named error: expected prefix length near '4'
Barry Margolin
barmar at alum.mit.edu
Mon Oct 11 23:31:23 UTC 2004
In article <ckf3ch$2g1r$1 at sf1.isc.org>, flashl at bigfoot.com (Benu)
wrote:
> I have been worked religiously for the past four weeks to understand
> DNS and get it up and running on my linux box. I have read and re-read
> Bind 9 administrator guide (daily), BIND FAQS, and various posts on
> the net. Now, I am at the point where I am no longer certain of
> anything.
>
> I have a homenetwork with three machines (Fedora Core 2, XP, and
> Win2K) using a Belkin router on a Cable Network (Dynamic IP). I
> urgently need to move a website from a hosting service.
>
> To prepare for the move of the website, I have been testing my DNS
> configuration with a parked domain (rescue911design.com) and free
> domain (benu.widge.net) before addressing the live site.
>
> Currently, all seems to be working internally, but I have sporadic
> success serving the internal network while accessing the internet.
> What have been particularly confusing to me is: there is root domain
> information in the cache and a dig command with +norec correctly looks
> up the A records for various hosts. I do not understand why the dig
> and host commands returns SERVFAIL when the data is in the cache for
> the homelan view.
Could you provide some example queries that fail?
If you try to look up something in rescue911design.com or benu.widge.net
from your homelan, it won't use the data from the zone files, it should
forward to the ISP nameservers. This is because you only list these
zones in the external-nets view.
>
> All files passed named-checkconf, and named-checkzone, there are no
> complaints in /var/log/messages or audit_log. My configuration files
> are:
>
> --/etc/named.conf
> // generated by named-bootconf.pl
> acl my-nets {
> 192.168.2.0/24;
> 127.0.0.1/24;
> localhost;
> };
> acl xfer {
> none;
> };
> acl external-ns {
> 68.105.161.20; //Cable NS1
> 68.1.18.25; //Cable NS2
> };
> acl bogus-net3 {
> 208.0.0.0/4;
> 200.0.0.0/5;
> 196.0.0.0/6;
> 194.0.0.0/7;
> 193.0.0.0/8;
> };
> acl bogus-net2 {
> 0.0.0.0/3;
> 16.0.0.0/3;
> 64.0.0.0/3;
> 96.0.0.0/3;
> 128.0.0.0/3;
> 160.0.0.0/3;
> };
> acl bogus-net1 {
> 0.0.0.0/8;
> 1.0.0.0/8;
> 2.0.0.0/8;
> 192.0.2.0/24;
> 224.0.0.0/3;
> 10.0.0.0/8;
> 172.16.0.0/16;
> };
>
> logging {
> [snip]
> };
>
> options {
> blackhole {
> bogus-net1;
> bogus-net2;
> bogus-net3;
> };
> directory "/var/named/";
> cleaning-interval 30;
> allow-query { "my-nets"; "external-ns"; };
> allow-recursion { "my-nets"; };
> forward first;
> forwarders {
> 68.105.161.20; //Cable NS1
> 68.1.18.25; //Cable NS2
> };
> minimal-responses no;
> //notify no;
> //query-source address * port 53;
> transfer-format many-answers;
> version "Guess";
> zone-statistics yes;
> };
>
> controls {
> inet 127.0.0.1 allow {
> 127.0.0.1;
> }
> keys {
> rndckey;
> };
> };
>
> include "/etc/rndc.key";
>
> view "homelan" {
> additional-from-auth yes;
> additional-from-cache yes;
> match-clients { "my-nets"; };
> recursion yes;
> zone "2.168.192.in-addr.arpa" in {
> type master;
> file "2.168.192.in-addr.arpa.hosts";
> allow-query { localnets; };
> allow-transfer { localnets; };
> forwarders { };
> };
> zone "blkdiamonds.lan" in {
> type master;
> file "blkdiamonds.lan.hosts";
> allow-query { localnets; };
> allow-transfer { localnets; };
> };
> zone "localhost" in {
> type master;
> file "named.local";
> };
> zone "0.0.127.in-addr.arpa" in {
> type master;
> file "0.0.127.in-addr.arpa.hosts";
> allow-query { localnets; };
> allow-transfer { xfer; };
> notify no;
> };
> };
>
> view "external-nets" {
> additional-from-auth no;
> additional-from-cache no;
> match-clients { any; };
> recursion no;
> zone "benu.widge.net" in {
> type slave;
> file "benu.widge.net.hosts";
> masters { 64.49.244.135; 66.216.81.145; };
> notify yes;
> };
> zone "rescue911design.com" {
> type slave;
> file "rescue911design.com.hosts";
> masters { 64.202.167.129; };
> notify yes;
> };
> };
>
> view "external-chaos" chaos {
> match-clients { any; };
> recursion no;
> zone "." {
> type hint;
> file "/dev/null";
> };
> zone "bind" {
> type master;
> file "bind.hosts";
> allow-query { "my-nets"; };
> allow-transfer { "xfer"; };
> };
> };
>
> --0.0.127.in-addr.arpa.hosts
>
> $TTL 86400
> @ IN SOA ns1.blkdiamonds.lan. root.blkdiamonds.lan. (
> 200410104 ; serial
> 28800 ; refresh (8 hours)
> 7200 ; retry (2 hours)
> 2419200 ; expire (4 weeks)
> 86400 ; minimum (1 day)
> )
> IN NS ns1.blkdiamonds.lan.
> 1 IN PTR localhost.
>
> --2.168.192.in-addr.arpa.hosts
>
> $TTL 86400 ; 1 day
> @ IN SOA ns1.blkdiamonds.lan. root.blkdiamonds.lan. (
> 2004101001 ; serial
> 10800 ; refresh (3 hours)
> 900 ; retry (15 minutes)
> 604800 ; expire (1 week)
> 3600 ; minimum (1 hour)
> )
> NS ns1.blkdiamonds.lan.
> ;
> 1 PTR gw.blkdiamonds.lan
> 2 PTR ftp.blkdiamonds.lan.
> PTR ns1.blkdiamonds.lan.
> PTR www.blkdiamonds.lan.
> PTR roxie.blkdiamonds.lan.
>
> --benu.widge.net.hosts
>
> $ORIGIN .
> $TTL 259200 ; 3 days
> benu.widge.net. IN SOA ns1.widge.net. root.benu.widge.net. (
> 200410103 ; serial
> 28800 ; refresh (8 hours)
> 7200 ; retry (2 hours)
> 2419200 ; expire (4 weeks)
> 86400 ; minimum (1 day)
> )
> NS ns1.widge.net.
> NS ns1.blkdiamonds.lan.
> MX 10 mail.benu.widge.net.
> $ORIGIN benu.widge.net.
> $TTL 259200 ; 3 days
> ftp CNAME ns1
> gw A 192.168.2.1
> HINFO "Belkin" "BEF"
> TXT "The router"
> localhost A 127.0.0.1
> mail CNAME ns1
> ns1 A 192.168.2.2
> HINFO "Pentium" "Fedora 2.0"
> MX 10 mail
> www CNAME ns1
>
> --bind.hosts
>
> ; @(#)db.bind v1.2 25 JAN 2001 Rob Thomas robt at cymru.com
> ;
> $TTL 1D
> @ 1D CHAOS SOA localhost. root.localhost. (
> 2004100601 ; serial
> 3H ; refresh
> 1H ; retry
> 1W ; expiry
> 1D ) ; minimum
> CHAOS NS localhost.
> version.bind. CHAOS TXT "BIND 9.1.3+robhacks"
> authors.bind. CHAOS TXT "are better coders than I. :)"
>
> --blkdiamonds.lan.hosts
> $ORIGIN .
> $TTL 259200 ; 3 days
> blkdiamonds.lan. IN SOA ns1.blkdiamonds.lan. root.blkdiamonds.lan. (
> 200410103 ; serial
> 28800 ; refresh (8 hours)
> 7200 ; retry (2 hours)
> 2419200 ; expire (4 weeks)
> 86400 ; minimum (1 day)
> )
> NS ns1.blkdiamonds.lan.
> MX 10 mail.blkdiamonds.lan.
> $ORIGIN blkdiamonds.lan.
> $TTL 21600 ; 6 hours
> 4X7II6FO4Y A 192.168.2.140
> $TTL 259200 ; 3 days
> ftp CNAME ns1
> gw A 192.168.2.1
> HINFO "Belkin" "BEF"
> TXT "The router"
> localhost A 127.0.0.1
> mail CNAME ns1
> ns1 A 192.168.2.2
> HINFO "Pentium" "Fedora 2.0"
> MX 10 mail
> www CNAME ns1
>
> --rescue911design.com.hosts
> ;
> ; Zone file rescue911design.com
> $TTL 3D
> rescue911design.com. IN SOA ns1.rescue911design.com.
> root.rescue911design.com. (
> 200410101 ; serial, todays date + todays
> serial #
> 8H ; refresh, seconds
> 2H ; retry, seconds
> 4W ; expire, seconds
> 1D ) ; minimum, seconds
> ;
> NS ns1 ; Inet Address of name server
> NS part5.secureserver.net.
> NS part6.secureserver.net.
> MX 10 mail ; Primary Mail Exchanger
> ;
> ns1 A 192.168.2.2
> MX 10 mail
> HINFO "Pentium" "Fedora 2.0"
> www CNAME ns1
> mail CNAME ns1
> ftp CNAME ns1
> localhost A 127.0.0.1
> gw A 192.168.2.1
> HINFO "Belkin" "BEF"
> TXT "The router"
>
> --/etc/resolv.conf
> search blkdiamonds.lan
> domain blkdiamonds.lan
> nameserver 192.168.2.2
> nameserver 68.105.161.20 //ISP DSN
>
> --/etc/resolv.conf2
> search blkdiamonds.lan
> domain blkdiamonds.lan
> nameserver 127.0.0.1
> nameserver 192.168.2.2
>
>
>
> I will greatly appreciate a nudge in the right direction.
>
> Benu
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
More information about the bind-users
mailing list