Named errors - running BIND in sandbox

[Ceri Davies]

On Sat, Nov 29, 2003 at 04:18:13PM +0000, Stacey Roberts wrote:
> Hello,
> I know that I've asked this in the past, but after a
> fresh reinstall of the machine on my local network that provided
> (amongst other services) DNS to all other machines (FreeBSD, Solaris,
> WIn2K & WinXP Pro), I find that I am not having much success setting up
> BIND in a sandbox.
>
> The box is running FreeBSD-4.9Stable (after initially installing
> 4.8-Rel) after cvsup of sources.
>
> Basically, the errors I get on start up is here:

> /etc/namedb/etc # tail /var/log/messages
> Nov 29 15:42:39 Demon named[226]: 'masters' statement present for master zone 'vickiandstacey.com'
> Nov 29 15:42:39 Demon named[226]: zone 'vickiandstacey.com' did not validate, skipping

> zone "vickiandstacey.com" {
>         type master;
>         file "master/vickiandstacey.com.db";
>         allow-transfer { 192.168.1.0/24; };
>         masters {
>                 192.168.1.8;
>         };
> };

You have declared the zone as type master, but also included a masters
statement.  If this machine is the master, then remove the masters
statement, otherwise, declare it as type slave.

> Nov 29 15:42:39 Demon named[226]: bind(dfd=20, [192.168.1.8].53): Address already in use
> Nov 29 15:42:39 Demon named[226]: deleting interface [192.168.1.8].53
> Nov 29 15:42:39 Demon named[226]: bind(dfd=20, [127.0.0.1].53): Address already in use
> Nov 29 15:42:39 Demon named[226]: deleting interface [127.0.0.1].53

named was already running when you tried starting it this time.

> Nov 29 15:42:39 Demon named[234]: can't exec /bin/named-xfer: No such file or directory

You didn't show the contents of the bin directory below, but I assume
it's empty; copy /usr/libexec/named-xfer in there (make sure it's
statically linked, which is the default in 4.9-RELEASE).

> Nov 29 15:43:47 Demon named-xfer[240]: [192.168.1.8] not authoritative for 1.168.192.in-addr.arpa, SOA query got rcode 0, aa 0, ancount 0, aucount 13

Now, I'm taking a big guess here.
You didn't have 1.168.192.in-addr.arpa in the named.conf before you
started named this time, but now you do.  Since you declared it as a
slave zone (which looks to be incorrect), named tried to transfer it
from itself, which it couldn't do as it wasn't loaded before.

> What I had prior to installing, I would get "Demon.vickiandstacey.com"
> returned as the Default Server, not localhost as above.

It is now listed second in your resolv.conf.

> Secondly, the address 82.68.31.177 is the real IP address of Demon (I
> have a block of 8) that is translated to 192.168.1.8, the internal IP
> address of Demon. So I'd have hoped that trying to set server to Demon,
> would have resulted in "Address: 192.168.1.8" instead of the machine's
> real IP address.

Since the zone vickiandstacey.com didn't load, this server wasn't
authoritative for that zone, and so went to the forwarder you have
listed and asked there; that server then gave the public IP.


-- 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20031201/165b3458/attachment.bin