone and I'll bet it'll tell you right
away what the problem is
checkzone != a full bind
>
> On 2011-10-05, Alan McKinnon wrote:
> > On Wed, 5 Oct 2011 05:06:27 -0400
> > Andrey Moshbear wrote:
> >
> >> For bind, I have the following as named.conf:
> >>
> >> acl "xfer" { none; };
> >>
> >> acl "trusted" { 127.0.0.0/8; ::1/128; };
> >>
> >> options {
> >> directory "/var/bind";
> >> pid-file "/var/run/named/named.pid";
> >>
> >> listen-on-v6 { none; };
> >> listen-on port 53 { 127.0.0.1; 192.168.1.0/10;
> >> EXTERNAL_IP; }; };
> >>
> >> include "/etc/bind/rndc.key";
> >> controls { inet 127.0.0.1 port 953 allow { 127.0.0.1/32; ::1/128; }
> >> keys { "rndc-key"; }; };
> >>
> >> zone "." in { type hint; file "/var/bind/root.cache"; };
> >>
> >> zone "localhost" IN { type master; file "pri/localhost.zone";
> >> notify no; };
> >>
> >> zone "127.in-addr.arpa" IN { type master; file "pri/127.zone";
> >> notify no; };
> >>
> >> zone "moshbear.net" IN { type master; file
> >> "/var/bind/pri/moshbear.net.zone"; allow-query { any; };
> >> allow-transfer { xfer; }; };
> >> // end of dump
> >>
> >> The zone file does not have any errors.
> >>
> >> Any reasons as to why "dig @127.0.0.1 moshbear.net" returns
> >> SERVFAIL?
> >
> > What result does bind write to log files when it loads that zone?
> >
> > SERVFAIL usually indicates something wrong with the zone and bind
> > refuses to load it.
> >
> >
> >
> >
> >>
> >> --
> >> 001100 Andrey "m05hbear" Vul
> >> 010010
> >> 11 andrey dot vul at gmail
> >> 110011
> >>
> >
> >
> >
> > --
> > Alan McKinnnon
> > alan.mckin...@gmail.com
> >
> >
>
--
Alan McKinnnon
alan.mckin...@gmail.com