Getting DNS Error when restarting BIND9

Discussion in 'HOWTO-Related Questions' started by joelee, Aug 12, 2007.

  1. joelee

    joelee New Member

    Hi All, My Bind9 DNS won't start... I am getting the following error when restarting it. At some point DNS was working fine. I have both primary/secondary DNS setup.

    ns2:/etc/bind# /etc/init.d/bind9 restart
    Stopping domain name service...: bindrndc: connect failed: 127.0.0.1#953: connection refused
    failed!
    Starting domain name service...: bind failed!

    Thanks for any help!
    Joe
     
    joelee, Aug 12, 2007
    #1
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Do you have primary and secondary zones for the same domain on the same server? If yes, remove the secondary zones. The are not nescessary and Bind will not start if the same domain is defined as primary and secondary on the same server.
     
    till, Aug 12, 2007
    #2
  3. joelee

    joelee New Member

    Till, I am using the 2 in one dns how-to:
    http://howtoforge.com/two_in_one_dns_bind9_views

    I followed the instructions as per the how-to for the primary DNS for the secondary I just duplicated the setup the same.

    Here's my named.conf.local for my Primary and Secondary Name Servers.
    NOTE: I've changed the domain name and IP's.
    Primary named.conf.local:
    Code:
    // Primary NS - named.conf.local


//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

acl internals {
    127.0.0.0/8;
    192.168.10.0/24;
};

view "internal" {
    match-clients { internals; };
    recursion yes;
    zone "doamin-a.com" {
        type master;
        file "/etc/bind/db.internals.doamin-a.com";
    };

    // Reverse DNS for doamin-a.com
    zone "10.168.192.in-addr.arpa" {
        type master;
        file "/etc/bind/db.internals.doamin-a.com.inv";
        forwarders{};
    };
};

view "external" {
    match-clients { any; };
    recursion no;
    zone "doamin-a.com" {
        type master;
        file "/etc/bind/db.externals.doamin-a.com";
        allow-transfer { slaves; };
    };

    // Reverse DNS for doamin-a.com
    zone "201.20.200.in-addr.arpa" {
        type master;
        file "/etc/bind/db.externals.doamin-a.com.inv";
        forwarders{};
    };
};
    Secondary named.conf.local:
    Code:
    // Secondary NS - named.conf.local

root@ns2:/etc/bind# more named.conf.local 
//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

acl internals {
    127.0.0.0/8;
    192.168.10.0/24;
};

view "internal" {
    match-clients { internals; };
    recursion yes;
    zone "doamin-a.com" {
        type slave;
        transfer-source 192.168.10.102;
        file "/etc/bind/db.internals.doamin-a.com.slv";
        masters { 192.168.10.101; };
    };

    // Reverse DNS for doamin-a.com
    zone "10.168.192.in-addr.arpa" {
        type slave;
        transfer-source 192.168.10.102;
        file "/etc/bind/db.internals.doamin-a.com.slv.inv";
        masters { 192.168.10.101; };
        forwarders{};
    };
};
view "external" {
    match-clients { any; };
    recursion no;
    zone "doamin-a.com" {
        type slave;
        transfer-source 192.168.10.102;
        file "/etc/bind/db.externals.doamin-a.com.slv";
        allow-transfer { slaves; };
        masters { 192.168.10.101; };
    };

    // Reverse DNS for doamin-a.com
    zone "120.20.200.in-addr.arpa" {
        type slave;
        transfer-source 192.168.10.102;
        file "/etc/bind/db.externals.doamin-a.com.slv.inv";
        allow-transfer { slaves; };
        masters { 192.168.10.101; };
        forwarders{};
    };
};
    I hope there's something that can be seen from the above 2 files. If not, I guess I can send attachments of my zone files if needed. I am really trying to figure out problem - Hope you or someone can help further!

    Joe
     
    joelee, Aug 13, 2007
    #3
  4. falko

    falko Super Moderator Howtoforge Staff

    falko, Aug 13, 2007
    #4
  5. joelee

    joelee New Member

    Falko, As you suggested, I took a look at the comments from this link:
    http://www.howtoforge.com/howto_bind_chroot_debian

    There are several different comments posted there and I am not sure which one to refer to directly. Also, I've installed BIND9 on Debian Etch and the comments are refering to Sarge. I am not sure if those comments also applies to Debian Etch.

    However, I do suppose the comments you want me to refer to is this:
    Code:
    [URL="http://www.howtoforge.com/howto_bind_chroot_debian#comment-370"]namedrndc: connect failed[/URL]
     Submitted by [URL="http://www.howtoforge.com/forums/member.php?u=4090"]Anonymous[/URL] on Fri, 2005-11-18 23:11.
    If you notice in the tutorial, it says - for Sarge - to modify the /etc/default/bind9 so bind runs as the unprivileged user 'bind'. Problem is, later on we chroot everything to the user 'nobody' I changed the opts= line in /etc/default/bind9 as per the instructions but used 'nobody' instead of 'bind' and it all worked fine - got rid of both the 'connect failed' AND the 'named.pid' error in syslog !. btw: Great howto - but I guess even the greatest stuff can have errors :)
    If you can confirm for me if I should change user to nobody as appose to bind. FYI, I did try changing to user bind but still get the errors initially reported.

    Joe
     
    joelee, Aug 14, 2007
    #5
  6. falko

    falko Super Moderator Howtoforge Staff

    falko, Aug 15, 2007
    #6
  7. joelee

    joelee New Member

    Falko, thanks... I found the problem and fixed. It was a silly sintax error.

    Joe
     
    joelee, Aug 17, 2007
    #7

Share This Page