FreeBSD 5.x and bind 9.x

alexus ml at db.nexgen.com
Sun Sep 14 13:56:01 PDT 2003


Hello

I'm using following:

OS: FreeBSD 5.1-RELEASE
Bind: bind-9.2.2

both, release/stable version not a development and I'm expereincing two
major problem with bind (also I didn't had that problem while using same
bind on FreeBSD 4.x-STABLE/RELEASE )

anyway here is what's going on

I run bind it seems to be running without any errors however, resolving part
doesn't work and rndc part doesn't work. After I run bind I checked if at
least port is open and yes it's open

here is my named.conf

alexus# cat /usr/local/etc/named.conf
key "rndc-key" {
      algorithm hmac-md5;
      secret "xxxxxxxxxxxxxxxxxxxxx";
};

controls {
      inet 127.0.0.1 port 953
              allow { 127.0.0.1; } keys { "rndc-key"; };
};

options {
        allow-recursion {
                127.0.0.1/32;
                192.168.0.0/16;
                172.16.0.0/12;
                10.0.0.0/8;
        };
        directory "/usr/local/etc/namedb";
        pid-file "/var/run/named/named.pid";
        version "unknown";
};

zone "." { type hint; file "hint"; };
zone "0.0.127.in-addr.arpa" { type master; file "localhost"; notify no; };
alexus#

and here is my hint file

alexus# cat /usr/local/etc/namedb/hint

; <<>> DiG 9.2.2 <<>> @internic.net
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31193
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13

;; QUESTION SECTION:
;.                              IN      NS

;; ANSWER SECTION:
.                       14293   IN      NS      I.ROOT-SERVERS.NET.
.                       14293   IN      NS      J.ROOT-SERVERS.NET.
.                       14293   IN      NS      K.ROOT-SERVERS.NET.
.                       14293   IN      NS      L.ROOT-SERVERS.NET.
.                       14293   IN      NS      M.ROOT-SERVERS.NET.
.                       14293   IN      NS      A.ROOT-SERVERS.NET.
.                       14293   IN      NS      B.ROOT-SERVERS.NET.
.                       14293   IN      NS      C.ROOT-SERVERS.NET.
.                       14293   IN      NS      D.ROOT-SERVERS.NET.
.                       14293   IN      NS      E.ROOT-SERVERS.NET.
.                       14293   IN      NS      F.ROOT-SERVERS.NET.
.                       14293   IN      NS      G.ROOT-SERVERS.NET.
.                       14293   IN      NS      H.ROOT-SERVERS.NET.

;; ADDITIONAL SECTION:
A.ROOT-SERVERS.NET.     4482    IN      A       198.41.0.4
B.ROOT-SERVERS.NET.     6346    IN      A       128.9.0.107
C.ROOT-SERVERS.NET.     6346    IN      A       192.33.4.12
D.ROOT-SERVERS.NET.     6346    IN      A       128.8.10.90
E.ROOT-SERVERS.NET.     7810    IN      A       192.203.230.10
F.ROOT-SERVERS.NET.     6346    IN      A       192.5.5.241
G.ROOT-SERVERS.NET.     7810    IN      A       192.112.36.4
H.ROOT-SERVERS.NET.     7810    IN      A       128.63.2.53
I.ROOT-SERVERS.NET.     6346    IN      A       192.36.148.17
J.ROOT-SERVERS.NET.     14293   IN      A       192.58.128.30
K.ROOT-SERVERS.NET.     6346    IN      A       193.0.14.129
L.ROOT-SERVERS.NET.     6346    IN      A       198.32.64.12
M.ROOT-SERVERS.NET.     6346    IN      A       202.12.27.33

;; Query time: 10 msec
;; SERVER: 198.41.0.6#53(internic.net)
;; WHEN: Fri Aug 29 23:48:08 2003
;; MSG SIZE  rcvd: 436

alexus#

and here is my local

alexus# cat /usr/local/etc/namedb/localhost
$TTL    0
@       SOA     alexus.no-ip.org.       root.alexus.no-ip.org. ( 0 0 0 0 0 )
        NS      alexus.no-ip.org.
1       PTR     alexus.no-ip.org.
alexus#

for rnds i get this in my logs

Sep 14 16:53:56 alexus named[301]: invalid command from 127.0.0.1#49184: bad
auth
Sep 14 16:53:56 alexus kernel: Sep 14 16:53:56 alexus named[301]: invalid
command from 127.0.0.1#49184: bad auth

oh and here is my rndc.conf

alexus# cat /etc/rndc.conf
# Start of rndc.conf
key "rndc-key" {
        algorithm hmac-md5;
        secret "xxxxxxxxxxxxxxxxxxxxxx";
};

options {
        default-key "rndc-key";
        default-server 127.0.0.1;
        default-port 953;
};
# End of rndc.conf

# Use with the following in named.conf, adjusting the allow list as needed:
# key "rndc-key" {
#       algorithm hmac-md5;
#       secret "xxxxxxxxxxxxxxxxxxxx";
# };
#
# controls {
#       inet 127.0.0.1 port 953
#               allow { 127.0.0.1; } keys { "rndc-key"; };
# };
# End of named.conf
alexus#

ofcourse i changed my real secret to xxxxxxxxxxxxxxxxxxx :)

any ideas, suggestions would be very much appreciated.

Thanks in advance

alexus




More information about the freebsd-questions mailing list