• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 993
  • Last Modified:

DNS Bind will not start after a record modification.

Hello experts,
I have a simple one for everyone today that I am hoping is provided a simple answer.

I have a Red Hat box, that is running Webmin for all my DNS Binding. In attempts to update the records correctly yesterday I went into a zone and made changes to me MX records and to my PTR records. I think stopped the BIND server and went to Restart it.

Now every time I push the Start Button it goes through the motions real quick like it is trying to start, but then it just simply comes back to the same page and won't to be started again. I am not overly familar with Linux or Webmin, but I feel like it has to be something I changed for it to not start up now.

I have tried removing all the added records and restarting it, but that didn't have any affect on it either. Since this is my primary DNS server for multiple business sites I find it urgent to get it fixed due to the masses banging on my door :); however, I hope it is not too difficult just difficult for me.

Well that is the short of it, if you have any suggestions at all I would be very grateful!!

Thank you guys!!!

SS
0
sscottincanyon
Asked:
sscottincanyon
  • 6
  • 3
  • 3
  • +2
4 Solutions
 
Chris DentPowerShell DeveloperCommented:

Hi,

Do you have access to the console / command line for that?

If so it would be a really good idea to have a look at the file /var/log/messages. BIND will write errors to there if something is going wrong when it's trying to load the zone.

HTH

Chris
0
 
alextoftCommented:
Try running - named-checkzone your.zone.com /path/to/zone-filename - from a terminal or ssh session which should give you a good idea of what's wrong.

If it isn't going to compromise your companies trade secrets, perhaps paste the zone file and I'm sure we can quickly diagnose the issue.
0
 
sscottincanyonAuthor Commented:
I don't have actual access as of yet to a terminal or ssh session, but here is what shows up in the /var/log/messages:
Each time I click on the start button this is written to the file:
Apr 28 07:34:37 ns1 named[6021]: starting BIND 9.2.1 -u named
Apr 28 07:34:37 ns1 named[6021]: using 2 CPUs
Apr 28 07:34:37 ns1 named[6021]: loading configuration from '/etc/named.conf'
Apr 28 07:34:37 ns1 named[6021]: /etc/named.custom:19: option 'host-statistics' is not implemented
Apr 28 07:34:37 ns1 named[6021]: /etc/named.custom:20: option 'fake-iquery' is obsolete
Apr 28 07:34:37 ns1 named[6021]: /etc/named.conf:127: expected IP address near 'ns2.itassistonline.com'
Apr 28 07:34:37 ns38:51 ns1 named[6201]: loading configuration: unexpected token
Apr 28 07:38:51 ns1 named[6201]: exiting (due to fatal error)
Apr 28 07:38:51 ns1 named: named startup succeeded

I really appreciate the quick response this is my second day on the list, and you guys are awsome!!
Thank you,
SS
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
sscottincanyonAuthor Commented:
I believe these are the zone files you asked about:

Here is the zone I made the change in that caused it not to start:
$ttl 38400
amabud.com.      IN      SOA      ns1.itassistonline.com. cjensen.amabud.com. (
                  1137797552
                  10800
                  3600
                  604800
                  38400 )
amabud.com.      IN      A      216.167.180.210
amabud.com.      IN      NS      ns1.itassistonline.com.
amabud.com.      IN      NS      ns2.itassistonline.com.
amabud.com.      IN      MX      10 mail.amabud.com.
63.97.42.133.itassistonline.com.      IN      PTR      ns2.itassistonline.com
63.97.42.132.itassistonline.com.      IN      PTR      ns1.itassistonline.com.
216.167.180.210.amabud.com.              IN      PTR      mail.amabud.com.

Here is the zone I modeled it after:

$TTL 86400
@      IN      SOA      ns1. root.localhost (
                  45
                  28800
                  7200
                  604800
                  86400 )


      IN      NS      ns1.itassistonline.com.
      IN      NS      ns2.itassistonline.com.
itassistonline.com.      IN      MX      10       mail.itassistonline.com.

managed.itassistonline.com.            IN      A      63.97.42.130
manage.itassistonline.com.            IN      A      63.97.42.130
itassist-primar.itassistonline.com.      IN      A      63.97.42.130
secure.itassistonline.com.            IN      A      63.97.42.130
itassist-backup.itassistonline.com.      IN      A      63.97.42.131
www.itassistonline.com.                  IN      A      63.97.42.131
ns1.itassistonline.com.                  IN      A      63.97.42.132
ns2.itassistonline.com.                  IN      A      63.97.42.133
itassistonline.com.                  IN      A      63.97.42.131
mail.itassistonline.com.            IN      A      63.97.42.134

Again I appreciate the help, and if I am not giving you the right information just let me know.

Thank you,
SS
0
 
m1tk4Commented:
Apr 28 07:34:37 ns1 named[6021]: /etc/named.custom:19: option 'host-statistics' is not implemented
Apr 28 07:34:37 ns1 named[6021]: /etc/named.custom:20: option 'fake-iquery' is obsolete
Apr 28 07:34:37 ns1 named[6021]: /etc/named.conf:127: expected IP address near 'ns2.itassistonline.com'

These are your errors that need to be fixed and they even have the line numbers - 19, 20 in /etc/named.custom and 127 in named.conf.

The first two are probably just warnings, the third one is the one you need to fix.
0
 
m1tk4Commented:
63.97.42.133.itassistonline.com.     IN     PTR     ns2.itassistonline.com
63.97.42.132.itassistonline.com.     IN     PTR     ns1.itassistonline.com.
216.167.180.210.amabud.com.             IN     PTR     mail.amabud.com.

This is incorrect. You probably meant a CNAME, not PTR
0
 
m1tk4Commented:
Also note you are missing . at the end of ns2.itassistonline.com
0
 
alextoftCommented:
Looks like it's the syntax in named.conf which is at fault, you've probably got a brace or semicolon missing. Very easy to screw them up, and I'm sure we've all done it on numerous occasions. Since you've got access to webmin, use the file browser to view /etc/named.conf and paste that (if you're happy to do that).
0
 
alextoftCommented:
Hmm, got a cached page there...

You want to be putting your reverses in a different zone. Get rid of those PTR records and it'll work. Like m1tk4 said, if they're not reverses, change PTR to CNAME.
0
 
sscottincanyonAuthor Commented:
OK EVERYONE!!!! :)

Ok I took the advice of everyone and at the end of my name.conf file I took out the information that didn't need to be there and the server started right up. I tested e-mail going in and out and it worked great. I originally put the PTR records in there because on another list on this site it was said that I need the revers lookups and that would fix why I couldn't e-mail AOL. I have now removed those as well, and will just try and get put on their white list.


I really appreciate all your responses and how quickly you responded!!! Truly awsome!!!

THANK YOU VERY MUCH!!!!

Shon Scott
0
 
wnrossCommented:
They are PTR's, WebMin just messed them up (or else scott really likes ip addresses for names)

Don't change those to CNAME's, stuff will break!!!
But your PTR records are messed up,
1) PTR records are domains in their own right, so declare them under the special TLD of in-addr.arpa
2) IP Addresses are referenced in reverse order
3) None of this broke your DNS, something in named.conf did.

Here's a fixed version of your zone file:
---------- CUT HERE --------------
$ttl 38400
amabud.com.     IN     SOA     ns1.itassistonline.com. cjensen.amabud.com. (
               1137797552
               10800
               3600
               604800
               38400 )
amabud.com.     IN     A     216.167.180.210
amabud.com.     IN     NS     ns1.itassistonline.com.
amabud.com.     IN     NS     ns2.itassistonline.com.
amabud.com.     IN     MX     10 mail.amabud.com.
$ORIGIN 42.97.63.in-addr.arpa.
133     IN     PTR     ns2.itassistonline.com.  <-- note the "."
132     IN     PTR     ns1.itassistonline.com.
$ORIGIN 180.167.216.in-addr.arpa.
210              IN     PTR     mail.amabud.com.
---------- CUT HERE --------------

Now your mistakes are harmless, they would have caused erratic DNS problems, but were still technically legal.
Ex: missing the dot means "append the current origin", so
   ns2.itassistonline.com
is interprested as
  ns2.itassistonline.com.amabud.com.

As for the rest of your setup, most of your messages are warnings, not errors,
the killer is only line 127 in named.conf as m1tk4 indicated

Cheers,
-Bill

0
 
wnrossCommented:
If you need reverse lookups to work, you need to contact your Service provider and ask them to create a Reverse DNS entry for you.  For other people outside your network to know what 216.167.180.210 means, the Service provider does the work.

For reference: http://www.dnsstuff.com/info/revdns.htm

Cheers,
-Bill
0
 
sscottincanyonAuthor Commented:
Bill:
Thank you for giving me the correct file infromation!!! It is still working great, and answering my puzzlement over the reverse lookup information.

Thank you all!!!

Shon
0
 
sscottincanyonAuthor Commented:
This is the first question I asked, and I don't know how to spread the wealth of accepted and assisted. I know that alextoft should be in there with equal credit. I will just have to figure out how to change it, I thought it would do that as I clicked the accepted buttons. My deepest apologies to you all!!!

Thank you,
Shon
0
 
sscottincanyonAuthor Commented:
Again I thank you all for your input, I couldn't have completed it without you.

My thanks to AnnieMod as well for opening up the question again!

Thank you,
Shon
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

  • 6
  • 3
  • 3
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now