?
Solved

root.hints update - connection refused

Posted on 2011-02-21
4
Medium Priority
?
1,105 Views
Last Modified: 2012-06-27
Am setting up a DNS bind9.3 on rhel.  Am using webmin for convenience to setup.  
When adding in a new root zone, am of course asked for location of root.hints for each view.  Cannot get the new zone to add sucessfully as the error is returned "Failed to connect to 192.112.0.64; connection refused".  

Initially thought is was firewall (setting up new one as well) and ensured that ports 21 and 53 open (stateful).  Observed that port 21 was being called for ftp download of root.hints file.  Monitored connection in progress and ftp is sucessfull.  

Other possiblity is location of root.hints. m placing in "/var/named/chroot/etc/data/root.hints". Possibly cannot create file if wrong directory.  

So cannot get root zone created or root.hints downloaded.  Any ideas?
0
Comment
Question by:ascray
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 27

Expert Comment

by:Nopius
ID: 34951861
You are using an obsolete version of root.hints.

Create a new one with this command and restart named.


cat > root.hints << "EOF"
.                       6D  IN      NS      A.ROOT-SERVERS.NET.
.                       6D  IN      NS      B.ROOT-SERVERS.NET.
.                       6D  IN      NS      C.ROOT-SERVERS.NET.
.                       6D  IN      NS      D.ROOT-SERVERS.NET.
.                       6D  IN      NS      E.ROOT-SERVERS.NET.
.                       6D  IN      NS      F.ROOT-SERVERS.NET.
.                       6D  IN      NS      G.ROOT-SERVERS.NET.
.                       6D  IN      NS      H.ROOT-SERVERS.NET.
.                       6D  IN      NS      I.ROOT-SERVERS.NET.
.                       6D  IN      NS      J.ROOT-SERVERS.NET.
.                       6D  IN      NS      K.ROOT-SERVERS.NET.
.                       6D  IN      NS      L.ROOT-SERVERS.NET.
.                       6D  IN      NS      M.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET.     6D  IN      A       198.41.0.4
B.ROOT-SERVERS.NET.     6D  IN      A       192.228.79.201
C.ROOT-SERVERS.NET.     6D  IN      A       192.33.4.12
D.ROOT-SERVERS.NET.     6D  IN      A       128.8.10.90
E.ROOT-SERVERS.NET.     6D  IN      A       192.203.230.10
F.ROOT-SERVERS.NET.     6D  IN      A       192.5.5.241
G.ROOT-SERVERS.NET.     6D  IN      A       192.112.36.4
H.ROOT-SERVERS.NET.     6D  IN      A       128.63.2.53
I.ROOT-SERVERS.NET.     6D  IN      A       192.36.148.17
J.ROOT-SERVERS.NET.     6D  IN      A       192.58.128.30
K.ROOT-SERVERS.NET.     6D  IN      A       193.0.14.129
L.ROOT-SERVERS.NET.     6D  IN      A       199.7.83.42
M.ROOT-SERVERS.NET.     6D  IN      A       202.12.27.33
EOF

Open in new window

0
 
LVL 27

Expert Comment

by:Nopius
ID: 34951894
most probably it is in your /etc/ dir...
0
 
LVL 29

Accepted Solution

by:
Jan Springer earned 2000 total points
ID: 34952493
On RHEL, if you are chrooted, your root hints file most likely is:

    /var/named/chroot/var/named/named.ca

To get an updated hints file:

   http://www.internic.net/zones/named.root

To specify that file in your views:

  1) in named.conf, within the "options" section

        directory "/var/named";

   2) in named.conf within each view

        zone "." in {
                type hint;
                file "named.ca";
        };

The firewall needs to allow both TCP and UDP if you are configuring zones for which that server will be authoritative.

Your named.conf needs to allow querying for authorized IPs that may use that DNS server for recursion.

If you are running named with the user named, you need to check the permissions on the chrooted files and directories that 'named' user can ready, and if necessary, write zone data and read configuration files.
0
 

Author Closing Comment

by:ascray
ID: 34957605
Complete and concise - many thanks.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I will assume you are running a non-server version of some sort of Windows throughout this article. There are many flavors of Windows since Windows Server 2000 - 2008, XP Home & Pro, Vista Home & Pro, and Windows 7 Starter, Home, Pro, Ultimate, etc.…
I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question