Rejected due to errors (serial 27)

Riskable Riskable at YouKnowWhat.com
Fri Nov 10 07:51:30 UTC 2000


Two things to note:

First, there are no errors above the "master zone rejected" one.  In fact,
there are no other errors in the log file.  Not even warnings.

Second, I fail to see why I can't use the @ symbol.  I was under the
impression that in my example,

@			IN	CNAME	www.somedomainname.com.

the @ symbol is the same as placing "somedomain.net." there since the
named.conf explicitly states:

 zone "somedomain.net" in {
   type master;
   file "master/somedomain.net.dns";
 };

Meaning that the origin (@) is somedomain.net

I guess I'm just looking for a better explanation.  Mark Andrews (the post
after yours) stated,

	Yes, because you cannot have CNAMES and other data.  If you read
	RFC 1034/1035 and look at how you process cached CNAMES you will
	realise that this configuration can never work which is why we
	detect it and complain.

The part that I don't understand is "other data".  What other data can't I
have?

It would also be helpful if someone could give me an example of how I should
properly setup the zone file to forward the domain so I can implement the
proper changes.

-Riskable
"I have a license to kill -9"

-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On
Behalf Of Mathias Körber
Sent: Friday, November 10, 2000 1:29 AM
To: Riskable; bind-users at isc.org
Subject: RE: Rejected due to errors (serial 27)



> I'm getting an error in my log files stating...
>=20
> "master zone whatever.com" (IN) rejected due to errors (serial 27)

There should have been another error message a bit further up
the log that shows the actual error..

Anyway:

>=20
> ...this is the zone file:
>=20
> $TTL 3600
> @	IN	SOA  ournameserver.somedomain.com.=20
> techsupport.somedomain.com. (
> 			27          ; serial number
> 			3600        ; refresh
> 			600         ; retry
> 			604800      ; expire
> 			3600      ) ; minimum TTL
> @			IN	NS	ournamserver.somedomain.com.
> @			IN	NS	ournameserver2.somedomain.com.
> @			IN	CNAME	www.somedomainname.com.

This last CNAME is illegal. You canot have a CNAME and any other
data for the same label (which is what @ is), because the
CNAME is a complete alias, and says "for any query for @, redirect
it to www.somedomain.com", which practically masks the SOA
and NS records. BIND catches this and rejects the zone.

In this case you have the SOA and NS records next to the CNAME.

If you want to allow http://whatever.com, you need to publish
an A record instead of an CNAME record for this purpose.




> *			IN	CNAME	www.somedomainname.com.
>=20
>=20
> What's odd is that the CNAME forwarding works just fine.  The server =
does
> NOT report back as authoritative for the domain though.  Anyone know =
why
> this is happening?

BIND will not consider itself authoritative for any zone with errors in =
it,
to prohibit spreading of bad problems to the secondaries.

>=20
> According to the bind common errors list at
> www.acmebw.com/askmrdns/bind-messages.htm this would indicate a syntax
> error.  I checked the zone files for strange invisible characters, but
> everything seems fine.  Am I not seeing some blaring syntax error =
here?
>=20
> The entry in the named.conf is:
>=20
> zone "somedomain.net" in {
>   type master;
>   file "master/somedomain.net.dns";
> };
>=20
> -Riskable
> "I have a license to kill -9"
>=20
>=20
>=20







More information about the bind-users mailing list