View Single Post
  #1  
Old 13th January 2011, 20:14
DKLeader DKLeader is offline
Senior Member
 
Join Date: Sep 2010
Location: Ishoej, Denmark
Posts: 119
Thanks: 7
Thanked 0 Times in 0 Posts
Default New domains not added to Bind9 DNS

Hi,

System has been running well untill today.
Runnning all servers on Debian Lenny.
All servers are physical servers.
ISPConfig vers : 3.0.3.2

Problem : When I now add a new dns zone in ISPConfig they are not added to named.conf.local or as a pri.[domain] to /etc/bind. I dont get any errors during the creation of the dns zone.

My dns servers : (they are behind a firewall)
ns1.superweb.dk (92.62.196.66 - 192.168.100.66)
ns2.superweb.dk (92.62.196.67 - 192.168.100.67)
ns3.superweb.dk (92.62.196.77 - 192.168.100.77)
port 53 is opened (TCP and UDP)

ISPConfig is on 92.62.196.69 - 192.168.1.90 (behind another firewall)

What I have tried :
On ns1 :
Code:
netstat -tap
result :
Code:
ns1:/etc/bind# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 *:tcpmux                *:*                     LISTEN      3426/portsentry
tcp        0      0 *:20034                 *:*                     LISTEN      3426/portsentry
tcp        0      0 *:32771                 *:*                     LISTEN      3426/portsentry
tcp        0      0 *:32772                 *:*                     LISTEN      3426/portsentry
tcp        0      0 *:40421                 *:*                     LISTEN      3426/portsentry
tcp        0      0 *:32773                 *:*                     LISTEN      3426/portsentry
tcp        0      0 *:32774                 *:*                     LISTEN      3426/portsentry
tcp        0      0 *:38311                 *:*                     LISTEN      2214/rpc.statd
tcp        0      0 *:8009                  *:*                     LISTEN      3387/jsvc
tcp        0      0 *:31337                 *:*                     LISTEN      3426/portsentry
tcp        0      0 *:rsync                 *:*                     LISTEN      3087/rsync
tcp        0      0 192.168.100.66:mysql    *:*                     LISTEN      15268/mysqld
tcp        0      0 *:ircd                  *:*                     LISTEN      3426/portsentry
tcp        0      0 *:systat                *:*                     LISTEN      3426/portsentry
tcp        0      0 *:netbios-ssn           *:*                     LISTEN      3129/smbd
tcp        0      0 *:5900                  *:*                     LISTEN      3645/vino-server
tcp        0      0 *:5742                  *:*                     LISTEN      3426/portsentry
tcp        0      0 *:1935                  *:*                     LISTEN      3083/java
tcp        0      0 *:50959                 *:*                     LISTEN      3083/java
tcp        0      0 *:9999                  *:*                     LISTEN      3083/java
tcp        0      0 *:finger                *:*                     LISTEN      3426/portsentry
tcp        0      0 *:netstat               *:*                     LISTEN      3426/portsentry
tcp        0      0 *:imap2                 *:*                     LISTEN      3168/xinetd
tcp        0      0 *:sunrpc                *:*                     LISTEN      2203/portmap
tcp        0      0 *:54320                 *:*                     LISTEN      3426/portsentry
tcp        0      0 *:cisco-sccp            *:*                     LISTEN      3426/portsentry
tcp        0      0 *:www                   *:*                     LISTEN      3407/apache2
tcp        0      0 *:27665                 *:*                     LISTEN      3426/portsentry
tcp        0      0 *:8180                  *:*                     LISTEN      3387/jsvc
tcp        0      0 *:ingreslock            *:*                     LISTEN      3426/portsentry
tcp        0      0 192.168.100.66:domain   *:*                     LISTEN      20899/named
tcp        0      0 localhost:domain        *:*                     LISTEN      20899/named
tcp        0      0 *:51413                 *:*                     LISTEN      19900/transmission
tcp        0      0 *:ftp                   *:*                     LISTEN      3152/vsftpd
tcp        0      0 *:ssh                   *:*                     LISTEN      2671/sshd
tcp        0      0 *:nntp                  *:*                     LISTEN      3426/portsentry
tcp        0      0 *:5080                  *:*                     LISTEN      3083/java
tcp        0      0 *:omniorb               *:*                     LISTEN      3083/java
tcp        0      0 *:socks                 *:*                     LISTEN      3426/portsentry
tcp        0      0 localhost:953           *:*                     LISTEN      20899/named
tcp        0      0 *:12345                 *:*                     LISTEN      3426/portsentry
tcp        0      0 *:smtp                  *:*                     LISTEN      3071/master
tcp        0      0 192.168.100.66:21370    *:*                     LISTEN      21775/vsftpd
tcp        0      0 *:12346                 *:*                     LISTEN      3426/portsentry
tcp        0      0 *:8443                  *:*                     LISTEN      3083/java
tcp        0      0 *:635                   *:*                     LISTEN      3426/portsentry
tcp        0      0 *:49724                 *:*                     LISTEN      3426/portsentry
tcp        0      0 *:uucp                  *:*                     LISTEN      3426/portsentry
tcp        0      0 *:microsoft-ds          *:*                     LISTEN      3129/smbd
tcp     3875      0 192.168.100.66:48537    dedi112.xirvik.co:40623 ESTABLISHED 19900/transmission
tcp        0      9 192.168.100.66:51413    80.71.135.43:35588      ESTABLISHED 19900/transmission
tcp        0      0 192.168.100.66:51413    x1-6-00-26-f2-d4-:52654 ESTABLISHED 19900/transmission
tcp        0  34801 192.168.100.66:51413    77.68.168.104:63441     ESTABLISHED 19900/transmission
tcp        0      0 192.168.100.66:46239    89.184.146:font-service ESTABLISHED 19900/transmission
tcp        0      0 192.168.100.66:51413    217.142.135.200:3955    ESTABLISHED 19900/transmission
^C
ns1:/etc/bind#
My named.conf :
Code:
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
// include "/etc/bind/named.conf.options";
options {
        directory "/var/cache/bind";
        recursion yes;
        allow-query { "any"; };
        allow-recursion { "any"; };
        allow-transfer { "any"; };
        query-source address * port 53;
        dnssec-enable yes;
        dnssec-validation yes;
        forward first;
        forwarders {
                89.221.173.178;
                89.221.173.182;
                193.163.102.6;
        };

        auth-nxdomain no;    # conform to RFC1035
        listen-on-v6 { any; };
        listen-on { any; };
};
// # Use with the following in named.conf, adjusting the allow list as needed:
key "rndc-key" {
        algorithm hmac-md5;
        secret "something";
};

controls {
        inet 127.0.0.1 port 953
                allow { 127.0.0.1; } keys { "rndc-key"; };
};

// prime the server with knowledge of the root servers
zone "." {
        type hint;
        file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
        type master;
        file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
        type master;
        file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
        type master;
        file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
        type master;
        file "/etc/bind/db.255";
};
include "/etc/bind/named.conf.local";
Doing a status on bind gives that it is running and no error.
Tried
Code:
named -d9 -g -c /etc/bind/named.conf
and couldnt see any errors in that part.

From syslog :
Code:
Jan 13 16:19:52 ns1 named[20899]: starting BIND 9.6-ESV-R3 -u bind
Jan 13 16:19:52 ns1 named[20899]: built with '--prefix=/usr' '--build=i486-linux-gnu' '--host=i486-linux-gnu' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--$
Jan 13 16:19:52 ns1 named[20899]: adjusted limit on open files from 1024 to 1048576
Jan 13 16:19:52 ns1 named[20899]: found 4 CPUs, using 4 worker threads
Jan 13 16:19:52 ns1 named[20899]: using up to 4096 sockets
Jan 13 16:19:52 ns1 named[20899]: loading configuration from '/etc/bind/named.conf'
Jan 13 16:19:52 ns1 named[20899]: using default UDP/IPv4 port range: [1024, 65535]
Jan 13 16:19:52 ns1 named[20899]: using default UDP/IPv6 port range: [1024, 65535]
Jan 13 16:19:52 ns1 named[20899]: no IPv6 interfaces found
Jan 13 16:19:52 ns1 named[20899]: listening on IPv4 interface lo, 127.0.0.1#53
Jan 13 16:19:52 ns1 named[20899]: listening on IPv4 interface eth0, 192.168.100.66#53
Jan 13 16:19:52 ns1 named[20899]: /etc/bind/named.conf:15: using specific query-source port suppresses port randomization and can be insecure.
Jan 13 16:19:52 ns1 named[20899]: automatic empty zone: 254.169.IN-ADDR.ARPA
Jan 13 16:19:52 ns1 named[20899]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
Jan 13 16:19:52 ns1 named[20899]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Jan 13 16:19:52 ns1 named[20899]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Jan 13 16:19:52 ns1 named[20899]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Jan 13 16:19:52 ns1 named[20899]: automatic empty zone: D.F.IP6.ARPA
Jan 13 16:19:52 ns1 named[20899]: automatic empty zone: 8.E.F.IP6.ARPA
Jan 13 16:19:52 ns1 named[20899]: automatic empty zone: 9.E.F.IP6.ARPA
Jan 13 16:19:52 ns1 named[20899]: automatic empty zone: A.E.F.IP6.ARPA
Jan 13 16:19:52 ns1 named[20899]: automatic empty zone: B.E.F.IP6.ARPA
Jan 13 16:19:52 ns1 named[20899]: command channel listening on 127.0.0.1#953
Jan 13 16:19:52 ns1 named[20899]: zone 0.in-addr.arpa/IN: loaded serial 1
Jan 13 16:19:52 ns1 named[20899]: zone 127.in-addr.arpa/IN: loaded serial 1
Jan 13 16:19:53 ns1 named[20899]: zone 255.in-addr.arpa/IN: loaded serial 1
Jan 13 16:19:53 ns1 named[20899]: zone 24-timerssejlads.dk/IN: loaded serial 2011011102
Jan 13 16:19:53 ns1 named[20899]: zone 24timerssejlads.dk/IN: loaded serial 2010101301
.
.
Jan 13 16:19:53 ns1 named[20899]: zone voice-online.dk/IN: loaded serial 2010100201
Jan 13 16:19:53 ns1 named[20899]: zone xn--caf13-dsa.dk/IN: loaded serial 2010100201
Jan 13 16:19:53 ns1 named[20899]: zone localhost/IN: loaded serial 2
Jan 13 16:19:53 ns1 named[20899]: running
Jan 13 16:19:53 ns1 named[20899]: zone vinterbil.dk/IN: sending notifies (serial 2010101801)
.
.
Jan 13 16:19:53 ns1 named[20899]: zone superweb.dk/IN: sending notifies (serial 2011011101)
Jan 13 16:19:53 ns1 named[20899]: zone la-krydseren.dk/IN: sending notifies (serial 2010101301)
Jan 13 16:19:53 ns1 named[20899]: zone phpmyadmin.superweb.dk/IN: sending notifies (serial 2011011101)
Jan 13 16:20:01 ns1 /USR/SBIN/CRON[20915]: (root) CMD (/usr/local/ispconfig/server/server.sh > /dev/null 2>> /var/log/ispconfig/cron.log)
If anyone got a suggestion to what I could have done to suddenly get this problem I would like to hear it
__________________
Jakob

SuperWeb

Last edited by DKLeader; 13th January 2011 at 20:36. Reason: Added info from syslog
Reply With Quote
Sponsored Links