1

I am running a DNS and DCHP service on a local server (Raspberry on Stretch).

When checking the zone files, I get:

 # [2019-02-03 10:32] maxg@rpiserver /etc/bind/zones $ named-checkzone rpiserver argylecourt.org.db argylecourt.org.db:22: ignoring out-of-zone data (argylecourt.org) argylecourt.org.db:23: ignoring out-of-zone data (argylecourt.org) zone rpiserver/IN: has no NS records zone rpiserver/IN: not loaded due to errors.

This is the contents of the argylecourt.org.db zone file:

 ; Host-to-IP Address DNS Pointers for argylecourt.org ; Note: The extra “.” at the end of the domain names are important. ; ; $ORIGIN . $TTL 86400 ; 1 day ; rpiserver.argylecourt.org. IN SOA rpiserver.argylecourt.org. hostmaster.argylecourt.org. ( @ IN SOA rpiserver.argylecourt.org. hostmaster.argylecourt.org. ( 2019020203 ; serial 8H ; refresh 4H ; retry 2W ; expire 1D ; minimum ) ; NS indicates that rpiserver is the name server on argylecourt.org ; MX indicates that rpiserver is (also) the mail server on argylecourt.org argylecourt.org. IN NS rpiserver.argylecourt.org. argylecourt.org. IN MX 10 rpiserver.argylecourt.org. ;$ORIGIN argylecourt.org. ; Set the address for localhost.argylecourt.org ;localhost IN A 127.0.0.1 ;localhost IN A 192.168.1.7 rpiserver IN A 192.168.1.7 www IN CNAME argylecourt.org

I also have errors in the reverse zone:

 # [2019-02-03 10:43] maxg@rpiserver /etc/bind/zones $ named-checkzone rpiserver rev.1.168.192.in-addr.arpa zone rpiserver/IN: NS 'rpiserver' has no address records (A or AAAA) zone rpiserver/IN: not loaded due to errors.

... which has this contents:

 $TTL 86400 ; 1 day ; IP Address-to-Host DNS Pointers for the 192.168.1 subnet @ IN SOA rpiserver.argylecourt.org. hostmaster.argylecourt.org. ( 2019020203 ; serial 8H ; refresh 4H ; retry 2W ; expire 1D ; minimum ) ; define the authoritative name server ; IN NS rpiserver.argylecourt.org. IN NS rpiserver.

[update 1] Have just read: BIND Reverse DNS Ignoring out-of-zone data -- which resulted in 0 errors when applied to my situation.

 # [2019-02-03 10:46] maxg@rpiserver /etc/bind/zones $ named-checkzone 1.168.192.in-addr.arpa rev.1.168.192.in-addr.arpa zone 1.168.192.in-addr.arpa/IN: loaded serial 2019020203 OK # [2019-02-03 10:52] maxg@rpiserver /etc/bind/zones $ named-checkzone argylecourt.org argylecourt.org.db zone argylecourt.org/IN: loaded serial 2019020203 OK

[update 2] restarting bind9 results in:

 # [2019-02-03 11:19] maxg@rpiserver /etc/bind/zones $ sudo service bind9 status ● bind9.service - BIND Domain Name Server Loaded: loaded (/lib/systemd/system/bind9.service; enabled; vendor preset: enabled) Active: active (running) since Sun 2019-02-03 11:19:40 AEST; 22s ago Docs: man:named(8) Process: 5661 ExecStop=/usr/sbin/rndc stop (code=exited, status=0/SUCCESS) Main PID: 5667 (named) CGroup: /system.slice/bind9.service └─5667 /usr/sbin/named -f -u bind Feb 03 11:19:40 rpiserver named[5667]: managed-keys-zone: journal file is out of date: removing journal file Feb 03 11:19:40 rpiserver named[5667]: managed-keys-zone: loaded serial 648 Feb 03 11:19:40 rpiserver named[5667]: zone 0.in-addr.arpa/IN: loaded serial 1 Feb 03 11:19:40 rpiserver named[5667]: zone localhost/IN: loaded serial 2 Feb 03 11:19:40 rpiserver named[5667]: zone 127.in-addr.arpa/IN: loaded serial 1 Feb 03 11:19:40 rpiserver named[5667]: zone 1.168.192.in-addr.arpa/IN: loaded serial 2017061507 Feb 03 11:19:40 rpiserver named[5667]: zone 255.in-addr.arpa/IN: loaded serial 1 Feb 03 11:19:40 rpiserver named[5667]: zone argylecourt.org/IN: loaded serial 2017061536 Feb 03 11:19:40 rpiserver named[5667]: all zones loaded Feb 03 11:19:40 rpiserver named[5667]: running

Where do I need to look to fix this problem?

Improve this question
1
  • You are missing at least one period after a FQDN. Without a final period, Bind assumes that you are referencing a host within the domain... Commented Feb 3, 2019 at 2:57

2 Answers 2

Reset to default
1

It's the full stops - in the first file the final line needs to be:

www IN CNAME argylecourt.org.

Without a full stop on the end it'll append the domain name again.

In your reverse zone the penultimate line is correct and should be commented out, the final line with rpiserver. will try and find something called rpiserver as a top-level (no domain after it) - you can also just try removing the full stop but I would use the penultimate one.

Improve this answer
3
  • Thanks, that's what I had before... while this validates as OK; when I restart my bind9 it still tells me to have loaded a config with a serial from 2017. See [update 2] Commented Feb 3, 2019 at 1:22
  • Are you 100% sure you're editing the zones files in the right directory, not using bind-chroot for example? I'm not aware of BIND doing any caching of local zones (other than loading them into RAM maybe). Commented Feb 3, 2019 at 11:28
  • No, I am not sure... however, as far as I can tell, what I did seems to work. I also temporarily removed the files in /etc/... and restarted bind, and it loaded its config clearly from /var/... Commented Feb 4, 2019 at 8:14
0

I started digging further when I realised the old serial number. I looked up cat /etc/bind/named.conf.local, which pointed to [file "/var/lib/bind/argylecourt.org.db";] ... while I was updating /etc/bind/zones/argylecourt.org.db

Improve this answer
1
  • I came across this question while researching a different issue (and upvoted it because it was well researched). It would be a good idea to accept your own (this) answer to indicate to other visitors that the issue was resolved. It's also the kind of issue that every sysadmin has at some stage. Commented Oct 9, 2021 at 17:54

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.