Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

need help with bind

Posted on 2010-11-07
4
Medium Priority
?
741 Views
Last Modified: 2012-05-10
I need help configuring bind (CentOS 5.5).  This is the first time I'm trying to use this.  I want to use as a slave to pull from my Windows server.

I tried just installing bind and bind-libs but the service failed to start.  I was reading that I needed to install caching-nameserver to make it work out of the box, but I'm not configuring this as a caching server.  Am I correct that it would work if I just created /etc/named.conf?

I was looking at the documentation on the zytrax site and it gave a sample configuration.  I copied and pasted it, changed the server and domain to use for mine, and when I tried to start named I'm getting this:

Error in named configuration:
/etc/named.conf:14: missing ';' before '}'
/etc/named.conf:16: missing ';' before '}'

Is there a better way to do this?  Do I need other packages? (I've seen other things related to bind-chroot)

Here is what I'm using for /etc/named.conf:
// SLAVE & CACHING NAME SERVER for EXAMPLE, INC.
// maintained by: me myself alone
// CHANGELOG:
// 1. 9 july 2003 - did something
// 2. 16 july 2003 - did something else
// 3. 23 july 2003 - did something more
//
options {
  directory "/var/named";
  // version statement - inhibited for security
  // (avoids hacking any known weaknesses)
  version "not currently available";
  // allows notifies only from master
  allow-notify {192.168.1.161};
  // disables all zone transfer requests
  allow-transfer{"none"};
  // Closed DNS - permits only local IPs to issue recursive queries
  // remove if an Open DNS required to support all users
  // or add additional ranges
  allow-recursion {192.168.3.0/24;};
};
//
// log to /var/log//named/example.log all events
// from info UP in severity (no debug)
// defaults to use 3 files in rotation
// BIND 8.x logging MUST COME FIRST in this file
// BIND 9.x parses the whole file before using the log
// failure messages up to this point are in (syslog)
// typically /var/log/messages
//
  logging{
  channel example_log{
  file "/var/log/named/named.log" versions 3 size 2m;
  severity info;
  print-severity yes;
  print-time yes;
  print-category yes;
 };
 category default{
  example_log;
 };
};
// required zone for recursive queries
zone "." {
  type hint;
  file "root.servers";
};
// see notes below
zone "myhouse.local" in{
  type slave;
  file "slave/slave.myhouse.local";
  masters {192.168.1.161;};
};
// required local host domain
zone "localhost" in{
  type master;
  file "pri.localhost";
  allow-update{none;};
};
// localhost reverse map
zone "0.0.127.in-addr.arpa" in{
  type master;
  file "localhost.rev";
  allow-update{none;};
};
// reverse map for class C 192.168.1.0 (see notes)
zone "1.168.192.IN-ADDR.ARPA" IN {
  type slave;
  file "sec.192.168.1.rev";
  masters {192.168.1.161;};
};

Open in new window

0
Comment
Question by:Seth Simmons
  • 2
  • 2
4 Comments
 
LVL 2

Accepted Solution

by:
nimda7 earned 2000 total points
ID: 34081465
Firstly, You must  change error lines like this
14: allow-notify {192.168.1.161;};
16: allow-transfer{"none";};
But! About line #16 - may be You actually need get zone from primary DNS? Then line #16 must looks like this allow-transfer{192.168.1.161;}; That's IP - your primary DNS, I wonder.

Secondly -
line 20: allow-recursion {192.168.3.0/24;};
 Are you really use this network? May be correct value is 192.168.1.0/24 ?
0
 
LVL 2

Expert Comment

by:nimda7
ID: 34081494
0
 
LVL 36

Author Comment

by:Seth Simmons
ID: 34084858
ok...14 and 16 were obvious syntax errors.  20 was not touched from the sample; changed to correct network.

when starting the service i got file not found for the zones.  touched both files in /var/named and got passed that.

now the problem is pulling data.  on my windows server, i see an entry in the even log stating that it successfully transferred the zone to the server i just built.  problem is, the files under /var/named are all 0 bytes.  would i expect to see data in there?

0
 
LVL 36

Author Comment

by:Seth Simmons
ID: 34089467
i figured out why it wasn't writing.  seems the server has 2 ports and only was configured to receive from one.  even though windows said it transferred the zone, /var/log/named was showing REFUSED.  added that other ip address and it worked.  did an nslookup to that server and it's resolving.  also tweaked the conf file a bit more and it seems to be doing what i wanted.
0

Featured Post

Free recovery tool for Microsoft Active Directory

Veeam Explorer for Microsoft Active Directory provides fast and reliable object-level recovery for Active Directory from a single-pass, agentless backup or storage snapshot — without the need to restore an entire virtual machine or use third-party tools.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
I have written articles previously comparing SARDU and YUMI.  I also included a couple of lines about Easy2boot (easy2boot.com).  I have now been using, and enjoying easy2boot as my sole multiboot utility for some years and realize that it deserves …
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses
Course of the Month14 days, 23 hours left to enroll

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question