nagmat84
Apprentice
Joined: 27 Mar 2007
Posts: 205
|
 Posted: Tue Oct 16, 2007 6:53 pm Post subject: BIND needs to be started twice |
 |
|
I must start BIND always twice. After the first start it is running and listening according to netstat. BIND even resolves local host names correctly, but other host names are not resolved. I have to restart BIND to make it working completely. After the first start I get the following output:
| Quote: |
app-gw ~ # dig a ww.t-online.de
; <<>> DiG 9.4.1-P1 <<>> ww.t-online.de
;; global options: printcmd
;; connection timed out; no servers could be reached
|
After the second start the results looks as expected:
| Quote: |
app-gw ~ # dig a ww.t-online.de
; <<>> DiG 9.4.1-P1 <<>> ww.t-online.de
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44321
;; flags: gr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 0
;; QUESTION SECTION
;www.t-online.de IN A
;; ANSWER SECTION
www.t-online.de. 86400 IN A 62.153.159.92
www.t-online.de. 86400 IN A 217.6.164.162
;; AUTORITY SECTION
t-online.de. 86400 IN NS dns00.btx.dtag.de.
t-online.de. 86400 IN NS dns02.btx.dtag.de.
t-online.de. 86400 IN NS pns.dtag.de.
t-online.de. 86400 IN NS dns50.t-ipnet.de.
;; Query time: 535 ,sec
;; SERVER: 127.0.0.1#53(17.0.0.1)
;; WHEN: Tue Oct 16 21:11:03 2007
;; MSG SIZE rcvd: 160
|
Same behaviour for all kind of queries (MX,NS, etc.). I have tracked down the problem to the following simple configuration.
| Code: |
# /etc/bind/named.conf
options {
directory "/var/bind";
pid-file "/var/run/named/named.pid";
recursion yes;
notify no;
listen-on port 53 {
192.168.2.1;
192.168.4.1;
192.168.5.1;
127.0.0.1; };
};
logging {
category "default" { "debug_syslog"; };
channel "default_syslog" {
syslog daemon;
print-time no;
print-category yes;
severity notice;
};
channel "debug_syslog" {
syslog daemon;
print-time no;
print-category yes;
severity debug;
};
channel "info_syslog" {
syslog daemon;
print-time no;
print-category yes;
severity debug;
};
};
zone "." IN {
type hint;
file "zone-root";
};
zone "localnet" IN {
type master;
file "pri/zone-localnet";
allow-update { none; };
};
zone "127.in-addr.arpa" IN {
type master;
file "pri/zone-127";
allow-update { none; };
};
|
Of course this simplified configuration does not provide any local name resolution. The remaining configurations are:
| Code: |
# /var/bind/pri/zone-127
$ORIGIN 127.in-addr.arpa.
$TTL 1W
@ 1D IN SOA localhost. root.localhost. (
2002081601 ; serial
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
1D IN NS localhost.
* 1D IN PTR localhost.
|
| Code: |
# /var/bind/pri/zone-localnet
$TTL 1W
@ IN SOA localhost. root.localhost. (
2002101501 ; Serial
28800 ; Refresh
14400 ; Retry
604800 ; Expire - 1 week
86400 ) ; Minimum
IN NS localhost.
localhost IN A 127.0.0.1
loopback IN CNAME localhost
|
| Code: |
# /etc/resolv.conf
domain dmz.gymnasiumportawestfalica.de
search schule.gymnasiumportawestfalica.de drucker.gymnasiumportawestfalica.de verwaltung.gymnasiumportawestfalica.de dmz.gymnasiumportawestfalica.de
nameserver 127.0.0.1
|
Now the logging output from BIND. After the first non working start-up:
| Code: |
starting BIND 9.4.1-P1 -u named -n 2
found 2 CPUs, using 2 worker threads
loading configuration from '/etc/bind/named.conf'
listening on IPv4 interface eth1, 192.168.2.1#53
listening on IPv4 interface lo, 127.0.0.1#53
listening on IPv4 interface dummy0, 192.168.5.1#53
listening on IPv4 interface tun0, 192.168.4.1#53
automatic empty zone: 254.169.IN-ADDR.ARPA
automatic empty zone: 2.0.192.IN-ADDR.ARPA
automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
automatic empty zone: D.F.IP6.ARPA
automatic empty zone: 8.E.F.IP6.ARPA
automatic empty zone: 9.E.F.IP6.ARPA
automatic empty zone: A.E.F.IP6.ARPA
automatic empty zone: B.E.F.IP6.ARPA
command channel listening on 127.0.0.1#953
general: now using logging configuration from config file
general: load_configuration: success
general: zone 127.in-addr.arpa/IN: starting load
general: zone 127.in-addr.arpa/IN: journal rollforward completed successfully: no journal
general: zone 127.in-addr.arpa/IN: loaded
general: zone 127.in-addr.arpa/IN: loaded serial 2002081601
general: zone 254.169.IN-ADDR.ARPA/IN: starting load
general: zone 254.169.IN-ADDR.ARPA/IN: loaded
general: zone 2.0.192.IN-ADDR.ARPA/IN: starting load
general: zone 2.0.192.IN-ADDR.ARPA/IN: loaded
general: zone 255.255.255.255.IN-ADDR.ARPA/IN: starting load
general: zone 255.255.255.255.IN-ADDR.ARPA/IN: loaded
general: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA/IN: starting load
general: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA/IN: loaded
general: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA/IN: starting load
general: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA/IN: loaded
general: zone D.F.IP6.ARPA/IN: starting load
general: zone D.F.IP6.ARPA/IN: loaded
general: zone 8.E.F.IP6.ARPA/IN: starting load
general: zone 8.E.F.IP6.ARPA/IN: loaded
general: zone 9.E.F.IP6.ARPA/IN: starting load
general: zone 9.E.F.IP6.ARPA/IN: loaded
general: zone A.E.F.IP6.ARPA/IN: starting load
general: zone A.E.F.IP6.ARPA/IN: loaded
general: zone B.E.F.IP6.ARPA/IN: starting load
general: zone B.E.F.IP6.ARPA/IN: loaded
general: zone localnet/IN: starting load
general: zone localnet/IN: journal rollforward completed successfully: no journal
general: zone localnet/IN: loaded
general: zone localnet/IN: loaded serial 2002101501
general: zone authors.bind/CH: starting load
general: zone authors.bind/CH: loaded
general: zone hostname.bind/CH: starting load
general: zone hostname.bind/CH: loaded
general: zone version.bind/CH: starting load
general: zone version.bind/CH: loaded
general: zone id.server/CH: starting load
general: zone id.server/CH: loaded
general: dns_zone_maintenance: zone localnet/IN: enter
general: dns_zone_maintenance: zone 127.in-addr.arpa/IN: enter
general: dns_zone_maintenance: zone 254.169.IN-ADDR.ARPA/IN: enter
general: dns_zone_maintenance: zone 2.0.192.IN-ADDR.ARPA/IN: enter
general: dns_zone_maintenance: zone 255.255.255.255.IN-ADDR.ARPA/IN: enter
general: dns_zone_maintenance: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA/IN: enter
general: dns_zone_maintenance: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA/IN: enter
general: dns_zone_maintenance: zone D.F.IP6.ARPA/IN: enter
general: dns_zone_maintenance: zone 8.E.F.IP6.ARPA/IN: enter
general: dns_zone_maintenance: zone 9.E.F.IP6.ARPA/IN: enter
general: dns_zone_maintenance: zone A.E.F.IP6.ARPA/IN: enter
general: dns_zone_maintenance: zone B.E.F.IP6.ARPA/IN: enter
general: dns_zone_maintenance: zone version.bind/CH: enter
general: dns_zone_maintenance: zone hostname.bind/CH: enter
general: dns_zone_maintenance: zone authors.bind/CH: enter
general: dns_zone_maintenance: zone id.server/CH: enter
general: zone_timer: zone localnet/IN: enter
general: zone_maintenance: zone localnet/IN: enter
general: zone_timer: zone 127.in-addr.arpa/IN: enter
general: zone_maintenance: zone 127.in-addr.arpa/IN: enter
general: zone_timer: zone 254.169.IN-ADDR.ARPA/IN: enter
general: zone_maintenance: zone 254.169.IN-ADDR.ARPA/IN: enter
general: zone_timer: zone 2.0.192.IN-ADDR.ARPA/IN: enter
general: zone_maintenance: zone 2.0.192.IN-ADDR.ARPA/IN: enter
general: zone_timer: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA/IN: enter
general: zone_maintenance: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA/IN: enter
general: zone_timer: zone 255.255.255.255.IN-ADDR.ARPA/IN: enter
general: zone_maintenance: zone 255.255.255.255.IN-ADDR.ARPA/IN: enter
general: zone_timer: zone id.server/CH: enter
general: zone_maintenance: zone id.server/CH: enter
general: zone_timer: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA/IN: enter
general: zone_maintenance: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA/IN: enter
general: zone_timer: zone 8.E.F.IP6.ARPA/IN: enter
general: zone_maintenance: zone 8.E.F.IP6.ARPA/IN: enter
general: zone_timer: zone D.F.IP6.ARPA/IN: enter
general: zone_maintenance: zone D.F.IP6.ARPA/IN: enter
general: zone_timer: zone version.bind/CH: enter
general: zone_maintenance: zone version.bind/CH: enter
general: zone_timer: zone B.E.F.IP6.ARPA/IN: enter
general: zone_maintenance: zone B.E.F.IP6.ARPA/IN: enter
general: zone_timer: zone 9.E.F.IP6.ARPA/IN: enter
general: zone_maintenance: zone 9.E.F.IP6.ARPA/IN: enter
general: zone_timer: zone A.E.F.IP6.ARPA/IN: enter
general: zone_maintenance: zone A.E.F.IP6.ARPA/IN: enter
general: zone_timer: zone hostname.bind/CH: enter
general: zone_maintenance: zone hostname.bind/CH: enter
general: zone_timer: zone authors.bind/CH: enter
general: zone_maintenance: zone authors.bind/CH: enter
general: running
resolver: createfetch: . NS
resolver: createfetch: 0.0.0.0.in-addr.arpa PTR
resolver: createfetch: www.t-online.de A
resolver: createfetch: www.t-online.de A
resolver: createfetch: www.t-online.de A
|
The debug output after the second start:
| Code: |
starting BIND 9.4.1-P1 -u named -n 2
found 2 CPUs, using 2 worker threads
loading configuration from '/etc/bind/named.conf'
listening on IPv4 interface eth1, 192.168.2.1#53
listening on IPv4 interface lo, 127.0.0.1#53
listening on IPv4 interface dummy0, 192.168.5.1#53
listening on IPv4 interface tun0, 192.168.4.1#53
automatic empty zone: 254.169.IN-ADDR.ARPA
automatic empty zone: 2.0.192.IN-ADDR.ARPA
automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
automatic empty zone: D.F.IP6.ARPA
automatic empty zone: 8.E.F.IP6.ARPA
automatic empty zone: 9.E.F.IP6.ARPA
automatic empty zone: A.E.F.IP6.ARPA
automatic empty zone: B.E.F.IP6.ARPA
command channel listening on 127.0.0.1#953
general: now using logging configuration from config file
general: load_configuration: success
general: zone 127.in-addr.arpa/IN: starting load
general: zone 127.in-addr.arpa/IN: journal rollforward completed successfully: no journal
general: zone 127.in-addr.arpa/IN: loaded
general: zone 127.in-addr.arpa/IN: loaded serial 2002081601
general: zone 254.169.IN-ADDR.ARPA/IN: starting load
general: zone 254.169.IN-ADDR.ARPA/IN: loaded
general: zone 2.0.192.IN-ADDR.ARPA/IN: starting load
general: zone 2.0.192.IN-ADDR.ARPA/IN: loaded
general: zone 255.255.255.255.IN-ADDR.ARPA/IN: starting load
general: zone 255.255.255.255.IN-ADDR.ARPA/IN: loaded
general: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA/IN: starting load
general: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA/IN: loaded
general: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA/IN: starting load
general: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA/IN: loaded
general: zone D.F.IP6.ARPA/IN: starting load
general: zone D.F.IP6.ARPA/IN: loaded
general: zone 8.E.F.IP6.ARPA/IN: starting load
general: zone 8.E.F.IP6.ARPA/IN: loaded
general: zone 9.E.F.IP6.ARPA/IN: starting load
general: zone 9.E.F.IP6.ARPA/IN: loaded
general: zone A.E.F.IP6.ARPA/IN: starting load
general: zone A.E.F.IP6.ARPA/IN: loaded
general: zone B.E.F.IP6.ARPA/IN: starting load
general: zone B.E.F.IP6.ARPA/IN: loaded
general: zone localnet/IN: starting load
general: zone localnet/IN: journal rollforward completed successfully: no journal
general: zone localnet/IN: loaded
general: zone localnet/IN: loaded serial 2002101501
general: zone authors.bind/CH: starting load
general: zone authors.bind/CH: loaded
general: zone hostname.bind/CH: starting load
general: zone hostname.bind/CH: loaded
general: zone version.bind/CH: starting load
general: zone version.bind/CH: loaded
general: zone id.server/CH: starting load
general: zone id.server/CH: loaded
general: dns_zone_maintenance: zone localnet/IN: enter
general: dns_zone_maintenance: zone 127.in-addr.arpa/IN: enter
general: dns_zone_maintenance: zone 254.169.IN-ADDR.ARPA/IN: enter
general: dns_zone_maintenance: zone 2.0.192.IN-ADDR.ARPA/IN: enter
general: dns_zone_maintenance: zone 255.255.255.255.IN-ADDR.ARPA/IN: enter
general: dns_zone_maintenance: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA/IN: enter
general: dns_zone_maintenance: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA/IN: enter
general: dns_zone_maintenance: zone D.F.IP6.ARPA/IN: enter
general: dns_zone_maintenance: zone 8.E.F.IP6.ARPA/IN: enter
general: dns_zone_maintenance: zone 9.E.F.IP6.ARPA/IN: enter
general: dns_zone_maintenance: zone A.E.F.IP6.ARPA/IN: enter
general: dns_zone_maintenance: zone B.E.F.IP6.ARPA/IN: enter
general: dns_zone_maintenance: zone version.bind/CH: enter
general: dns_zone_maintenance: zone hostname.bind/CH: enter
general: dns_zone_maintenance: zone authors.bind/CH: enter
general: dns_zone_maintenance: zone id.server/CH: enter
general: running
general: zone_timer: zone 254.169.IN-ADDR.ARPA/IN: enter
general: zone_maintenance: zone 254.169.IN-ADDR.ARPA/IN: enter
general: zone_timer: zone 2.0.192.IN-ADDR.ARPA/IN: enter
general: zone_maintenance: zone 2.0.192.IN-ADDR.ARPA/IN: enter
general: zone_timer: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA/IN: enter
general: zone_maintenance: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA/IN: enter
general: zone_timer: zone 255.255.255.255.IN-ADDR.ARPA/IN: enter
general: zone_maintenance: zone 255.255.255.255.IN-ADDR.ARPA/IN: enter
general: zone_timer: zone id.server/CH: enter
general: zone_maintenance: zone id.server/CH: enter
general: zone_timer: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA/IN: enter
general: zone_maintenance: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA/IN: enter
general: zone_timer: zone 8.E.F.IP6.ARPA/IN: enter
general: zone_maintenance: zone 8.E.F.IP6.ARPA/IN: enter
general: zone_timer: zone D.F.IP6.ARPA/IN: enter
general: zone_maintenance: zone D.F.IP6.ARPA/IN: enter
general: zone_timer: zone version.bind/CH: enter
general: zone_maintenance: zone version.bind/CH: enter
general: zone_timer: zone 9.E.F.IP6.ARPA/IN: enter
general: zone_maintenance: zone 9.E.F.IP6.ARPA/IN: enter
general: zone_timer: zone A.E.F.IP6.ARPA/IN: enter
general: zone_maintenance: zone A.E.F.IP6.ARPA/IN: enter
general: zone_timer: zone hostname.bind/CH: enter
general: zone_maintenance: zone hostname.bind/CH: enter
general: zone_timer: zone authors.bind/CH: enter
general: zone_maintenance: zone authors.bind/CH: enter
general: zone_timer: zone localnet/IN: enter
general: zone_maintenance: zone localnet/IN: enter
general: zone_timer: zone 127.in-addr.arpa/IN: enter
general: zone_maintenance: zone 127.in-addr.arpa/IN: enter
general: zone_timer: zone B.E.F.IP6.ARPA/IN: enter
general: zone_maintenance: zone B.E.F.IP6.ARPA/IN: enter
resolver: createfetch: www.t-online.de A
resolver: createfetch: . NS
resolver: createfetch: dns00.btx.dtag.de A
resolver: createfetch: dns02.btx.dtag.de A
resolver: createfetch: secondary000.dtag.net A
|
The only significant difference that I see is that the resolver in does a recursive look-up in the second case. But why?
Every help is appreciated,
Matthias |
|
Networking & Security
