Results 1 to 8 of 8
  1. #1
    Join Date
    Aug 2008
    Location
    Kazakhstan / Australia
    Posts
    34

    Question DNS, hostname and nameserver

    The zone for the root domain splinteredmedia.net is missing, or could not be read. The ip address will be read from the webserver configuration and a new zone will be created for this subdomain. Bind reconfiguring on smpl using rndc Error reconfiguring bind on smpl: rndc: connect failed: 127.0.0.1#953: connection refused
    Created DNS entry for ns1.splinteredmedia.net
    Is the error i get when i try to add a entry for one of my nameservers.

    I have cPanel on a CentOS 5.1 VPS


    I am still pretty new to CentOS

    how would i go about adding a zone and if somebody cpuld point me to a place where i can read exactly what it is and how to set it up i would be very grateful

  2. #2
    Join Date
    Nov 2007
    Posts
    256
    if they are your own name servers have they been registered correctly?

  3. #3
    Join Date
    Oct 2004
    Location
    Kerala, India
    Posts
    4,771
    Add the following inside the /etc/hosts file

    server_IP splinteredmedia.net
    David | www.cliffsupport.com
    Affordable Server Management Solutions sales AT cliffsupport DOT com
    CliffWebManager | Access WHM from iPhone and Android

  4. #4
    rndc is essentially the api interface to BIND. You can send commands to BIND server such as reload. It looks like either the control program on port 953 isn't loaded or listening or there is a key mismatch. You probably also do not have a zone file for your domain setup. That is what tells the DNS server what nameservers go with the domain name and what addresses go with records like www.server.domain. There should be a /etc/named.conf on your system. Can you post a copy of that so we can better debug the problem?

  5. #5
    Join Date
    Aug 2008
    Location
    Kazakhstan / Australia
    Posts
    34
    include "/etc/rndc.key";

    controls {
    inet 127.0.0.1 allow { localhost; } keys { "rndc-key"; };
    };

    options {
    /* make named use port 53 for the source of all queries, to allow
    * firewalls to block all ports except 53:
    */
    query-source port 53;

    // Put files that named is allowed to write in the data/ directory:
    directory "/var/named"; // the default
    dump-file "data/cache_dump.db";
    statistics-file "data/named_stats.txt";
    /* memstatistics-file "data/named_mem_stats.txt"; */
    };

    logging {
    /* If you want to enable debugging, eg. using the 'rndc trace' command,
    * named will try to write the 'named.run' file in the $directory (/var/named).
    * By default, SELinux policy does not allow named to modify the /var/named directory,
    * so put the default debug log file in data/ :
    */
    channel default_debug {
    file "data/named.run";
    severity dynamic;
    };
    };

    // All BIND 9 zones are in a "view", which allow different zones to be served
    // to different types of client addresses, and for options to be set for groups
    // of zones.
    //
    // By default, if named.conf contains no "view" clauses, all zones are in the
    // "default" view, which matches all clients.
    //
    // If named.conf contains any "view" clause, then all zones MUST be in a view;
    // so it is recommended to start off using views to avoid having to restructure
    // your configuration files in the future.

    view "localhost_resolver" {
    /* This view sets up named to be a localhost resolver ( caching only nameserver ).
    * If all you want is a caching-only nameserver, then you need only define this view:
    */
    match-clients { localhost; };
    match-destinations { localhost; };
    recursion yes;

    zone "." IN {
    type hint;
    file "/var/named/named.ca";
    };

    /* these are zones that contain definitions for all the localhost
    * names and addresses, as recommended in RFC1912 - these names should
    * ONLY be served to localhost clients:
    */
    include "/var/named/named.rfc1912.zones";
    };

    view "internal" {
    /* This view will contain zones you want to serve only to "internal" clients
    that connect via your directly attached LAN interfaces - "localnets" .
    */
    match-clients { localnets; };
    match-destinations { localnets; };
    recursion yes;

    zone "." IN {
    type hint;
    file "/var/named/named.ca";
    };

    // include "/var/named/named.rfc1912.zones";
    // you should not serve your rfc1912 names to non-localhost clients.

    // These are your "authoritative" internal zones, and would probably
    // also be included in the "localhost_resolver" view above :

    zone "ns1.splinteredmedia.net" {
    type master;
    file "/var/named/ns1.splinteredmedia.net.db";
    };

    zone "ns2.splinteredmedia.net" {
    type master;
    file "/var/named/ns2.splinteredmedia.net.db";
    };

    zone "splintereddream.com" {
    type master;
    file "/var/named/splintereddream.com.db";
    };

    zone "splinteredmedia.net" {
    type master;
    file "/var/named/splinteredmedia.net.db";
    };

    };


    view "external" {
    /* This view will contain zones you want to serve only to "external" clients
    * that have addresses that are not on your directly attached LAN interface subnets:
    */
    match-clients { !localnets; !localhost; };
    match-destinations { !localnets; !localhost; };

    recursion no;
    // you'd probably want to deny recursion to external clients, so you don't
    // end up providing free DNS service to all takers

    // all views must contain the root hints zone:
    zone "." IN {
    type hint;
    file "/var/named/named.ca";
    };

    // These are your "authoritative" external zones, and would probably
    // contain entries for just your web and mail servers:

    // BEGIN external zone entries

    zone "ns1.splinteredmedia.net" {
    type master;
    file "/var/named/ns1.splinteredmedia.net.db";
    };

    zone "ns2.splinteredmedia.net" {
    type master;
    file "/var/named/ns2.splinteredmedia.net.db";
    };

    zone "splintereddream.com" {
    type master;
    file "/var/named/splintereddream.com.db";
    };

    zone "splinteredmedia.net" {
    type master;
    file "/var/named/splinteredmedia.net.db";
    };

    zone "srv1.splinteredmedia.net" {
    type master;
    file "/var/named/srv1.splinteredmedia.net.db";
    };

    };

  6. #6
    I suspect this is a default named.conf from this cpanel config? That is too bad, because its not that good, but I'll try to point out some of the key things that could be a problem.

    Quote Originally Posted by Entrio View Post
    include "/etc/rndc.key";
    controls {
    inet 127.0.0.1 allow { localhost; } keys { "rndc-key"; };
    };
    check for that rndc.key file. If it exists and there is a line that begins with "key" you essentially want to put that same line in named.conf. If it doesn't existed, man rndc-confgen.

    options {
    /* make named use port 53 for the source of all queries, to allow
    * firewalls to block all ports except 53:
    */
    query-source port 53;
    I strongly advise you remove that and configure your firewall to allow this DNS server, if its a caching server, to make queries from any port to destination port 53. You also need to allow any src port to talk to this server's port 53, both udp and tcp. Failure to remove this line will make this server very susceptible to a cache poisoning attack. Search "DNS kaminsky attack" for details.

    zone "ns1.splinteredmedia.net" {
    type master;
    file "/var/named/ns1.splinteredmedia.net.db";
    };

    zone "ns2.splinteredmedia.net" {
    type master;
    file "/var/named/ns2.splinteredmedia.net.db";
    };
    hmm, i don't think you mean to make those zones. those are probably nameserver records and belong in your splintermedia zones.

    zone "splintereddream.com" {
    type master;
    file "/var/named/splintereddream.com.db";
    };

    zone "splinteredmedia.net" {
    type master;
    file "/var/named/splinteredmedia.net.db";
    };
    do those db files exist? whats in them?

    zone "srv1.splinteredmedia.net" {
    type master;
    file "/var/named/srv1.splinteredmedia.net.db";
    };
    you probably don't want that either.

  7. #7
    Join Date
    Sep 2007
    Location
    US east coast
    Posts
    140
    There are alot of Bind tutorials for setting up a basic domain along with ns servers.

  8. #8
    Join Date
    Aug 2008
    Location
    Kazakhstan / Australia
    Posts
    34
    i could not find any good ones, like i said previously most are for people who are very fimilar with linux and im jsut new if yoy could point to one?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •