Does second nameserver also need ISPConfig. (solved) Hello, Momentary I have got got one computer running on Centos 5.5 with ISPConfig 3. I am trying to build a second nameserver on an old computer. This one only functions under Centos 4.8. Do I need to install ISPConfig on this one to? I found only a howto with ISPConfig 2, is this a problem? Does ISPConfig 3 not function with Centos 4.8? Can I try to use a Centos 5.X to install ISPConfig 3? Can I copy named.conf to the second computer and putting slave instead of master in the zones? With kind regards, Ad.
ISPConfig 3 doesn't support CentOS 4.8, but to run just a secondary nameserver, you don't need a control panel. You can configure it by hand, as shown here: http://www.howtoforge.com/traditional_dns_howto_p8
Thanks Falko, Do I have to put in the second nameservers named.conf al the zones from the primary nameservers? This named.conf is here:http://www.how2forge.com/forums/showthread.php?t=49485 Otherwise I expect the zonefiles won't be copied. I already did read your traditional DNS howto. Ad.
Still having some problems. Copied named.conf changed master to slave, putting in masters, allow transfer etc. Named starts on both computers, checking named status I see on the second nameserver (Centos 4.8, bind 9.2.4) 5 zones running on the first nameserver (Centos 5.8, bind 9.3.6) 3 zones. Second nameserver is trying to transfer zones but no result. Trying nslookup and dig on the first nameserver I got positive result querying the defined hosts on nameservers ip etc. Using dig and nslookup on server1 (= computername first nameserver) and localhost there is no answer section and status=NXDOMAIN. Doing the same on the second nameserver There is no result on the host, which is normal I think because there are no zone-files. On server2 (=computername second nameserver) and localhost I have got status:SERVFAIL and again no answer section. Permissions for named on the first nameserver are set according howto perfect server centos 5.8 using ISPConfig 3. Ad.
Hello Falko, Excuse me for replying thise late. I reinstalled centos 5.5 and ISPConfig 3 on the main server. Put in the inside and outside views in named.conf and rewrote the zone-files. Named starts normally. Running tail /var/log/messages there is a message for these three zones: loading master file name of file: permission denied. Could this be a jailkit/ISPconfig problem? Ad.
On the master. The permissions for the zones I added are the same as for the other standard zones. On the slave I've got messages that the slave is trying to update the zones, without success.
Error message: [root@server1 ~]# tail /var/log/messages Dec 1 13:57:55 server1 named[16213]: loading configuration from '/etc/named.conf' Dec 1 13:57:55 server1 named[16213]: using default UDP/IPv4 port range: [1024, 65535] Dec 1 13:57:55 server1 named[16213]: using default UDP/IPv6 port range: [1024, 65535] Dec 1 13:57:55 server1 named[16213]: listening on IPv6 interface lo, ::1#53 Dec 1 13:57:55 server1 named[16213]: listening on IPv4 interface lo, 127.0.0.1#53 Dec 1 13:57:55 server1 named[16213]: command channel listening on 127.0.0.1#953 Dec 1 13:57:55 server1 named[16213]: zone 0.0.10.in-addr.arpa/IN/inside: loading master file yourlan.db: permission denied Dec 1 13:57:55 server1 named[16213]: zone amtand.nl/IN/inside: loading master file db.amtand.nl.inside: permission denied Dec 1 13:57:55 server1 named[16213]: zone amtand.nl/IN/outside: loading master file db.amtand.nl.outside: permission denied Dec 1 13:57:55 server1 named[16213]: running Named.conf: // // named.conf // // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS // server as a caching only nameserver (as a localhost DNS resolver only). // // See /usr/share/doc/bind*/sample/ for example named configuration files. // options { listen-on port 53 { 127.0.0.1; }; listen-on-v6 port 53 { ::1; }; directory "/var/named/chroot/var/named"; dump-file "/var/named/chroot/var/named/data/cache_dump.db"; statistics-file "/var/named/chroot/var/named/data/named_stats.txt"; memstatistics-file "/var/named/chroot/var/named/data/named_mem_stats.txt"; allow-query { localhost; }; recursion yes; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; #zone "." IN { # type hint; # file "named.root"; acl "mylan" { 127/8; 10.0.0.0/24; }; controls { inet 127.0.0.1 allow { localhost; } keys { rndckey; }; }; view "inside" { match-clients { "mylan"; }; recursion yes; zone "." IN { type hint; file "named.root"; }; zone "0.0.10.in-addr.arpa" IN { type master; file "yourlan.db"; }; zone "amtand.nl" { type master; file "db.amtand.nl.inside"; allow-transfer { 10.0.0.15; }; }; }; view "outside" { match-clients { any; }; recursion no; zone "." IN { type hint; file "named.root"; }; zone "amtand.nl" { type master; file "db.amtand.nl.outside"; allow-transfer { 192.168.2.10; }; }; }; include "/var/named/chroot/etc/rndc.key"; include "/var/named/chroot/etc/named.conf.local";
[root@server1 ~]# ls -la /var/named/chroot/var/named/ totaal 68 drwxrwxr-x 5 root named 4096 nov 29 08:14 . drwxrwxr-x 6 root named 4096 jan 20 2010 .. lrwxrwxrwx 1 root root 6 nov 27 16:00 chroot -> ../../ drwxrwx--- 2 named named 4096 nov 27 16:21 data -rw------- 1 root root 731 nov 29 08:13 db.amtand.nl.inside -rw------- 1 root root 673 nov 28 19:32 db.amtand.nl.inside~ -rw------- 1 root root 673 nov 29 08:12 db.amtand.nl.outside -rw------- 1 root root 731 nov 29 08:11 db.amtand.nl.outside~ -rw-r--r-- 1 root root 426 nov 27 16:00 named.local -rw-r--r-- 1 root root 1892 nov 27 16:00 named.root drwxrwx--- 2 named named 4096 nov 27 16:21 slave drwxrwx--- 2 named named 4096 jul 27 2004 slaves -rw------- 1 root root 598 nov 29 08:13 yourlan.db -rw------- 1 root root 597 nov 29 08:11
Thanks Falko, This is now in messages: [root@server1 ~]# tail /var/log/messages Dec 4 13:49:41 server1 named[10827]: running Dec 4 13:49:41 server1 named[10827]: zone 0.0.10.in-addr.arpa/IN/inside: sending notifies (serial 2010112804) Dec 4 13:49:41 server1 named[10827]: zone amtand.nl/IN/inside: sending notifies (serial 2010112804) Dec 4 13:49:41 server1 named[10827]: zone amtand.nl/IN/outside: sending notifies (serial 2010112804) Dec 4 13:49:41 server1 named[10827]: network unreachable resolving 'dns2.domeinbalie.org/A/IN': 2001:888:2000:13::2#53 Dec 4 13:49:41 server1 named[10827]: network unreachable resolving 'dns2.domeinbalie.org/A/IN': 2001:4de0:1000:a24:1::2#53 Dec 4 13:49:41 server1 named[10827]: network unreachable resolving 'dns2.domeinbalie.org/A/IN': 2001:828:100:1:3::1#53 Dec 4 13:50:01 server1 pure-ftpd: ([email protected]) [INFO] New connection from 127.0.0.1 Dec 4 13:50:01 server1 pure-ftpd: ([email protected]) [INFO] Logout. Dec 4 13:50:02 server1 clamd[4229]: SelfCheck: Database status OK. and in the ls: [root@server1 ~]# ls -la /var/named/chroot/var/named/ totaal 68 drwxrwxr-x 5 root named 4096 nov 29 08:14 . drwxrwxr-x 6 root named 4096 jan 20 2010 .. lrwxrwxrwx 1 root root 6 nov 27 16:00 chroot -> ../../ drwxrwx--- 2 named named 4096 nov 27 16:21 data -rw-r--r-- 1 root root 731 nov 29 08:13 db.amtand.nl.inside -rw-r--r-- 1 root root 673 nov 28 19:32 db.amtand.nl.inside~ -rw-r--r-- 1 root root 673 nov 29 08:12 db.amtand.nl.outside -rw-r--r-- 1 root root 731 nov 29 08:11 db.amtand.nl.outside~ -rw-r--r-- 1 root root 426 nov 27 16:00 named.local -rw-r--r-- 1 root root 1892 nov 27 16:00 named.root drwxrwx--- 2 named named 4096 nov 27 16:21 slave drwxrwx--- 2 named named 4096 jul 27 2004 slaves -rw-r--r-- 1 root root 598 nov 29 08:13 yourlan.db -rw-r--r-- 1 root root 597 nov 29 08:11 yourlan.db~ I also put the files with the ~ extension in 644, cann't locate those files. This is the named.conf file on the slave: // // named.conf // // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS // server as a caching only nameserver (as a localhost DNS resolver only). // // See /usr/share/doc/bind*/sample/ for example named configuration files. // options { listen-on port 53 { 127.0.0.1; }; # listen-on-v6 port 53 { ::1; }; listen-on-v6 port 53 { any; }; directory "/var/named/chroot/var/named"; dump-file "/var/named/chroot/var/named/data/cache_dump.db"; statistics-file "/var/named/chroot/var/named/data/named_stats.txt"; # memstatistics-file "/var/named/chroot/var/named/data/named_mem_stats.txt"; allow-query { localhost; }; recursion yes; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; #zone "." IN { # type hint; # file "named.root"; #}; acl "mylan" { 127/8; 10.0.0.0/24; }; controls { inet 127.0.0.1 allow { localhost; } keys { rndckey; }; }; view "inside" { match-clients { "mylan"; }; recursion yes; zone "." IN { type hint; file "named.root"; }; zone "0.0.10.in-addr.arpa" IN { type slave; file "yourlan.db"; masters { 10.0.0.10; }; }; zone "amtand.nl" { type slave; file "db.amtand.nl.inside"; masters { 10.0.0.10; }; }; }; view "outside" { match-clients { any; }; recursion no; zone "." IN { type hint; file "named.root"; }; zone "amtand.nl" { type slave; file "db.amtand.nl.outside"; allow-transfer { 192.168.2.10; }; masters { 10.0.0.10; }; }; }; include "/var/named/chroot/etc/rndc.key"; include "/var/named/chroot/etc/named.conf.local"; and the messages: Dec 4 14:46:40 server2 named[7095]: exiting Dec 4 14:46:40 server2 named: succeeded Dec 4 14:46:40 server2 named[7138]: starting BIND 9.2.4 -u named -t /var/named/chroot Dec 4 14:46:40 server2 named[7138]: using 1 CPU Dec 4 14:46:40 server2 named[7138]: loading configuration from '/etc/named.conf' Dec 4 14:46:40 server2 named[7138]: listening on IPv6 interfaces, port 53 Dec 4 14:46:40 server2 named[7138]: listening on IPv4 interface lo, 127.0.0.1#53 Dec 4 14:46:40 server2 named[7138]: binding TCP socket: address in use Dec 4 14:46:40 server2 named[7138]: command channel listening on 127.0.0.1#953 Dec 4 14:46:40 server2 named: named start op succeeded Dec 4 14:46:40 server2 named[7138]: running Dec 4 14:46:55 server2 named[7138]: zone 0.0.10.in-addr.arpa/IN: refresh: failure trying master 10.0.0.10#53: timed out Dec 4 14:46:55 server2 named[7138]: zone amtand.nl/IN: refresh: failure trying master 10.0.0.10#53: timed out Dec 4 14:46:55 server2 named[7138]: zone amtand.nl/IN: refresh: failure trying master 10.0.0.10#53: timed out Dec 4 14:47:10 server2 named[7138]: zone 0.0.10.in-addr.arpa/IN: refresh: failure trying master 10.0.0.10#53: timed out Dec 4 14:47:10 server2 named[7138]: zone amtand.nl/IN: refresh: failure trying master 10.0.0.10#53: timed out Dec 4 14:47:10 server2 named[7138]: zone amtand.nl/IN: refresh: failure trying master 10.0.0.10#53: timed out Dec 4 14:47:25 server2 named[7138]: zone 0.0.10.in-addr.arpa/IN: refresh: failure trying master 10.0.0.10#53: timed out So the files aren't copied to the slave. Hopefully you've got another idea. Ad.
Is 10.0.0.10 the master's IP address? I guess the problem is the line Code: listen-on port 53 { 127.0.0.1; }; because named listens only on localhost and does not allow connections from anywhere else (including the slave).
10.0.0.10 is the master for my inside network on eth1, for the extern network I use 192.168.2.10 on eth0 (I have got two networkcards), and 10.0.0.15 is the slave . I will change listen-on port 53 { 127.0.0.1; }; in: listen-on port 53 { 10.0.0.10; }; or maybe better: listen-on port 53 { 127.0.0.1; 10.0.0.10; }; I will let you know if this does the trick! Do I also put the slave's IP in this line from the master's named.conf file? I'm already waiting two weeks for the DNS and BIND book from Clara Liu and Paul Albitz, this will problably be helpfull to! Ad.
After changing localhost to any in the lines listen-on and allow-query these problems are solved. Thank you for your support. Ad.
