ispCP - Board - Support
Bind - Printable Version

+- ispCP - Board - Support (http://www.isp-control.net/forum)
+-- Forum: ispCP Omega Support Area (/forum-30.html)
+--- Forum: Usage (/forum-34.html)
+--- Thread: Bind (/thread-3637.html)

Pages: 1 2


Bind - TXC - 06-29-2008 11:24 AM

When i adding a host in ispCP my bind server fails to restart.

My /etc/bind/named.conf gets screwed up.

Code:
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local

include "/etc/bind/named.conf.options";

// prime the server with knowledge of the root servers
zone "." {
        type hint;
        file "/etc/bind/db.root";
};

// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912

zone "localhost" {
        type master;
        file "/etc/bind/db.local";
};

zone "127.in-addr.arpa" {
        type master;
        file "/etc/bind/db.127";
};

zone "0.in-addr.arpa" {
        type master;
        file "/etc/bind/db.0";
};

zone "255.in-addr.arpa" {
        type master;
        file "/etc/bind/db.255";
};

// zone "com" { type delegation-only; };
// zone "net" { type delegation-only; };

key "TRANSFER" {
        algorithm hmac-md5;
        secret "##########";
};

server xxx.xxx.xxx.xxx {
        keys {
        TRANSFER;
    };
};

// From the release notes:
//  Because many of our users are uncomfortable receiving undelegated answers
//  from root or top level domains, other than a few for whom that behaviour
//  has been trusted and expected for quite some length of time, we have now
//  introduced the "root-delegations-only" feature which applies delegation-only
//  logic to all top level domains, and to the root domain.  An exception list
//  should be specified, including "MUSEUM" and "DE", and any other top level
//  domains from whom undelegated responses are expected and trusted.
// root-delegation-only exclude { "DE"; "MUSEUM"; };

include "/etc/bind/named.conf.local";
include "/etc/bind/rndc.key";

// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local

include "/etc/bind/named.conf.options";

// prime the server with knowledge of the root servers
zone "." {
        type hint;
        file "/etc/bind/db.root";
};

// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912

zone "localhost" {
        type master;
        file "/etc/bind/db.local";
};

zone "127.in-addr.arpa" {
        type master;
        file "/etc/bind/db.127";
};

zone "0.in-addr.arpa" {
        type master;
        file "/etc/bind/db.0";
};

zone "255.in-addr.arpa" {
        type master;
        file "/etc/bind/db.255";
};

// zone "com" { type delegation-only; };
// zone "net" { type delegation-only; };

key "TRANSFER" {
        algorithm hmac-md5;
        secret "##########";
};

server xxx.xxx.xxx.xxx {
        keys {
        TRANSFER;
    };
};

// From the release notes:
//  Because many of our users are uncomfortable receiving undelegated answers
//  from root or top level domains, other than a few for whom that behaviour
//  has been trusted and expected for quite some length of time, we have now
//  introduced the "root-delegations-only" feature which applies delegation-only
//  logic to all top level domains, and to the root domain.  An exception list
//  should be specified, including "MUSEUM" and "DE", and any other top level
//  domains from whom undelegated responses are expected and trusted.
// root-delegation-only exclude { "DE"; "MUSEUM"; };

include "/etc/bind/named.conf.local";
include "/etc/bind/rndc.key";

// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local

include "/etc/bind/named.conf.options";

// prime the server with knowledge of the root servers
zone "." {
        type hint;
        file "/etc/bind/db.root";
};

// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912

zone "localhost" {
        type master;
        file "/etc/bind/db.local";
};

zone "127.in-addr.arpa" {
        type master;
        file "/etc/bind/db.127";
};

zone "0.in-addr.arpa" {
        type master;
        file "/etc/bind/db.0";
};

zone "255.in-addr.arpa" {
        type master;
        file "/etc/bind/db.255";
};

// zone "com" { type delegation-only; };
// zone "net" { type delegation-only; };

key "TRANSFER" {
        algorithm hmac-md5;
        secret "##########";
};

server xxx.xxx.xxx.xxx {
        keys {
        TRANSFER;
    };
};

// From the release notes:
//  Because many of our users are uncomfortable receiving undelegated answers
//  from root or top level domains, other than a few for whom that behaviour
//  has been trusted and expected for quite some length of time, we have now
//  introduced the "root-delegations-only" feature which applies delegation-only
//  logic to all top level domains, and to the root domain.  An exception list
//  should be specified, including "MUSEUM" and "DE", and any other top level
//  domains from whom undelegated responses are expected and trusted.
// root-delegation-only exclude { "DE"; "MUSEUM"; };

include "/etc/bind/named.conf.local";
include "/etc/bind/rndc.key";

// bind Data BEGIN.

// dmn [txc.se] cfg entry BEGIN.
zone "txc.se" {
        type    master;
        file    "/etc/bind/master/txc.se.db";
        notify  YES;
};
// dmn [txc.se] cfg entry END.

##### Additional hosts ######

// dmn [{DMN_NAME}] cfg entry BEGIN.
// dmn [{DMN_NAME}] cfg entry END.

// bind Data END.
// bind Data BEGIN.

// dmn [{DMN_NAME}] cfg entry BEGIN.
// dmn [{DMN_NAME}] cfg entry END.

// bind Data END.

is what is wrong with named.conf ?
I'm pretty tired of having to manually editing named.conf right now.
Is there any way to reset the file and rebuild it correctly[/code]?


RE: Bind - sci2tech - 07-01-2008 01:44 AM

What are the permissions? (should be 0644 and owner root/root).
Same for /etc/ispcp/bind/working/named.conf (btw this is file that is modified and then copied over /etc/bind/named.conf. So if this is wrong, with every new domain corrected file will be replaced with the wrong one).
In /etc/ispcp/ispcp.conf BIND_CONF_FILE variable should be set to /etc/bind/named.conf. So far this come in my mind.


RE: Bind - TXC - 07-01-2008 01:57 AM

sci2tech Wrote:What are the permissions? (should be 0644 and owner root/root).
Same for /etc/ispcp/bind/working/named.conf (btw this is file that is modified and then copied over /etc/bind/named.conf. So if this is wrong, with every new domain corrected file will be replaced with the wrong one).
In /etc/ispcp/ispcp.conf BIND_CONF_FILE variable should be set to /etc/bind/named.conf. So far this come in my mind.

The file permissions is 644 for both, and the BIND_CONF_FILE is /etc/bind/named.conf

It started screwing up after i added
Code:
key "TRANSFER" {
        algorithm hmac-md5;
        secret "##########";
};

server xxx.xxx.xxx.xxx {
        keys {
        TRANSFER;
    };
};

The file (/etc/ispcp/bind/working/named.conf) is identical to /etc/bind/named.conf.

[/code]Is it possible to force a complete rebuild of named.conf from ispCP?


RE: Bind - sci2tech - 07-01-2008 02:04 AM

TXC Wrote:// bind Data BEGIN.

// dmn [txc.se] cfg entry BEGIN.
zone "txc.se" {
type master;
file "/etc/bind/master/txc.se.db";
notify YES;
};
// dmn [txc.se] cfg entry END.

##### Additional hosts ######

// dmn [{DMN_NAME}] cfg entry BEGIN.
// dmn [{DMN_NAME}] cfg entry END.

// bind Data END.
// bind Data BEGIN.

// dmn [{DMN_NAME}] cfg entry BEGIN.
// dmn [{DMN_NAME}] cfg entry END.

// bind Data END.
[/code]

supose to look like
Code:
// bind Data BEGIN.

// dmn [txc.se] cfg entry BEGIN.
zone "txc.se" {
        type    master;
        file    "/etc/bind/master/txc.se.db";
        notify  YES;
};
// dmn [txc.se] cfg entry END.

// dmn [{DMN_NAME}] cfg entry BEGIN.
// dmn [{DMN_NAME}] cfg entry END.

// bind Data END.
this MUST be the problem[/code]


RE: Bind - TXC - 07-01-2008 06:09 AM

I have updated named.conf. Lets hope this solves the problem.


RE: Bind - TXC - 07-01-2008 02:47 PM

it didn't solve the problem. when i add a domain, the named.conf screws up. The text above ispCP's "// bind Data BEGIN." duplicates.


RE: Bind - sci2tech - 07-01-2008 07:03 PM

Did you modify both /etc/ispcp/bind/working/named.conf (this is THE ONE that MUST be modify) and /etc/bind/named.conf?


RE: Bind - TXC - 07-01-2008 09:53 PM

edited /etc/bind/named.conf and then i copied the file to /etc/ispcp/bind/working


RE: Bind - sci2tech - 07-01-2008 09:57 PM

And it`s still happend? Really strange. Did you modify in some way any of the file in /etc/ispcp/bind/parts or /etc/ispcp/bind/named.conf?


RE: Bind - TXC - 07-01-2008 10:01 PM

Haven't modified any of those files.