Bind users list,
I am having problems with dynamic DNS config. It 'looks' simple enough
but I'm unable to load the dynamic zone.
I have stripped down my config, checked the protections on the data
directory and on the data files.
I simply do not see where the error is.
I have included info on the OS, bind version, displayed my config
files, nnamed-checkconf and named-checkzone info, shown file protections.
I will also include the logging output, almost forgot that.
Please let me know what additional info is needed.
Please let me know what I have overlooked, too many other people are
successfully doing this for it to be a bug (right??).
thank you,
Brian Cuttler
Wadsworth Center
Albany, NY
# uname -a
Linux znix.wadsworth.org 3.10.0-123.6.3.el7.x86_64 #1 SMP Wed Aug 6
21:12:36 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
Installed Packages
Name : bind
Arch : x86_64
Epoch : 32
Version : 9.9.4
Release : 14.el7_0.1
Size : 4.3 M
Repo : installed
>From repo : updates
Summary : The Berkeley Internet Name Domain (BIND) DNS (Domain
Name System) server
[root@znix dns-root]# cat /etc/named.conf
OPTIONS {
//
//
//boot file for authorative master name server for
wadsworth.ph.albany.edu
//note that ther should be one primary entry for each soa
record.
//
//type domain source file or host
//
//
directory "/etc/dns-root/";
query-source address * port 53;
dnssec-validation no;
auth-nxdomain yes; # conform to RFC1035
empty-zones-enable no;
//secondary 5.204.128.in-addr.arpa 172.16.1.6 db.128.204.5
allow-transfer { 199.184.28.129; 199.184.28.125;
199.184.28.128; 199.184.30.42; 199.184.28.130; 199.184.30.36;
150.142.80.208; 150.142.80.209; 10.49.66.7; 10.50.156.45; 172.16.1.50;
};
//secondary 6.204.128.in-addr.arpa 172.16.1.6 db.128.204.6
allow-recursion {any;};
};
key "rndc-key" {
algorithm hmac-md5;
secret "hide key #1";
};
key dhcpupdate {
algorithm hmac-md5;
secret "hide key #2";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
** removing channel logging config lines to save space ***
zone "." in {
type hint;
file "db.cache";
};
zone "wadsworth.org" in {
type master;
file "db.wadsworth.org";
};
zone "dynamic.wadsworth.org." in {
type master;
file "db.dynamic";
allow-update { key dhcpupdate; };
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "db.127.0.0";
};
[root@znix dns-root]# cat db.wadsworth.org
$TTL 86400
@ IN SOA admin.wadsworth.org. qll.wadsworth.org. (
; 1.58 ; serial
1501231306 ; serial number
10800 ; refresh after 3 hours
3600 ; retry after 1 hour
604800 ; expire after 1000 hour
86400 ) ; minimum ttl of 1 day
IN NS znix.wadsworth.org.
;
; Updating this file updates the SOA, important because all of the
; db.wadsworth.org.ip.number.files are included from this file and
; are dependent on the SOA serial number in this file.
; Just update a comment field if you have no changes to make here.
; I generally just change the number of ";" in the next line.
;;;;;;;;
newton.wadsworth.org. IN A 172.16.1.6
;ldap1.wadsworth.org. IN A 199.184.30.42
nnewton.wadsworth.org. IN A 199.184.30.36
oxenopus.wadsworth.org. IN A 172.16.1.118
bionsc.wadsworth.org. IN A 199.184.28.129
localhost IN A 127.0.0.1
[root@znix dns-root]# cat db.dynamic
$TTL 86400
@ IN SOA admin.wadsworth.org. qll.wadsworth.org. (
; 1.58 ; serial
1501231306 ; serial number
10800 ; refresh after 3 hours
3600 ; retry after 1 hour
604800 ; expire after 1000 hour
86400 ) ; minimum ttl of 1 day
IN NS znix.wadsworth.org.
znix IN A 199.184.30.15
;
; Updating this file updates the SOA, important because all of the
; db.wadsworth.org.ip.number.files are included from this file and
; are dependent on the SOA serial number in this file.
; Just update a comment field if you have no changes to make here.
; I generally just change the number of ";" in the next line.
;;;;;;;;
localhost IN A 127.0.0.1
[root@znix dns-root]# cat db.dynamic.jnl
[root@znix dns-root]#
[root@znix dns-root]# /usr/sbin/named-checkconf -j
[root@znix dns-root]# /usr/sbin/named-checkconf -z
zone wadsworth.org/IN: loaded serial 1501231306
zone dynamic.wadsworth.org/IN: loaded serial 1501231306
zone 0.0.127.in-addr.arpa/IN: loaded serial 1409291326
[root@znix dns-root]# /usr/sbin/named-checkzone -j wadsworth.org
db.dynamic
zone wadsworth.org/IN: journal rollforward failed: no more
zone wadsworth.org/IN: not loaded due to errors.
[root@znix dns-root]# /usr/sbin/named-checkzone -j wadsworth.org
db.wadsworth.org
zone wadsworth.org/IN: loaded serial 1501231306
OK
root@znix dns-root]# /usr/sbin/named-checkzone -j wadsworth.org
db.dynamic
zone wadsworth.org/IN: journal rollforward failed: no more
zone wadsworth.org/IN: not loaded due to errors.
[root@znix dns-root]# ls -ld /etc/dns-root
drwxrwxr-x. 2 named named 12288 Jan 28 10:39 /etc/dns-root
drwxrwxr-x. 2 named named 12288 Jan 28 10:39 /etc/dns-root
[root@znix dns-root]# ls -las db.wadsworth.org db.dynamic*
4 -rw-rw-r--. 1 named named 844 Jan 27 17:09 db.dynamic
0 -rw-rw-r--. 1 named named 0 Jan 27 14:08 db.dynamic.jnl
12 -rw-rw-r--. 1 named named 8605 Jan 28 10:37 db.wadsworth.org
>From my /var/log/named-logs/dns_general_log file
28-Jan-2015 10:44:17.199 general: info: managed-keys-zone: loaded
serial 0
28-Jan-2015 10:44:17.200 general: info: zone 0.0.127.in-addr.arpa/IN:
loaded serial 1409291326
28-Jan-2015 10:44:17.332 general: info: zone wadsworth.org/IN: loaded
serial 1501231306
28-Jan-2015 10:44:17.332 general: error: zone
dynamic.wadsworth.org/IN: journal rollforward failed: no more
28-Jan-2015 10:44:17.332 general: error: zone
dynamic.wadsworth.org/IN: not loaded due to errors.
28-Jan-2015 10:44:17.333 general: notice: all zones loaded
28-Jan-2015 10:44:17.333 general: notice: running
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
