Re: Need Help W/ DNS Server
On Wed, 2005-02-23 at 14:18 -0500, Hal Vaughan wrote:
> I REALLY need some help with setting up a DNS server on Mepis. I've been
> working hard on this since Monday, I'm short on sleep, so I really feel like
> I'm not thinking clearly, but I need to get this (and NIS, which is fubar,
> too) working as quickly as possible, so I'd really appreciate help with this
> (since nobody on the Mepis IRC channels or forums seems to know what to
> do). I've tried other mailing lists, but I'm not getting any suggestions.
> Please don't hesitate to tell me if I'm missing the obvious, since, at this
> point, my brain feels like it's mud.
>
> I've been using the Debian reference manuals online, but even when I follow
> their instructions, it doesn't seem to be enough. I tried using Webmin to
> set this up, figuring that would ensure the config files were in proper
> shape, but it didn't help.
>
> I think there are several issues. The first is that everytime I try to start
> the dns with /etc/init.d/bind9, I get this:
>
> Stopping domain name service: namedrndc: connect failed: connection refused
> .
> Starting domain name service: namednamed: capset failed: Operation not
> permitted
> named: capset failed: Operation not permitted
Its a bit difficult for me to answer you directly because I use the more
standard debian setup. However at least the first error message is
related to where it is looking for a key.
You should have a file called rdnc.key inside /etc/bind directory. I
must admit I am a bit puzzled as what calls things to look in this
directory for it, but this is also where the named.conf file resides, so
it could just be related to that.
> .
>
> I found a reference that capset is a module I can install in the kernel (Mepis
> is using 2.6.7). I'd rather not have to recompile the kernel, but I don't
> see the source on the install (I can't remember the directory, but I thought
> it was in /var/libs somewhere), and other than just running insmod, I can't
> remember how to get capset installed. (Note: I have not always been getting
> the error about capset.)
>
Don't know the answer to the above - I haven't done anything special, I
am using a standard debian kernel, and I am not aware of the capset
module.
> I used nslint and it thinks everything is okay. I run dnswalk, and I get the
> following:
>
> Checking thresh.loc.
> BAD: SOA record not found for thresh.loc.
> BAD: thresh.loc. has NO authoritative nameservers!
> BAD: All zone transfer attempts of thresh.loc. failed!
> 0 failures, 0 warnings, 3 errors.
>
> While all the Debian docs say the config is in /etc/named.conf, I've
> found /etc/init.d/bind9 references /etc/bind/named.conf, so I'm keeping both
> files the same. I have the zone files stored in /var/named.
This, I think is the issue. All of my zone files are in /etc/bind, and
I do have a directory statement in the options section of
named.conf.options (debian splits named.conf into lots of smaller
files), but this is pointing at /var/cache/bind. I think there is bind
caches answers from othere nameservers, NOT where it looks for your zone
files.
Should also note that in my named.conf file (the standard zones) and
named.conf.local (zones I am controlling from my nameserver) are
referenced by the full path , e.g.
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
Reply to: