Control Web Panel
WebPanel => DNS => Topic started by: jeniha on October 12, 2017, 11:05:46 AM
-
I have problem with starting up BIND DNS Server error it is:
Oct 12 12:22:01 cbox.biz systemd[1]: named.service: control process exited, code=exited status=1
Oct 12 12:22:01 cbox.biz systemd[1]: Failed to start Berkeley Internet Name Domain (DNS).
Oct 12 12:22:01 cbox.biz systemd[1]: Unit named.service entered failed state.
Oct 12 12:22:01 cbox.biz systemd[1]: named.service failed.
If enyone can help will be nice :).
-
Try to start it from CWP and paste the error from there, or systemctl status named.service or journalctl -xe
-
named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Thu 2017-10-12 12:22:01 EEST; 5h 1min ago
Process: 28142 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z /etc/named.conf; else echo "Checking of zo
ne files is disabled"; fi (code=exited, status=1/FAILURE)
Oct 12 12:22:01 cbox.biz bash[28142]: _default/domain/IN: bad zone
Oct 12 12:22:01 cbox.biz bash[28142]: zone domain1/IN: loaded serial 2013071600
Oct 12 12:22:01 cbox.biz bash[28142]: zone domain2/IN: loaded serial 2013071600
Oct 12 12:22:01 cbox.biz bash[28142]: zone domain3/IN: loaded serial 2013071600
Oct 12 12:22:01 cbox.biz bash[28142]: zone domain4/IN: loaded serial 2013071600
Oct 12 12:22:01 cbox.biz bash[28142]: zone domain5/IN: loaded serial 2013071600
Oct 12 12:22:01 cbox.biz systemd[1]: named.service: control process exited, code=exited status=1
Oct 12 12:22:01 cbox.biz systemd[1]: Failed to start Berkeley Internet Name Domain (DNS).
Oct 12 12:22:01 cbox.biz systemd[1]: Unit named.service entered failed state.
Oct 12 12:22:01 cbox.biz systemd[1]: named.service failed.
Unit or.service could not be found.
Unit journalctl.service could not be found.
This is with systemctl status named.service or journalctl.
With systemctl status named.service or journalctl with -xe give me error systemctl: invalid option -- 'x'.
-
CentOS 6 or CentOS 7? As I see "Oct 12 12:22:01 cbox.biz bash[28142]: _default/domain/IN: bad zone". Please paste first your /etc/named.conf and later we will see the zones.
-
CentOS 7, hmm dosent have permission.
/etc/named.conf permission denied it shows.
-
Got root? Type "whoami" and see the output if you are not sure. Than open the file as root and show me, if you want can be on PM.
-
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a any DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// See the BIND Administrator's Reference Manual (ARM) for details about the
// configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
/*
- If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
- If you are building a RECURSIVE (caching) DNS server, you need to enable
recursion.
- If your recursive DNS server has a public IP address, you MUST enable acces$
control to limit queries to your legitimate users. Failing to do so will
cause your server to become part of large scale DNS amplification
attacks. Implementing BCP38 within your network would greatly
reduce such attack surface
*/
recursion no;
recursion no;
dnssec-enable yes;
dnssec-validation yes;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
// zone domain4
zone "domain4" {
type master;
file "/var/named/domain4.db";};
// zone_end domain4
// zone domain4
zone "domain4" {
type master;
file "/var/named/domain4.db";};
// zone_end domain4
// zone domain
zone "domain" {
type master;
file "/var/named/domain.db";};
// zone_end domain
// zone_end domain
// zone domain5
zone "domain5" {
type master;
file "/var/named/domain5.db";};
// zone_end domain5
// zone domain3
zone "domain3" {
type master;
file "/var/named/domain3.db";};
// zone_end domain3
//zone "8.8.8.8" {type master;file "/var/named/8.8.8.8.db";};
//zone "8.8.8.8" {type master;file "/var/named/8.8.8.8.db";};
//zone "ns.nsbox.com" {type master;file "/var/named/ns.nsbox.com.db";};
//zone "ns12.nsbox.com" {type master;file "/var/named/ns12.nsbox.com.db";};
// zone service
zone "service" {
type master;
file "/var/named/service.db";};
// zone_end service
// zone domain2
zone "domain2" {
type master;
file "/var/named/domain2.db";};
// zone_end domain2
-
I will rewrite your named.conf, so just copy from here, delete everything in your named.conf and paste this:
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a any DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// See the BIND Administrator's Reference Manual (ARM) for details about the
// configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
allow-transfer { any; };
recursion no;
dnssec-enable yes;
dnssec-validation yes;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
// zone domain4
zone "domain4" IN {
type master;
file "/var/named/domain4.db";};
// zone_end domain4
// zone domain4
zone "domain4" IN {
type master;
file "/var/named/domain4.db";};
// zone_end domain4
// zone domain
zone "domain" IN {
type master;
file "/var/named/domain.db";};
// zone_end domain
// zone domain5
zone "domain5" IN {
type master;
file "/var/named/domain5.db";};
// zone_end domain5
// zone domain3
zone "domain3" IN {
type master;
file "/var/named/domain3.db";};
// zone_end domain3
//zone "ns.nsbox.com" IN {type master;file "/var/named/ns.nsbox.com.db";};
//zone "ns12.nsbox.com" IN {type master;file "/var/named/ns12.nsbox.com.db";};
// zone service
zone "service" IN {
type master;
file "/var/named/service.db";};
// zone_end service
// zone domain2
zone "domain2" IN {
type master;
file "/var/named/domain2.db";};
// zone_end domain2
Ok. You need to replace "domain, domain2, domain3, domain4, domain5 and service" with real domains like "jeniha.com" or something else which is real. Also you need to rename all the "file "/var/named/domain.db";" to be "file "/var/named/jeniha.com.db";" for example and then to create a proper "jeniha.com.db". I will give you an example "jeniha.com.db" and you will replace "jeniha.com" with your domain.
$TTL 14400
jeniha.com. 86400 IN SOA ns1.jeniha.com. root.jeniha.com. (
2017101401 ; serial, todays date+todays
86400 ; refresh, seconds
7200 ; retry, seconds
3600000 ; expire, seconds
86400 ) ; minimum, seconds
;; NS Records
jeniha.com. IN NS ns1.jeniha.com.
jeniha.com. IN NS ns2.jeniha.com.
jeniha.com. IN NS ns3.jeniha.com.
jeniha.com. IN NS ns4.jeniha.com.
jeniha.com. IN NS ns5.jeniha.com.
;; A Records
jeniha.com. IN A 77.236.161.244
localhost.jeniha.com. IN A 127.0.0.1
;; AAAA Records
jeniha.com. IN AAAA 2001:470:1d1b:e5::11
;; MX Records
jeniha.com. IN MX 0 jeniha.com.
;; CNAME Records
www IN CNAME jeniha.com.
mail IN CNAME jeniha.com.
ftp IN CNAME jeniha.com.
irc IN CNAME jeniha.com.
Leaving "domain, domain2, domain3, domain4, domain5 and service" will not work properly for outside. If it`s for LAN it will be ok. If you are not using IPv6 remove the whole ";; AAAA Records and jeniha.com. IN AAAA 2001:470:1d1b:e5::11". Try like this and tell me what`s going on. Waiting for your reply.
-
Active: failed (Result: exit-code) since Mon 2017-10-16 13:02:20 EEST; 22s ago
Process: 75085 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z /etc/named.conf; else echo "Checking of zo
ne files is disabled"; fi (code=exited, status=1/FAILURE)
Oct 16 13:02:20 cbox.biz bash[75085]: /var/named/dbl-bg.com.db:14: ignoring out-of-zone data (dbl-bg.com)
Oct 16 13:02:20 cbox.biz bash[75085]: /var/named/dbl-bg.com.db:16: ignoring out-of-zone data (localhost.dbl-bg.com)
Oct 16 13:02:20 cbox.biz bash[75085]: /var/named/dbl-bg.com.db:18: ignoring out-of-zone data (dbl-bg.com)
Oct 16 13:02:20 cbox.biz bash[75085]: zone dbl-bg.com\032/IN: has 0 SOA records
Oct 16 13:02:20 cbox.biz bash[75085]: zone dbl-bg.com\032/IN: has no NS records
Oct 16 13:02:20 cbox.biz bash[75085]: zone dbl-bg.com\032/IN: not loaded due to errors.
Oct 16 13:02:20 cbox.biz bash[75085]: _default/dbl-bg.com /IN: bad zone
Oct 16 13:02:20 cbox.biz systemd[1]: Failed to start Berkeley Internet Name Domain (DNS).
Oct 16 13:02:20 cbox.biz systemd[1]: Unit named.service entered failed state.
Oct 16 13:02:20 cbox.biz systemd[1]: named.service failed.
hm.
-
Can you paste here lines 14, 16 and 18 ?
-
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
Here :).