Re: compile and install from source
On 03/30/15 00:35, @lbutlr wrote: > Downloaded and compiled bind-9.9.7 (FreeBSD 8.4-RELEASE) and it built fine > (./configure && make && make install). On FreeBSD, building software out of the ports is definitely recommended. It does the usual configure and make dance, but you also get the benefit of using the package management system, and any OS specific patches that might need to be applied. (Not that there are many with BIND). > If I try to start named (service named start), it starts this version instead > of the version in /usr/local/sbin > > I found this in /etc/defaults/rc,conf: > > named_enable="NO" # Run named, the DNS server (or NO). > named_program="/usr/sbin/named" # Path to named, if you want a different one. > named_conf="/etc/namedb/named.conf" # Path to the configuration file > #named_flags="" # Use this for flags OTHER than -u and -c > named_uid="bind"# User to run named as > named_chrootdir="/var/named"# Chroot directory (or "" not to auto-chroot > it) > named_chroot_autoupdate="YES" # Automatically install/update chrooted > # components of named. See /etc/rc.d/named. > named_symlink_enable="YES" # Symlink the chrooted pid file > named_wait="NO" # Wait for working name service before exiting > named_wait_host="localhost" # Hostname to check if named_wait is enabled > named_auto_forward="NO" # Set up forwarders from /etc/resolv.conf > named_auto_forward_only="NO"# Do "forward only" instead of "forward first” > > So I changed the path (in /etc/rc.conf) to /usr/local/sbin/named > > But now I get: > > $ /etc/rc.d/named start > Starting named. > /etc/rc.d/named: WARNING: failed to start named > > But nothing is logged in /var/log/messages > > For now, I am pointing back to the old 9.8.4 version. It's been a while since I ran FreeBSD 8.4 on any nameservers, but I recall it working fine using the ports version of named and the configuration files from the base system. Can you start the named process "by hand" -- the command line should be something like: # /usr/local/sbin/named -u bind -c /etc/namedb/named.conf \ -t /var/named (assuming you want it to run chrooted) If you've setup named to log to syslog, rather than just writing its own files, then adding syslogd_flags="-l /var/named/var/run/log" to /etc/rc.conf and restarting syslogd may get you some better logging information. Cheers, Matthew signature.asc Description: OpenPGP digital signature ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: compile and install from source
On Sun, 29 Mar 2015, INVALID_ADDRESS wrote: > named_conf="/etc/namedb/named.conf" # Path to the configuration file ... > So I changed the path (in /etc/rc.conf) to /usr/local/sbin/named > > But now I get: > > $ /etc/rc.d/named start > Starting named. > /etc/rc.d/named: WARNING: failed to start named > > But nothing is logged in /var/log/messages Try running: /usr/local/sbin/named -g -c /etc/namedb/named.conf -u bind to see what the output tells you. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: compile and install from source
+--On 29 mars 2015 17:35:09 -0600 @lbutlr, krem...@kreme.com wrote: | Downloaded and compiled bind-9.9.7 (FreeBSD 8.4-RELEASE) and it built | fine (./configure && make && make install). What does the port version not do that you need ? | If I try to start named (service named start), it starts this version | instead of the version in /usr/local/sbin | | So I changed the path (in /etc/rc.conf) to /usr/local/sbin/named If you had installed the port, it would have told you that: * You will need to make sure that you have the following line * * in your /etc/rc.conf in order to have the startup script * * run the named version from the port: * ** * named_program="/usr/local/sbin/named"* | But now I get: | | $ /etc/rc.d/named start | Starting named. | /etc/rc.d/named: WARNING: failed to start named | | But nothing is logged in /var/log/messages | | For now, I am pointing back to the old 9.8.4 version. Have you tried running it manually to see what it says ? -- Mathieu Arnold ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: compile and install from source
Prefered procedure: 1) Install the ports collection via "portsnap fetch" and then "portsnap extract" (or "portsnap update" if already installed) 2) Go to /usr/ports/dns/bind99 and type "make install" Please note that after installing, you will have two versions of BIND on your system: - the default version of BIND that is installed with the system and resides in /usr/sbin/, config is in /etc/namedb. Don't try to overwrite this, it's not the right way to do it - the version installed from ports or packages that resides in /usr/local/sbin/, config is in /usr/local/etc/. That's the version you want to use. In 8.4., the default chroot for BIND is /var/named, you might want to use that. Please not that in FreeBSD 10, BIND is removed from system and replaced with Unbound as the default resolver, and the chroot in /var/named is gone, you have to make it manually. If you run Bind in chroot, you should have this in rc.conf: named_enable="YES" named_flags="-t /var/named" syslogd_flags="-s -l /var/named/dev/log" Use the rc script /usr/local/etc/rc.d/named to start and stop the BIND process. -- S pozdravem, Daniel Ryšlink System Administrator Dial Telecom a. s. Křižíkova 36a/237 186 00 Praha 3, Česká Republika Tel.:+420.226204627 daniel.rysl...@dialtelecom.cz --- www.dialtelecom.cz Dial Telecom, a.s. Jednoduše se připojte --- On 03/30/2015 01:35 AM, @lbutlr wrote: Downloaded and compiled bind-9.9.7 (FreeBSD 8.4-RELEASE) and it built fine (./configure && make && make install). If I try to start named (service named start), it starts this version instead of the version in /usr/local/sbin I found this in /etc/defaults/rc,conf: named_enable="NO" # Run named, the DNS server (or NO). named_program="/usr/sbin/named" # Path to named, if you want a different one. named_conf="/etc/namedb/named.conf" # Path to the configuration file #named_flags="" # Use this for flags OTHER than -u and -c named_uid="bind"# User to run named as named_chrootdir="/var/named"# Chroot directory (or "" not to auto-chroot it) named_chroot_autoupdate="YES" # Automatically install/update chrooted # components of named. See /etc/rc.d/named. named_symlink_enable="YES" # Symlink the chrooted pid file named_wait="NO" # Wait for working name service before exiting named_wait_host="localhost" # Hostname to check if named_wait is enabled named_auto_forward="NO" # Set up forwarders from /etc/resolv.conf named_auto_forward_only="NO"# Do "forward only" instead of "forward first” So I changed the path (in /etc/rc.conf) to /usr/local/sbin/named But now I get: $ /etc/rc.d/named start Starting named. /etc/rc.d/named: WARNING: failed to start named But nothing is logged in /var/log/messages For now, I am pointing back to the old 9.8.4 version. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: compile and install from source
+--On 30 mars 2015 16:46:36 +0200 Daniel Ryslink
wrote:
| In 8.4., the default chroot for BIND is /var/named, you might want to use
| that. Please not that in FreeBSD 10, BIND is removed from system and
| replaced with Unbound as the default resolver, and the chroot in
| /var/named is gone, you have to make it manually.
That's not true, it's just not enabled by default, because it is a mess to
get *right* when migrating from {8,9} to 10.
| If you run Bind in chroot, you should have this in rc.conf:
|
| named_enable="YES"
| named_flags="-t /var/named"
Nope, you should use:
named_chrootdir="/var/named"
| syslogd_flags="-s -l /var/named/dev/log"
And I think that should be written as:
altlog_proglist="named"
| Use the rc script /usr/local/etc/rc.d/named to start and stop the BIND
| process.
--
Mathieu Arnold
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: compile and install from source
> That's not true, it's just not enabled by default, because it is a
mess to
> get *right* when migrating from {8,9} to 10.
On the contrary, see the FreeBSD 10 release notes:
https://www.freebsd.org/releases/10.0R/announce.html
Quote:
"- Unbound has been imported to the base system as the local caching DNS
resolver.
- BIND has been removed from the base system."
As for my rc.conf directives, they may be obsolete, but they still work.
--
S pozdravem,
Daniel Ryšlink
System Administrator
Dial Telecom a. s.
Křižíkova 36a/237
186 00 Praha 3, Česká Republika
Tel.:+420.226204627
daniel.rysl...@dialtelecom.cz
---
www.dialtelecom.cz
Dial Telecom, a.s.
Jednoduše se připojte
---
On 03/30/2015 05:13 PM, Mathieu Arnold wrote:
+--On 30 mars 2015 16:46:36 +0200 Daniel Ryslink
wrote:
| In 8.4., the default chroot for BIND is /var/named, you might want to use
| that. Please not that in FreeBSD 10, BIND is removed from system and
| replaced with Unbound as the default resolver, and the chroot in
| /var/named is gone, you have to make it manually.
That's not true, it's just not enabled by default, because it is a mess to
get *right* when migrating from {8,9} to 10.
| If you run Bind in chroot, you should have this in rc.conf:
|
| named_enable="YES"
| named_flags="-t /var/named"
Nope, you should use:
named_chrootdir="/var/named"
| syslogd_flags="-s -l /var/named/dev/log"
And I think that should be written as:
altlog_proglist="named"
| Use the rc script /usr/local/etc/rc.d/named to start and stop the BIND
| process.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: compile and install from source
+--On 30 mars 2015 19:12:30 +0200 Daniel Ryslink
wrote:
| > That's not true, it's just not enabled by default, because it is a
| mess to
| > get *right* when migrating from {8,9} to 10.
|
| On the contrary, see the FreeBSD 10 release notes:
|
| https://www.freebsd.org/releases/10.0R/announce.html
|
| Quote:
|
| "- Unbound has been imported to the base system as the local caching DNS
| resolver.
|
| - BIND has been removed from the base system."
|
| As for my rc.conf directives, they may be obsolete, but they still work.
Ah, sorry, my "not true" was regarding the chroot thing.
--
Mathieu Arnold
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
zone not updating
Hello all, I have a Bind9 server which is master for several zones, one of those is hcvalchisone.net. Here is the relevant part of its db file: ; ; BIND data file for hcvalchisone.net ; $TTL3600 @ IN SOA hcvalchisone.net. info.hcvalchisone.net. ( 2015032901 ; Serial 300 ; Refresh 300 ; Retry 1200 ; Expire 3600); Default TTL ; @ IN NS ns0.virtual-bit.com. @ IN NS ns1.virtual-bit.com. hcvalchisone.net.IN MX 10 mx.hcvalchisone.net. hcvalchisone.net. IN A 136.243.232.141 mx IN A 158.58.168.152 www IN A 136.243.232.141 I edited this zone file on March, 22 and set new IP address for the www record. Then, yesterday, I only bumped the serial because the zone was not propagating, but still nothing changed. If you query the NS for the www record, it replies with the new and correct IP address (136.243.232.141), but if you query any other DNS around the globe, it replies with the old one (158.58.168.152, same as current MX). What am I doing wrong? ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: zone not updating
On Mon, Mar 30, 2015 at 4:37 PM, Lucio Crusca wrote: > Hello all, > > I have a Bind9 server which is master for several zones, one of those is > hcvalchisone.net. Here is the relevant part of its db file: > > ; > ; BIND data file for hcvalchisone.net > ; > $TTL3600 > @ IN SOA hcvalchisone.net. info.hcvalchisone.net. ( > 2015032901 ; Serial >300 ; Refresh >300 ; Retry > 1200 ; Expire > 3600); Default TTL > ; > @ IN NS ns0.virtual-bit.com. > @ IN NS ns1.virtual-bit.com. > hcvalchisone.net.IN MX 10 mx.hcvalchisone.net. > hcvalchisone.net. IN A 136.243.232.141 > mx IN A 158.58.168.152 > www IN A 136.243.232.141 > > I edited this zone file on March, 22 and set new IP address for the www > record. > Then, yesterday, I only bumped the serial because the zone was not > propagating, but still nothing changed. If you query the NS for the www > record, it replies with the new and correct IP address (136.243.232.141), but > if you query any other DNS around the globe, it replies with the old one > (158.58.168.152, same as current MX). > > What am I doing wrong? Dumb question of the day: does this zone also handle DHCP entries? I ask because I am wondering if you need to use rndc freeze/thaw. > ___ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: zone not updating
On Mon, 30 Mar 2015, Lucio Crusca wrote: > @ IN NS ns0.virtual-bit.com. > @ IN NS ns1.virtual-bit.com. ... > propagating, but still nothing changed. If you query the NS for the > www record, it replies with the new and correct IP address > (136.243.232.141), but if you query any other DNS around the globe, it > replies with the old one (158.58.168.152, same as current MX). Your basically answered your own question. See the NS records in the output for the following: dig hcvalchisone.net @f.gtld-servers.net ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: zone not updating
> Dumb question of the day: does this zone also handle DHCP > entries? No, it doesn't. > I ask because I am wondering if you need to use rndc > freeze/thaw. Er... I don't know what rndc freeze/thaw even is... ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: compile and install from source
On Mon, Mar 30, 2015 at 12:41 PM, Mathieu Arnold wrote:
>
>
> +--On 30 mars 2015 19:12:30 +0200 Daniel Ryslink
> wrote:
> | > That's not true, it's just not enabled by default, because it is a
> | mess to
> | > get *right* when migrating from {8,9} to 10.
> |
> | On the contrary, see the FreeBSD 10 release notes:
> |
> | https://www.freebsd.org/releases/10.0R/announce.html
> |
> | Quote:
> |
> | "- Unbound has been imported to the base system as the local caching DNS
> | resolver.
> |
> | - BIND has been removed from the base system."
> |
> | As for my rc.conf directives, they may be obsolete, but they still work.
>
> Ah, sorry, my "not true" was regarding the chroot thing.
>
> --
> Mathieu Arnold
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
Note that chroot has just been re-enabled in the FreeBSD BIND ports. It's
not default, so you must select the CHROOT option. This was just announced
last week, and I am not sure the change has actually been committed.
--
Kevin Oberman, Network Engineer, Retired
E-mail: rkober...@gmail.com
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: zone not updating
In article , Lucio Crusca wrote: > Hello all, > > I have a Bind9 server which is master for several zones, one of those is > hcvalchisone.net. Here is the relevant part of its db file: > > ; > ; BIND data file for hcvalchisone.net > ; > $TTL3600 > @ IN SOA hcvalchisone.net. info.hcvalchisone.net. ( > 2015032901 ; Serial >300 ; Refresh >300 ; Retry > 1200 ; Expire > 3600); Default TTL > ; > @ IN NS ns0.virtual-bit.com. > @ IN NS ns1.virtual-bit.com. > hcvalchisone.net. IN MX 10 mx.hcvalchisone.net. > hcvalchisone.net. IN A 136.243.232.141 > mxIN A 158.58.168.152 > www IN A 136.243.232.141 > > I edited this zone file on March, 22 and set new IP address for the www > record. > Then, yesterday, I only bumped the serial because the zone was not > propagating, but still nothing changed. If you query the NS for the www > record, it replies with the new and correct IP address (136.243.232.141), but > if you query any other DNS around the globe, it replies with the old one > (158.58.168.152, same as current MX). > > What am I doing wrong? You need to go to your domain registrar and update the nameservers. Your registration lists different nameservers than the ones you have in your zone: Domain Name: HCVALCHISONE.NET Registrar: ONLINENIC, INC. Sponsoring Registrar IANA ID: 82 Whois Server: whois.onlinenic.com Referral URL: http://www.OnlineNIC.com Name Server: NS1.CUSTOMER.SEFLOW.IT Name Server: NS2.CUSTOMER.SEFLOW.IT Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited Updated Date: 30-sep-2014 Creation Date: 15-oct-2008 Expiration Date: 15-oct-2015 These nameservers have an old version of your zone: $ dig hcvalchisone.net soa @ns2.customer.seflow.it +norec +multi ; <<>> DiG 9.6-ESV-R4-P3 <<>> hcvalchisone.net soa @ns2.customer.seflow.it +norec +multi ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8220 ;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;hcvalchisone.net. IN SOA ;; ANSWER SECTION: hcvalchisone.net. 600 IN SOA ns1.hcvalchisone.net. hostmaster.hcvalchisone.net. ( 2014020301 ; serial 28800 ; refresh (8 hours) 7200 ; retry (2 hours) 604800 ; expire (1 week) 600; minimum (10 minutes) ) -- Barry Margolin Arlington, MA ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: compile and install from source
On Mar 30, 2015, at 2:30 AM, Matthew Seaman wrote: > On 03/30/15 00:35, @lbutlr wrote: >> Downloaded and compiled bind-9.9.7 (FreeBSD 8.4-RELEASE) and it built fine >> (./configure && make && make install). > > On FreeBSD, building software out of the ports is definitely > recommended. It does the usual configure and make dance, but you also > get the benefit of using the package management system, and any OS > specific patches that might need to be applied. (Not that there are > many with BIND). And I normally do that, however in this specific case it was not possible. > Can you start the named process "by hand" -- the command line should be > something like: > > # /usr/local/sbin/named -u bind -c /etc/namedb/named.conf \ > -t /var/named Yes, that works without reporting any errors, so the issue appears to be with /usr/local/etc/rc.d/named startup script. > syslogd_flags="-l /var/named/var/run/log" > > to /etc/rc.conf and restarting syslogd may get you some better logging > information. Don’t see anything logged on either the startup or the failed startup. However, if I try to check rndc… # /usr/local/sbin/rndc status rndc: neither /etc/rndc.conf nor /etc/rndc.key was found Now, it is true that there is no rndc.conf, but that is true all all three name servers. There is a rndc.key in /var/named/etc/namedb/rndc.conf I’m not sure why it is looking in (I assume /var/named/etc instead of) /var/named/etc/namedb. is named_chrootdir="/var/named" not correct? ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Modify a Response
In message <414894318.116463.1427511030206.javamail.ya...@mail.yahoo.com>, John Selva writes: > > Thanks Mark for your response. Actually, I tried to access the example > but I couldn't locate geoip directory. What I really want is to modify > the C file that is related to the response action because the methodology > that I want to use will be conditional (either respond with normal > response with the CNAME format that II mentioned before). > Thanks bin/named/query.c is where the response built. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
