2 odpowiedzi na ten temat

[draker]

Witam,

Mam problem z instalacją domeny na nowym serwerze dedykowanym (Kimsufi). Jako, że po kilku latach posiadania serwera managed w HostEurope już się od takich "robót" trochę odzwyczaiłem, to też konfiguracja binda również mi się zapomniała. Poniżej podaję kilka plików konfiguracyjnych:


/etc/bind/named.conf

include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";

zone "taniograj.pl" {
type master;
file "/etc/bind/taniograj.pl";
allow-transfer {213.186.33.199;};
notify yes;
};

/etc/bind/taniograj.pl

$TTL 86400
$ORIGIN taniograj.pl.
@	   IN	  SOA	 ks392018.kimsufi.com. root.taniograj.pl. (
		2004022300 ;; serial
		1200	   ;; refresh
		1200	   ;; retry
		2419200	;; expire
		86400	  ;; TTL
		)
@			   IN	  NS	  ks392018.kimsufi.com.
@			   IN	  NS	  ns.kimsufi.com.
@			   IN	  MX	  10	mail.taniograj.net.
@			   IN	  A	   176.31.108.171
ns1			 IN	  A	   176.31.108.171
ns2			 IN	  A	   213.186.33.199
mail			IN	  A	   176.31.108.171
www			 IN	  A	   176.31.108.171
ftp			 IN	  CNAME   www

/etc/resolv.conf

nameserver 127.0.0.1
nameserver 213.186.33.99
nameserver 213.186.33.199

Teraz logi binda (co ważniejsze...)

Dec 29 00:05:44 ks392018 lwresd[2249]: none:0: open: /etc/bind/rndc.key: permission denied
Dec 29 00:05:44 ks392018 lwresd[2249]: couldn't add command channel 127.0.0.1#953: permission denied
Dec 29 00:05:44 ks392018 lwresd[2249]: none:0: open: /etc/bind/rndc.key: permission denied
Dec 29 00:05:44 ks392018 lwresd[2249]: couldn't add command channel ::1#953: permission denied
Dec 29 00:05:44 ks392018 lwresd[2249]: lwres listening on 127.0.0.1#921
Dec 29 00:05:44 ks392018 lwresd[2249]: managed-keys-zone ./IN: loading from master file managed-keys.bind failed: file not found
Dec 29 00:05:44 ks392018 lwresd[2249]: managed-keys-zone ./IN: loaded serial 0
Dec 29 00:05:44 ks392018 lwresd[2249]: running
Dec 29 00:05:44 ks392018 named[2250]: reading built-in trusted keys from file '/etc/bind/bind.keys'
Dec 29 00:05:44 ks392018 named[2250]: using default UDP/IPv4 port range: [1024, 65535]
Dec 29 00:05:44 ks392018 named[2250]: using default UDP/IPv6 port range: [1024, 65535]
Dec 29 00:05:44 ks392018 named[2250]: listening on IPv4 interface lo, 127.0.0.1#53
Dec 29 00:05:44 ks392018 named[2250]: listening on IPv6 interface lo, ::1#53
Dec 29 00:05:44 ks392018 named[2250]: generating session key for dynamic DNS
Dec 29 00:05:44 ks392018 named[2250]: set up managed keys zone for view _default, file 'managed-keys.bind'
Dec 29 00:05:44 ks392018 named[2250]: automatic empty zone: 254.169.IN-ADDR.ARPA
Dec 29 00:05:44 ks392018 named[2250]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
Dec 29 00:05:44 ks392018 named[2250]: automatic empty zone: 100.51.198.IN-ADDR.ARPA
Dec 29 00:05:44 ks392018 named[2250]: automatic empty zone: 113.0.203.IN-ADDR.ARPA
Dec 29 00:05:44 ks392018 named[2250]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Dec 29 00:05:44 ks392018 named[2250]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Dec 29 00:05:44 ks392018 named[2250]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Dec 29 00:05:44 ks392018 named[2250]: automatic empty zone: D.F.IP6.ARPA
Dec 29 00:05:44 ks392018 named[2250]: automatic empty zone: 8.E.F.IP6.ARPA
Dec 29 00:05:44 ks392018 named[2250]: automatic empty zone: 9.E.F.IP6.ARPA
Dec 29 00:05:44 ks392018 named[2250]: automatic empty zone: A.E.F.IP6.ARPA
Dec 29 00:05:44 ks392018 named[2250]: automatic empty zone: B.E.F.IP6.ARPA
Dec 29 00:05:44 ks392018 named[2250]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
Dec 29 00:05:44 ks392018 named[2250]: command channel listening on 127.0.0.1#953
Dec 29 00:05:44 ks392018 named[2250]: command channel listening on ::1#953
Dec 29 00:05:44 ks392018 named[2250]: zone 0.in-addr.arpa/IN: loaded serial 1
Dec 29 00:05:44 ks392018 named[2250]: zone 127.in-addr.arpa/IN: loaded serial 1
Dec 29 00:05:44 ks392018 named[2250]: zone 255.in-addr.arpa/IN: loaded serial 1
Dec 29 00:05:44 ks392018 named[2250]: zone localhost/IN: loaded serial 2
Dec 29 00:05:44 ks392018 named[2250]: zone taniograj.pl/IN: loaded serial 2004022300
Dec 29 00:05:44 ks392018 named[2250]: managed-keys-zone ./IN: loading from master file managed-keys.bind failed: file not found
Dec 29 00:05:44 ks392018 named[2250]: managed-keys-zone ./IN: loaded serial 0
Dec 29 00:05:44 ks392018 named[2250]: zone taniograj.pl/IN: sending notifies (serial 2004022300)
Dec 29 00:05:44 ks392018 named[2250]: running

Dec 29 00:05:44 ks392018 named[2250]: error (network unreachable) resolving './NS/IN': 2001:503:c27::2:30#53
Dec 29 00:05:44 ks392018 named[2250]: error (network unreachable) resolving 'ns.kimsufi.com/AAAA/IN': 2001:7fd::1#53
Dec 29 00:05:44 ks392018 named[2250]: error (network unreachable) resolving './NS/IN': 2001:dc3::35#53
Dec 29 00:05:44 ks392018 named[2250]: error (network unreachable) resolving './NS/IN': 2001:503:ba3e::2:30#53
Dec 29 00:05:45 ks392018 mysqld_safe: Starting mysqld daemon with databases from /var/lib/mysql
Dec 29 00:05:45 ks392018 mysqld: 111229  0:05:45 [Note] Plugin 'FEDERATED' is disabled.
Dec 29 00:05:45 ks392018 mysqld: 111229  0:05:45  InnoDB: Started; log sequence number 0 44233
Dec 29 00:05:45 ks392018 mysqld: 111229  0:05:45 [Note] Event Scheduler: Loaded 0 events
Dec 29 00:05:45 ks392018 mysqld: 111229  0:05:45 [Note] /usr/sbin/mysqld: ready for connections.
Dec 29 00:05:45 ks392018 mysqld: Version: '5.1.49-3'  socket: '/var/run/mysqld/mysqld.sock'  port: 3306  (Debian)
Dec 29 00:05:46 ks392018 /etc/mysql/debian-start[2524]: Upgrading MySQL tables if necessary.
Dec 29 00:05:46 ks392018 /etc/mysql/debian-start[2529]: /usr/bin/mysql_upgrade: the '--basedir' option is always ignored
Dec 29 00:05:46 ks392018 /etc/mysql/debian-start[2529]: Looking for 'mysql' as: /usr/bin/mysql
Dec 29 00:05:46 ks392018 /etc/mysql/debian-start[2529]: Looking for 'mysqlcheck' as: /usr/bin/mysqlcheck
Dec 29 00:05:46 ks392018 /etc/mysql/debian-start[2529]: This installation of MySQL is already upgraded to 5.1.49, use --force if you still need to run mysql_upgrade
Dec 29 00:05:46 ks392018 /etc/mysql/debian-start[2544]: Checking for insecure root accounts.
Dec 29 00:05:46 ks392018 /etc/mysql/debian-start[2548]: Triggering myisam-recover for all MyISAM tables
Dec 29 00:05:47 ks392018 named[2250]: success resolving './NS' (in '.'?) after reducing the advertised EDNS UDP packet size to 512 octets
Dec 29 00:05:47 ks392018 named[2250]: success resolving 'update.litespeedtech.com/A' (in 'litespeedtech.com'?) after reducing the advertised EDNS UDP packet size to 512 octets
Dec 29 00:05:49 ks392018 named[2250]: success resolving 'ns.kimsufi.com/AAAA' (in 'kimsufi.com'?) after reducing the advertised EDNS UDP packet size to 512 octets
Dec 29 00:05:49 ks392018 named[2250]: success resolving 'ns.kimsufi.com/A' (in 'kimsufi.com'?) after reducing the advertised EDNS UDP packet size to 512 octets
Dec 29 00:05:49 ks392018 named[2250]: success resolving 'g.gtld-servers.net/A' (in 'gtld-servers.net'?) after reducing the advertised EDNS UDP packet size to 512 octets
Dec 29 00:05:50 ks392018 named[2250]: success resolving 'ns.ovh.net/A' (in 'ovh.net'?) after reducing the advertised EDNS UDP packet size to 512 octets
Dec 29 00:05:57 ks392018 named[2250]: success resolving 'd.ntpns.org/A' (in 'ntpns.org'?) after reducing the advertised EDNS UDP packet size to 512 octets
Dec 29 00:05:58 ks392018 named[2250]: success resolving 'i.ntpns.org/A' (in 'ntpns.org'?) after reducing the advertised EDNS UDP packet size to 512 octets

Podczas zmiany DNS domeny w managerze OVH występuje błąd:

Strefa SOA dla domeny taniograj.pl nie jest dostępna na serwerze dns: ks392018.kimsufi.com

Na serwerze: debian 6, litespeed z php 5.3.8, bind9 "standardowy". Tak dawno się tym nie zajmowałem, że nie mam pojęcia, co źle zrobiłem. Byłbym wdzięczny za radę, co trzeba poprawić, bo mimo zapoznania się z przykładowymi konfiguracjami nie mogę wyłapać błędu.
Jak wymagane: taniograj.pl / ks392018.kimsufi.com / ns.kimsufi.com

Ten post był edytowany przez draker dnia: 29 grudzień 2011 - 00:58

[kafi]

Dec 29 00:05:44 ks392018 named[2250]: listening on IPv4 interface lo, 127.0.0.1#53
Dec 29 00:05:44 ks392018 named[2250]: listening on IPv6 interface lo, ::1#53

Teraz pomyśl, co tu jest nie-takiego w pierwszej linijce...
Jak poprawisz coś niecoś w konfiguracji, że oprócz lo będziesz miał eth0, to będzie działać

[draker]

Jejku, całkowicie zapomniałem o istnieniu named.conf.options! Oczywiście wystarczyło zmienić w listen-on z 127.0.0.1 na any i jest już OK. Potem jeszcze to wszystko pozabezpieczam, bo jeszcze ktoś mi darmowe dns-y będzie wykorzystywał. Wielkie dzięki za pomoc.