Caching only name server

Kevin Darcy kcd at chrysler.com
Fri Jul 11 20:56:31 UTC 2008 

Rahul Tidke wrote:
>> Rahul Tidke wrote:
>>> Hello All,
>>>   Please see below /var/log/messages when I started named service; I 
>>> have installed bind-chroot package on fedora core 6, configured the 
>>> caching only name server and started the service.
>>>
>>> [root at espl etc]# service named start
>>> Starting named:                                            [  OK  ]
>>>
>>> Now named is running but I am still unable to resolve hostnames from 
>>> client computers.
>>>
>>> [root at espl etc]# rndc status
>>> rndc: connect failed: 127.0.0.1#953: timed out
>>>
>>> [root at espl ~]# service named status
>>> rndc: connect failed: 127.0.0.1#953: operation canceled
>>>
>>> [root at espl etc]# service named restart
>>> Stopping named: ..................................................no 
>>> response, killing with -TERM
>>>                                                             [  OK  ]
>>> Starting named:                                            [  OK  ]
>>>
>>> /var/log/messages output:
>>>
>>> Jul 10 10:23:25 espl named[27224]: shutting down
>>> Jul 10 10:23:25 espl named[27224]: stopping command channel on 
>>> 127.0.0.1#953
>>> Jul 10 10:23:25 espl named[27224]: stopping command channel on ::1#953
>>> Jul 10 10:23:25 espl named[27224]: no longer listening on ::1#53
>>> Jul 10 10:23:25 espl named[27224]: no longer listening on 127.0.0.1#53
>>> Jul 10 10:23:25 espl named[27224]: no longer listening on 
>>> 192.168.10.254#53
>>> Jul 10 10:23:25 espl named[27224]: exiting
>>> Jul 10 10:23:27 espl named[27592]: starting BIND 9.3.4-P1 -u named 
>>> -t /var/named/chroot
>>> Jul 10 10:23:27 espl named[27592]: found 2 CPUs, using 2 worker threads
>>> Jul 10 10:23:27 espl named[27592]: loading configuration from 
>>> '/etc/named.conf'
>>> Jul 10 10:23:27 espl named[27592]: listening on IPv6 interface lo, 
>>> ::1#53
>>> Jul 10 10:23:27 espl named[27592]: listening on IPv4 interface lo, 
>>> 127.0.0.1#53
>>> Jul 10 10:23:27 espl named[27592]: listening on IPv4 interface eth0, 
>>> 192.168.10.254#53
>>> Jul 10 10:23:27 espl named[27592]: command channel listening on 
>>> 127.0.0.1#953
>>> Jul 10 10:23:27 espl named[27592]: command channel listening on ::1#953
>>> Jul 10 10:23:27 espl named[27592]: zone 
>>> 0.in-addr.arpa/IN/localhost_resolver: loaded serial 42
>>> Jul 10 10:23:27 espl named[27592]: zone 
>>> 0.0.127.in-addr.arpa/IN/localhost_resolver: loaded serial 1997022700
>>> Jul 10 10:23:27 espl named[27592]: zone 
>>> 255.in-addr.arpa/IN/localhost_resolver: loaded serial 42
>>> Jul 10 10:23:27 espl named[27592]: zone 
>>> 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/localhost_resolver: 
>>> loaded serial 1997022700
>>> Jul 10 10:23:27 espl named[27592]: zone 
>>> localdomain/IN/localhost_resolver: loaded serial 42
>>> Jul 10 10:23:27 espl named[27592]: zone 
>>> localhost/IN/localhost_resolver: loaded serial 42
>>> Jul 10 10:23:27 espl named[27592]: running
>>>
>>> What needs to be updated?
>>>
>>>   
> Kevin Darcy wrote:
>> The fact that you're listening on a private address (192.168.10.254) 
>> implies that you're running behind some sort of NAT and/or firewall. 
>> The fact that you don't have any kind of "hints" file defined means 
>> you're going to be using the compiled-in defaults and thus trying to 
>> query the Internet root nameservers. Is the NAT/Firewall set up to 
>> allow direct access to the Internet root nameservers? Try querying 
>> one of the root nameservers directly from your box, e.g.
>>
>> dig com ns +norec @192.58.128.30
>
>  I executed this command successfully.
>
>>
>> I don't know why you'd be timing out trying to use "rndc", since the 
>> log messages indicate that named is listening on the appropriate 
>> command channel. If the "bind-chroot" setup script hadn't set up your 
>> RNDC key/config properly, I'd expect a different errror message than 
>> that. Are you absolutely sure the named process was running when you 
>> issued the rndc command? Do you see named listening on 127.0.0.1#53 
>> in a netstat display?
>>
>>                                                                          
>>  - Kevin
>
> I don't see any 127.0.0.1#53 statement in netstat output.
> See below output when I executed host command on 192.168.10.254
>
> [root at espl ~]# host 192.168.10.254
> Host 254.10.168.192.in-addr.arpa not found: 3(NXDOMAIN)
>
> My named.conf is located at /var/named/chroot/etc/ ; as follows
>
>
> options {
>         listen-on port 53 { 127.0.0.1; 192.168.10.254; };
>         listen-on-v6 port 53 { ::1; };
>         directory       "/var/named";
>         dump-file       "/var/named/data/cache_dump.db";
>         statistics-file "/var/named/data/named_stats.txt";
>         memstatistics-file "/var/named/data/named_mem_stats.txt";
>         query-source    port 53;
>         query-source-v6 port 53;
>         allow-query     { localhost; 192.168.10.0/24; };
> };
> logging {
>         channel default_debug {
>                 file "data/named.run";
>                 severity dynamic;
>         };
> };
> view localhost_resolver {
>         match-clients      { localhost; };
>         match-destinations { localhost; };
>         recursion yes;
>         include "/etc/named.rfc1912.zones";
> };
>
> include "/etc/rndc.key";
>
> This file is same as named.caching-nameserver.com located at 
> /var/named/chroot/etc.
>
> What I need to check now?
>
You have only one view and it's limited to "localhost".

So, your client boxes don't match any view.

                                                                         
            - Kevin

More information about the bind-users mailing list