HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=4)
-   -   Bind9 Master/Slave DNS System (http://www.howtoforge.com/forums/showthread.php?t=6838)

zimele 13th September 2006 20:29

Bind9 Master/Slave DNS System
 
HI All

I'm working with the Debian Master/slave DNS system HOWTO
I'm using Debian 3.1
and i'm using ftp.de.debian.org

to source my files

I'm having a number problems with the BIND9 Master/Slave System

I get stuck in the begining

after adding
deb-src http://ftp.de.debian.org/debian testing main contrib non-free

to my sources.list file and then running
cd ~/lsb-base/
apt-get -y build-dep lsb-base
apt-get source lsb-base -b
dpkg-i lsb-base*.deb


it has a problem in the
apt-get -y build-dep lsb-base:mad:

E: Build-Depends dependency for lsb cannot be satisfied because no available versions of package debhelper can satisfy version requirements

and the second when i decided to leave those 2 steps outs (LSB-Base and BIND9) i just ran the apt-get install bind 9 and bind was installed but now after all that when i try to run /etc/init.d/bind9 restart after installoing on the master and the slave i get this error

Stopping domain name service: namedrndc: connect failed: connection refused

and i read that i need to change the settings on /etc/default/bind9
from the bind user to nobody and i did that and still no luck i still get the same error even after restarting the machine many a time and my other problem is that the zones are not copied from one machine to another could that be because of lsb-base not being installed correctly

after including these 2 lines in /etc/bind/named.conf.options
dnssec-enable yes;
dnssec-keygen -a hmac-md5 -b 128 -n host linux.lan

and running the named-checkconf command i get this error
/etc/bind/named.conf.options:22: unknown option 'dnssec-enable'
/etc/bind/named.conf.options:23: unknown option 'dnssec-keygen'

can anyone assist me as to what am i doing wrong!!!!:mad: :mad:

falko 14th September 2006 20:31

Quote:

Originally Posted by zimele
HI All

I'm working with the Debian Master/slave DNS system HOWTO
I'm using Debian 3.1
and i'm using ftp.de.debian.org

to source my files

I'm having a number problems with the BIND9 Master/Slave System

I get stuck in the begining

after adding
deb-src http://ftp.de.debian.org/debian testing main contrib non-free

to my sources.list file and then running
cd ~/lsb-base/
apt-get -y build-dep lsb-base
apt-get source lsb-base -b
dpkg-i lsb-base*.deb


it has a problem in the
apt-get -y build-dep lsb-base:mad:

E: Build-Depends dependency for lsb cannot be satisfied because no available versions of package debhelper can satisfy version requirements

Have a look here: http://www.howtoforge.com/forums/showthread.php?t=6816

Quote:

Originally Posted by zimele
and the second when i decided to leave those 2 steps outs (LSB-Base and BIND9) i just ran the apt-get install bind 9 and bind was installed but now after all that when i try to run /etc/init.d/bind9 restart after installoing on the master and the slave i get this error

Stopping domain name service: namedrndc: connect failed: connection refused

and i read that i need to change the settings on /etc/default/bind9
from the bind user to nobody and i did that and still no luck i still get the same error even after restarting the machine many a time and my other problem is that the zones are not copied from one machine to another could that be because of lsb-base not being installed correctly

after including these 2 lines in /etc/bind/named.conf.options
dnssec-enable yes;
dnssec-keygen -a hmac-md5 -b 128 -n host linux.lan

and running the named-checkconf command i get this error
/etc/bind/named.conf.options:22: unknown option 'dnssec-enable'
/etc/bind/named.conf.options:23: unknown option 'dnssec-keygen'

can anyone assist me as to what am i doing wrong!!!!:mad: :mad:

Check out the comments at the bottom of http://www.howtoforge.com/howto_bind_chroot_debian . It's a permissions problem.

zimele 15th September 2006 10:13

dnssec-enable yes;dnssec-keygen -a hmac-md5 ...
 
:) Thanks for the reply falko :)

I'm still having trouble here though


after including these 2 lines in /etc/bind/named.conf.options
dnssec-enable yes;
dnssec-keygen -a hmac-md5 -b 128 -n host linux.lan

and running the named-checkconf command i get this error
/etc/bind/named.conf.options:22: unknown option 'dnssec-enable'
/etc/bind/named.conf.options:23: unknown option 'dnssec-keygen'

falko 16th September 2006 23:25

Quote:

Originally Posted by zimele
dnssec-keygen -a hmac-md5 -b 128 -n host linux.lan

This one is a command for the shell, it doesn't go into a configuration file.

zimele 18th September 2006 12:02

And Dnssec
 
And this one?

dnssec-enable yes;

falko 19th September 2006 15:00

Put it into /etc/bind/named.conf.options.

zimele 20th September 2006 09:48

dnssec error
 
I included this to the end of

/etc/bind/named.conf.options.

and whenever i run named-checkconf

i get an error on the line of that dnssec what must it be


when i add these to the different files i get an error when i try to restart bind9


Add this in your /etc/bind/named.conf on master AND slave:
key "TRANSFER" {
algorithm hmac-md5;
secret "---HASHKEY---";
};

On the master we add the slave ip to /etc/bind/named.conf:
server 192.168.254.2 {
keys {
TRANSFER;
};
};

And on the slave we add the master ip to /etc/bind/named.conf:
server 192.168.254.1 {
keys {
TRANSFER;
};
};

Add to /etc/bind/named.conf.local: zone "linux.lan" {
type slave;
file "/etc/bind/zones/slave_linux.lan";
masters { 192.168.254.1; };
allow-notify { 192.168.254.1; };
};
Final thing needed on BOTH hosts is to add this to /etc/bind/named.conf:
include "/etc/bind/rndc.key";

i did some research and someone actually said that i should change the permissions on my /etc/default/bind9 file from the user bind to nobody and i tried that still no luck

falko 21st September 2006 14:11

Quote:

Originally Posted by zimele
i get an error on the line of that dnssec what must it be


when i add these to the different files i get an error when i try to restart bind9

What are the exact error messages?

zimele 22nd September 2006 08:47

When i copied the DNSSec and included it to the end of

/etc/bind/named.conf.options

and run named-checkconf this is the error that i get

:~# named-checkconf
/etc/bind/named.conf.options:23: unknown option 'dnssec-enable'

falko 23rd September 2006 14:51

Did you install Bind exactly as described under "Installing Software" on http://www.howtoforge.com/debian_bin...r_slave_system ?


All times are GMT +2. The time now is 05:41.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.