+- ispCP - Board - Support (http://www.isp-control.net/forum)
+-- Forum: ispCP Omega Support Area (/forum-30.html)
+--- Forum: Usage (/forum-34.html)
+--- Thread: DNS problem (/thread-5654.html)
DNS problem - tsyoker - 02-08-2009 06:27 PM
Well all works is fine but yestorday i wanted setup DNS server names, so i follow acrticle from http://www.isp-control.net/documentation/frequently_asked_questions/how_do_i_configure_my_other_nameserver
This is my config now:
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
options {
directory "/var/cache/bind";
forwarders {
[DNS.FROM.ISP];};
auth-nxdomain no;
dnssec-enable yes;
};
key "TRANSFER" {
algorithm hmac-md5;
secret "[HASHKEY]";
};
server [YOUR.NS2.IP] {
keys {
TRANSFER;
};
};
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
// zone "com" { type delegation-only; };
// zone "net" { type delegation-only; };
// From the release notes:
// Because many of our users are uncomfortable receiving undelegated answers
// from root or top level domains, other than a few for whom that behaviour
// has been trusted and expected for quite some length of time, we have now
// introduced the "root-delegations-only" feature which applies delegation-only
// logic to all top level domains, and to the root domain. An exception list
// should be specified, including "MUSEUM" and "DE", and any other top level
// domains from whom undelegated responses are expected and trusted.
// root-delegation-only exclude { "DE"; "MUSEUM"; };
include "/etc/bind/named.conf.local";
// bind Data BEGIN.
// dmn [admin.lol.ru] cfg entry BEGIN.
zone "admin.lol.ru" {
type master;
file "/var/cache/bind/admin.lol.ru.db";
notify YES;
};
// dmn [admin.lol.ru] cfg entry END.
// dmn [faster-host.ru] cfg entry BEGIN.
zone "faster-host.ru" {
type master;
file "/var/cache/bind/faster-host.ru.db";
notify YES;
};
// dmn [faster-host.ru] cfg entry END.
// dmn [01.et] cfg entry BEGIN.
zone "01.et" {
type master;
file "/var/cache/bind/01.et.db";
notify YES;
};
// dmn [01.et] cfg entry END.
// dmn [srv.tf] cfg entry BEGIN.
zone "srv.tf" {
type master;
file "/var/cache/bind/srv.tf.db";
notify YES;
};
// dmn [srv.tf] cfg entry END.
// dmn [01.cs] cfg entry BEGIN.
zone "01.cs" {
type master;
file "/var/cache/bind/01.cs.db";
notify YES;
};
// dmn [01.cs] cfg entry END.
// dmn [{DMN_NAME}] cfg entry BEGIN.
// dmn [{DMN_NAME}] cfg entry END.
// bind Data END.
Im enter the command:
Debian-40-etch-32-minimal:~# dnssec-keygen -a hmac-md5 -b 512 -n host [YOUR.NS1.FQDN]
K%5Byour.ns1.fqdn%5D.+157+08377
Next:
Debian-40-etch-32-minimal:~# /etc/init.d/bind9 restart
Stopping domain name service...: bindrndc: connect failed: 127.0.0.1#953: connection refused
failed!
Starting domain name service...: bind failed!
SYSLOG file:
Feb 8 09:05:33 Debian-40-etch-32-minimal named[19754]: starting BIND 9.3.4-P1.1 -u bind
Feb 8 09:05:33 Debian-40-etch-32-minimal named[19754]: found 2 CPUs, using 2 worker threads
Feb 8 09:05:33 Debian-40-etch-32-minimal named[19754]: loading configuration from '/etc/bind/named.conf'
Feb 8 09:05:33 Debian-40-etch-32-minimal named[19754]: /etc/bind/named.conf:12: expected IP address near '[DNS.FROM.ISP]'
Feb 8 09:05:33 Debian-40-etch-32-minimal named[19754]: loading configuration: unexpected token
Feb 8 09:05:33 Debian-40-etch-32-minimal named[19754]: exiting (due to fatal error)
What is wrong?
Thank you
Tony Malko
RE: DNS problem - ephigenie - 02-08-2009 08:19 PM
IS DNS_FROM_ISP a IP adress or a name in your config ?
Should be an ip....
RE: DNS problem - tsyoker - 02-08-2009 08:27 PM
options {
directory "/var/cache/bind";
forwarders {
[78.46.106.99];};
auth-nxdomain no;
dnssec-enable yes;
};
key "TRANSFER" {
algorithm hmac-md5;
secret "[HASHKEY]";
};
server [YOUR.NS2.IP] {
keys {
TRANSFER;
};
};
this is right? same error.
Feb 8 11:26:33 Debian-40-etch-32-minimal named[23091]: starting BIND 9.3.4-P1.1 -u bind
Feb 8 11:26:33 Debian-40-etch-32-minimal named[23091]: found 2 CPUs, using 2 worker threads
Feb 8 11:26:33 Debian-40-etch-32-minimal named[23091]: loading configuration from '/etc/bind/named.conf'
Feb 8 11:26:33 Debian-40-etch-32-minimal named[23091]: /etc/bind/named.conf:12: expected IP address near '[78.46.106.99]'
Feb 8 11:26:33 Debian-40-etch-32-minimal named[23091]: loading configuration: unexpected token
Feb 8 11:26:33 Debian-40-etch-32-minimal named[23091]: exiting (due to fatal error)
RE: DNS problem - pgentoo - 02-11-2009 04:57 AM
I don't think there are supposed to be []'s around the IP addresses. Try removing those.
Bind website/documentation is a valuable resource if you are doing customizations to your config, please take a look at this when diagnosing future issues.
-
pGentoo