root.hints update - connection refused

Am setting up a DNS bind9.3 on rhel.  Am using webmin for convenience to setup.  
When adding in a new root zone, am of course asked for location of root.hints for each view.  Cannot get the new zone to add sucessfully as the error is returned "Failed to connect to 192.112.0.64; connection refused".  

Initially thought is was firewall (setting up new one as well) and ensured that ports 21 and 53 open (stateful).  Observed that port 21 was being called for ftp download of root.hints file.  Monitored connection in progress and ftp is sucessfull.  

Other possiblity is location of root.hints. m placing in "/var/named/chroot/etc/data/root.hints". Possibly cannot create file if wrong directory.  

So cannot get root zone created or root.hints downloaded.  Any ideas?
ascrayAsked:
Who is Participating?
 
Jan SpringerConnect With a Mentor Commented:
On RHEL, if you are chrooted, your root hints file most likely is:

    /var/named/chroot/var/named/named.ca

To get an updated hints file:

   http://www.internic.net/zones/named.root

To specify that file in your views:

  1) in named.conf, within the "options" section

        directory "/var/named";

   2) in named.conf within each view

        zone "." in {
                type hint;
                file "named.ca";
        };

The firewall needs to allow both TCP and UDP if you are configuring zones for which that server will be authoritative.

Your named.conf needs to allow querying for authorized IPs that may use that DNS server for recursion.

If you are running named with the user named, you need to check the permissions on the chrooted files and directories that 'named' user can ready, and if necessary, write zone data and read configuration files.
0
 
NopiusCommented:
You are using an obsolete version of root.hints.

Create a new one with this command and restart named.


cat > root.hints << "EOF"
.                       6D  IN      NS      A.ROOT-SERVERS.NET.
.                       6D  IN      NS      B.ROOT-SERVERS.NET.
.                       6D  IN      NS      C.ROOT-SERVERS.NET.
.                       6D  IN      NS      D.ROOT-SERVERS.NET.
.                       6D  IN      NS      E.ROOT-SERVERS.NET.
.                       6D  IN      NS      F.ROOT-SERVERS.NET.
.                       6D  IN      NS      G.ROOT-SERVERS.NET.
.                       6D  IN      NS      H.ROOT-SERVERS.NET.
.                       6D  IN      NS      I.ROOT-SERVERS.NET.
.                       6D  IN      NS      J.ROOT-SERVERS.NET.
.                       6D  IN      NS      K.ROOT-SERVERS.NET.
.                       6D  IN      NS      L.ROOT-SERVERS.NET.
.                       6D  IN      NS      M.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET.     6D  IN      A       198.41.0.4
B.ROOT-SERVERS.NET.     6D  IN      A       192.228.79.201
C.ROOT-SERVERS.NET.     6D  IN      A       192.33.4.12
D.ROOT-SERVERS.NET.     6D  IN      A       128.8.10.90
E.ROOT-SERVERS.NET.     6D  IN      A       192.203.230.10
F.ROOT-SERVERS.NET.     6D  IN      A       192.5.5.241
G.ROOT-SERVERS.NET.     6D  IN      A       192.112.36.4
H.ROOT-SERVERS.NET.     6D  IN      A       128.63.2.53
I.ROOT-SERVERS.NET.     6D  IN      A       192.36.148.17
J.ROOT-SERVERS.NET.     6D  IN      A       192.58.128.30
K.ROOT-SERVERS.NET.     6D  IN      A       193.0.14.129
L.ROOT-SERVERS.NET.     6D  IN      A       199.7.83.42
M.ROOT-SERVERS.NET.     6D  IN      A       202.12.27.33
EOF

Open in new window

0
 
NopiusCommented:
most probably it is in your /etc/ dir...
0
 
ascrayAuthor Commented:
Complete and concise - many thanks.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.