Re: Error: already exists previous definition
Hi No, there's no duplicated directives in the zone file. For example, here's the zone for another domain with the same error and here are the only directives: $ORIGIN x.com. $TTL 3600 Tom At 20-07-2012 09:56 PM +0100, Tony Finch wrote: On 20 Jul 2012, at 21:40, Active Venture - Tom wrote: > > 20-Jul-2012 15:26:40.181 config: error: /var/named/etc/namedb/conf/zone_0.conf:1529: zone 'x.net': already exists previous definition: /var/named/etc/namedb/conf/zone_0.conf:1529 > 20-Jul-2012 15:26:46.270 general: error: reloading configuration failed: failure > > The puzzling aspect is, there is NO duplicated config or zone entries at all for the domains listed in such error. Are there any duplicate include directives? Tony. -- f.anthony.n.finch http://dotat.at/ ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Error: already exists previous definition
> 20-Jul-2012 15:26:40.181 config: error: > /var/named/etc/namedb/conf/zone_0.conf:1529: zone 'x.net': > already exists previous definition: > /var/named/etc/namedb/conf/zone_0.conf:1529 > 20-Jul-2012 15:26:46.270 general: error: reloading configuration > failed: failure That looks very suspiciously like a file which has been included twice. Check again. And again. :) > This has never ever happened before and the problem only started a > few days day, and we did not make any changes to our BIND servers. Are you quite sure? What are the modification times of named.conf and *all files* it includes? [ls -l] What does `named-checkconf' report? Oh, and while you're at it, you should upgrade BIND -- the version you are using is pretty old. -JP ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: named validating @0x...: ... SOA: no valid signature found
On 12-07-20 07:16 PM, Mark Andrews wrote: > > "dnssec-validation auto;" Well, this seems to have done the trick. Changing it from yes to auto has eliminated most (almost all in fact) of the validation warnings/errors I was getting in my logs. > tells named to use the compiled > in root key in addition to enabling validation. A. So "yes" just enables validation but doesn't use any compiled in root key? If so, this is an annoying (all due respect) and small but important distinction. I'm not sure about anyone else, but a yes/no/auto selector to me means either an explicit yes or explicit no with auto meaning some kind of "do what you think is right" in terms of making it yes or no. I don't typically think of it as no or yes plus some additional functionality. Anyway, you have my since appreciation for persevering with me in my efforts to figure this out. b. signature.asc Description: OpenPGP digital signature ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Slave DNS
Hello *, I have only one fixed IP from my ISP and run my own (Master) name server. A friend from me in another Network segment does the Slave. I do the same for him. Now I am puzzeling arround, whether it is possibel, to setup the slave DNS to accept any domains (including newly created) from a master... I find it realy annoying, if I have ask every time the owner of the Slave, to add a new zone. Any Hints? Thanks ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Slave DNS
> I find it realy annoying, if I have ask every time the owner of the Slave, > to add a new zone. Assuming your version of BIND is new enough, look at `rndc addzone' with which you can add and remove zones at run-time w/out having to edit `named.conf'. -JP ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Slave DNS
On Sat, July 21, 2012 20:03, Jan-Piet Mens wrote: >> I find it realy annoying, if I have ask every time the owner of the >> Slave, >> to add a new zone. > > Assuming your version of BIND is new enough, look at `rndc addzone' with > which you can add and remove zones at run-time w/out having to edit > `named.conf'. Which mean, my DNS partner need his own rndc key which let him add/remove zones as slave? How can I do this? I mean, I have to give him some permissions... Greetings Kal ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Slave DNS
On 21/07/12 20:03, Jan-Piet Mens wrote: >> I find it realy annoying, if I have ask every time the owner of the Slave, >> to add a new zone. > Assuming your version of BIND is new enough, look at `rndc addzone' with > which you can add and remove zones at run-time w/out having to edit > `named.conf'. > > > > -JP > IIRC that will add the zone to the master, the question, as I heard it, was to add it to the slave server, to avoid disturbing the owner of the slave to manually editing the slave config. I don't recall any possibility to do this, a new zone on the master may have it's own set of slaves, unlike any previous, so there is no way to automagically stuff a new zone into "some" slaves. > ___ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Best regards Sten Carlsen No improvements come from shouting: "MALE BOVINE MANURE!!!" ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Slave DNS
> Which mean, my DNS partner need his own rndc key which let him add/remove > zones as slave? You are the master. He is the slave. You have an rndc key for his slave server, so that you can add a slave zone on his server. [Substitute he/his by she/hers if required.] And vice versa. :) Grab a recent copy of the ARM for the documentation and an example use, and make sure you understand the security implications of opening up a channel for rndc on each of the servers. -JP ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
[SOLVED] Re: Slave DNS
I have gotten a sugestion which should work very well: 1) NS has apache SSL running 2) Create a script which add/remove zones to/from a "slave zones list" 3) run a cronjob which update the named_slave_zones.conf and reload named This give me the possibility to create more then one "slave zones list" for several friends and partners whitout being a single time bothered with updates... Thanks in Advance Kal ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Slave DNS
> IIRC that will add the zone to the master, the question, as I heard it,
> was to add it to the slave server, to avoid disturbing the owner of
> the slave to manually editing the slave config.
With `rndc addzone' you specify whether you are adding a master or slave
zone, just as you would in named.conf, with all required options.
> I don't recall any possibility to do this, a new zone on the master may
> have it's own set of slaves, unlike any previous, so there is no way to
> automagically stuff a new zone into "some" slaves.
There is:
rndc addzone fff.aa in internal '{type slave; file "fff.aa";
masters { 192.168.1.10; };};'
-JP
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: Slave DNS
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sat, 2012-07-21 at 19:34 +0200, With No Name wrote: > I find it really annoying, if I have ask every time the owner of the > Slave, to add a new zone. Publish the list of zones which your friend should slave. That can be published any number of ways via http on a web site via IRC via usenet news groups via dns zone transfer (dig slave1.slaves.somedomain.tld txt) On the slave machine, periodically run a script to query the list of slave zones and rebuild that part of named.conf as needed. Then 'rndc reconfig' -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.14 (GNU/Linux) iEYEARECAAYFAlALAQMACgkQL6j7milTFsHbagCfcMNZ3k+m/4asiI9aKW6Q3LFV N8IAoIGTIXSEje/9UvhFqhSpUCCIHWgF =zXh8 -END PGP SIGNATURE- ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
