Error in named configuration

Issues related to configuring your network
shan2naruto
Posts: 19
Joined: 2017/11/24 12:10:18

Error in named configuration

Post by shan2naruto » 2018/02/20 09:15:43

hi, i'm currently studying DNS and have run in to the following errors in my centos6 VM. this is the tut i'm following https://www.ostechnix.com/setup-dns-ser ... nux-6-3-3/

Code: Select all

  [root@server1 named]# sudo service named start
Starting named:
Error in named configuration:
zone example.tv/IN: has no NS records
zone example.tv/IN: not loaded due to errors.
_default/example.tv/IN: bad zone
rev.example.tv:1: unknown RR type '1.168.192.in-addr.arpa.'
zone 1.168.192.in-addr.arpa/IN: loading from master file rev.example.tv failed: unknown class/type
zone 1.168.192.in-addr.arpa/IN: not loaded due to errors.
_default/1.168.192.in-addr.arpa/IN: unknown class/type
zone localhost.localdomain/IN: loaded serial 0
zone localhost/IN: loaded serial 0
zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
zone 0.in-addr.arpa/IN: loaded serial 0
                                                           [FAILED]
[root@server1 named]#
here is my fwd.example.tv file:

Code: Select all

$ORIGIN example.tv.
$TTL 86400
@       IN SOA server1.example.tv. root.example.tv. (
        2018021011;serial
3600; refresh
1800;retry
604800; expire
86400;min TTL
)
@IN     NS      server1.example.tv.
@IN     NS      server2.example.tv.
server1         IN      A       192.168.1.17
server2         IN      A       192.168.1.20

~
~
here is my rev.example.tv file:

Code: Select all

@ORIGIN 1.168.192.in-addr.arpa.
$TTL 86400
@       IN      SOA     server1.example.tv.     root.example.tv.(
2018021011; serial
3600; refresh
1800;retry
604800; expire
86400; minimum TTL
)



@IN NS server1.example.tv.
@IN NS server2.example.tv.
server1 A 192.168.1.17
server2 A 192.168.1.20
17 IN PTR server1.example.tv.
20 IN PTR server2.example.tv.
~
~
here is my /etc/named.conf file:

Code: Select all

options {
       listen-on port 53 { 127.0.0.1; 192.168.1.17; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { localhost; 192.168.1.0/24; };
        allow-transfer {localhost; 192.168.1.20; };
        recursion yes;

        dnssec-enable yes;
        dnssec-validation yes;
        dnssec-lookaside auto;
        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";

        managed-keys-directory "/var/named/dynamic";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
zone "." IN {
        type hint;
        file "named.ca";
};




zone "example.tv" IN{
        type master;

file "fwd.example.tv";
allow-update {none;};
};

zone "1.168.192.in-addr.arpa" IN{
type master;
file "rev.example.tv";
allow-update{none;};
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";


MartinR
Posts: 714
Joined: 2015/05/11 07:53:27
Location: UK

Re: Error in named configuration

Post by MartinR » 2018/02/20 11:44:13

Your formatting is wrong. Try:

Code: Select all

$ORIGIN	example.tv.
$TTL		86400
@		IN SOA	server1.example.tv. root.example.tv. (
				2018021011	; serial
				3600			; refresh
				1800			; retry
				604800		; expire
				86400)		; min TTL
		IN NS	server1.example.tv.
		IN NS	server2.example.tv.

server1	IN A		192.168.1.17
server2	IN A		192.168.1.20
The left-aligned refresh line was starting a new entry, therefore the SOA was incomplete, hence the first warning.

The second warning is because you are specifying a node of "@IN", a class of "NS" and a resource type of "server1.example.tv.". What you need is a node of "@", a class of "IN", a resource type of "NS" and a target of "server1.example.tv.".

shan2naruto
Posts: 19
Joined: 2017/11/24 12:10:18

Re: Error in named configuration

Post by shan2naruto » 2018/02/20 12:26:15

@martin
after following your suggestions i get the following errors

Code: Select all

[root@server1 ~]# sudo service named restart
Stopping named:                                            [  OK  ]
Starting named:
Error in named configuration:
zone example.tv/IN: loaded serial 2018021000
rev.example.tv:1: unknown RR type '1.168.192.in-addr.arpa.'
zone 1.168.192.in-addr.arpa/IN: loading from master file rev.example.tv failed: unknown class/type
zone 1.168.192.in-addr.arpa/IN: not loaded due to errors.
_default/1.168.192.in-addr.arpa/IN: unknown class/type
zone localhost.localdomain/IN: loaded serial 0
zone localhost/IN: loaded serial 0
zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
zone 0.in-addr.arpa/IN: loaded serial 0

MartinR
Posts: 714
Joined: 2015/05/11 07:53:27
Location: UK

Re: Error in named configuration

Post by MartinR » 2018/02/20 14:08:06

The first thing to note is that you are no longer getting

Code: Select all

zone example.tv/IN: has no NS records
zone example.tv/IN: not loaded due to errors.
instead

Code: Select all

zone example.tv/IN: loaded serial 2018021000
which is a step forward.

Question: why are you loading serial 2018021000 when the examples you provided were serial 2018021011?

The next batch of errors are from the reverse file which is also incorrectly formatted. I assumed you would follow the previous example and correct that as well. ;) Let's consider the errors:
rev.example.tv:1: unknown RR type '1.168.192.in-addr.arpa.' - this refers to the reverse file and indicates a resource record of type '1.168.192.in-addr.arpa.'. That can't be right! There are two errors here, (1) '1.168.192.in-addr.arpa.' is not a RR type and (2) you forgot the final dot so BIND has helpfully added the origin on the end. Remember that an A record has a name, class, type and definition, so the line ought to be:

Code: Select all

server1 IN A 192.168.1.17.
The server2 line has the same errors. You shouldn't need either line though, DNS will consult the forward file to translate the name servers' names into IP addresses.

Whilst you're editing the file add tabs in front of the SOA continuation lines.

shan2naruto
Posts: 19
Joined: 2017/11/24 12:10:18

Re: Error in named configuration

Post by shan2naruto » 2018/02/20 14:20:13

finally following martins advice i was able to fix the problem the key was in not adding the final "." in the beginning of the "rev.example.tv" file and sudo service named restart doesn't throw any errors.

Code: Select all


$TTL 86400
@       IN      SOA     server1.example.tv.     root.example.tv.(
2018021011; serial
3600; refresh
1800;retry
604800; expire
86400; minimum TTL
)



@       IN NS server1.example.tv.
@       IN NS server2.example.tv.
server1 IN A 192.168.1.17
server2 IN A 192.168.1.20
17 IN PTR server1.example.tv.
20 IN PTR server2.example.tv.
        IN      NS      example.tv.
1       IN      PTR     example.tv.
~
~
~
but now there is another problem i'm not able to ping google.com

when i try to check the zones these errors pop out:

Code: Select all

[root@server1 ~]# named-checkzone example.tv /var/named/rev.example.tv
zone example.tv/IN: NS 'example.tv' has no address records (A or AAAA)
zone example.tv/IN: not loaded due to errors.


shan2naruto
Posts: 19
Joined: 2017/11/24 12:10:18

Re: Error in named configuration

Post by shan2naruto » 2018/02/21 09:47:03

After following martins advice i solved the problem by removing and adding lines in rev.example.tv now the named-checkzone gives no errors but now i'm not able to ping so martin can you tell me what is wrong with my dns machine.
the rev.example.tv file after editing is as follows:

Code: Select all

$TTL 86400
@       IN      SOA     example.tv.     root.example.tv.(
2018021000; serial
3600; refresh
1800;retry
604800; expire
86400; minimum TTL
)


@       IN NS server1.example.tv.
@       IN NS server2.example.tv.

server1 IN A 192.168.1.17

server2 IN A 192.168.1.20

17 IN PTR server1.example.tv.
20 IN PTR server2.example.tv.

example.tv.     IN A 192.168.1.17
@       IN NS example.tv.
@       IN PTR example.tv.

MartinR
Posts: 714
Joined: 2015/05/11 07:53:27
Location: UK

Re: Error in named configuration

Post by MartinR » 2018/02/21 11:41:50

There's still a couple of points in your rev file:
  1. For readability reasons, please tab the parameters to SOA across the page. named-checkzone -D may accept it, but follow the standard configuration for hand crafted files please.
  2. I'm suspicious about the way you are using a zone as if it were an actual node in the last three lines. I haven't time to check it out fully though.
Can you try the following and post all output:

Code: Select all

$ ping google-public-dns-a.google.com
...
^C
$ ping 8.8.8.8
...
^C
$ dig google-public-dns-a.google.com

shan2naruto
Posts: 19
Joined: 2017/11/24 12:10:18

Re: Error in named configuration

Post by shan2naruto » 2018/02/21 12:21:14

here is the output @martin

Code: Select all

[root@server1 ~]# ping google-public-dns-a.google.com
ping: unknown host google-public-dns-a.google.com
[root@server1 ~]# ping -c 5 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=47 time=51.3 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=47 time=47.4 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=47 time=43.8 ms
64 bytes from 8.8.8.8: icmp_seq=4 ttl=47 time=49.4 ms
64 bytes from 8.8.8.8: icmp_seq=5 ttl=47 time=45.7 ms

--- 8.8.8.8 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4061ms
rtt min/avg/max/mdev = 43.830/47.568/51.319/2.636 ms
[root@server1 ~]# dig google-public-dns-a.google.com


; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6_9.5 <<>> google-public-dns-a.google.com
;; global options: +cmd
;; connection timed out; no servers could be reached
[root@server1 ~]#

MartinR
Posts: 714
Joined: 2015/05/11 07:53:27
Location: UK

Re: Error in named configuration

Post by MartinR » 2018/02/21 13:26:39

OK, the last command shows that you are not finding any name servers at all. The ping fails because of this error. You probably need to check your /etc/resolv.conf and the settings in /etc/sysconfig/network-scripts/ifcfg-*. If you are using NetworkManager then you're on your own! you might also check your routing:

Code: Select all

$ ip route
...
default via 192.168.XX.XX dev eth0 
If there's no default line then you need to set your gateway.

shan2naruto
Posts: 19
Joined: 2017/11/24 12:10:18

Re: Error in named configuration

Post by shan2naruto » 2018/02/21 13:45:51

MartinR wrote:OK, the last command shows that you are not finding any name servers at all. The ping fails because of this error. You probably need to check your /etc/resolv.conf and the settings in /etc/sysconfig/network-scripts/ifcfg-*. If you are using NetworkManager then you're on your own! you might also check your routing:

Code: Select all

$ ip route
...
default via 192.168.XX.XX dev eth0 
If there's no default line then you need to set your gateway.
here are the output of all the files you asked and let me assure you that network manager is set to no

the ifcfg-eth0 file:

Code: Select all

DEVICE=eth0
HWADDR=08:00:27:6A:6B:93
TYPE=Ethernet
UUID=9784518a-832a-4e93-8b2e-2815a0a971b3
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.1.17
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
DNS1=207.68.222.222
DNS2=207.68.220.220
the ip route output:

Code: Select all

[root@server1 ~]# ip route
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.17
169.254.0.0/16 dev eth0  scope link  metric 1002
default via 192.168.1.1 dev eth0
the /etc/resolv.conf file:

Code: Select all

; generated by /sbin/dhclient-script
nameserver 207.68.222.222
nameserver 207.68.220.220
~

Post Reply