| View previous topic :: View next topic |
| Author |
Message |
msulli1355
Apprentice
Joined: 24 Nov 2005
Posts: 179
Location: OKlahoma, USA
|
 Posted: Mon Jan 27, 2014 1:09 am Post subject: Why can't my machine use its own DNS server? |
 |
|
OK. I'm using net-misc/netifrc. Another machine (running pre-netifrc) has this in its /etc/conf.d/net:
camille bind # cat /etc/conf.d/net
config_eth0=( "192.168.0.3 netmask 255.255.255.0 broadcast 192.168.0.255" )
routes_eth0=( "default gw 192.168.0.1")
And this in its /etc/resolv.conf:
camille bind # cat /etc/resolv.conf
# Generated by dhcpcd for interface eth0
search espersunited.com
nameserver 127.0.0.1
nameserver 192.168.0.2
nameserver 192.168.0.1
nameserver 192.168.0.254
domain espersunited.com
The machine I'm having the problem with is running netifrc as I said. It's /etc/conf.d/net looks like:
carter netifrc-0.1 # cat /etc/conf.d/net
config_eth0=( "192.168.0.2 netmask 255.255.255.0 broadcast 192.168.0.255" )
routes_eth0=( "default gw 192.168.0.1" )
dns_servers_eth0="127.0.0.1 192.168.0.2 192.168.0.1 192.168.0.254"
dns_domain_SSID="espersunited.com"
dns_search_SSID="espersunited.com"
# The network scripts are now part of net-misc/netifrc
# In order to avoid sys-apps/openrc-0.12.4 from removing this file, this comment was
# added; you can safely remove this comment. Please see
# /usr/share/doc/netifrc*/README* for more information.
And it's /etc/resolv.conf file looks like:
carter netifrc-0.1 # cat /etc/resolv.conf
# Generated by resolvconf
nameserver 127.0.0.1
As you can see, it completely ignored the 192.168.0.2 192.168.0.1 and 192.168.0.254 nameservers. I possibly screwed up the dns_domain and dns_search lines. carter runs a local DNS server. I've successfully gotten an OK from named-checkconf and named-checkzone for the bind files. But when I issue a
carter netifrc-0.1 # dig carter.espersunited.com
; <<>> DiG 9.9.3-P2 <<>> carter.espersunited.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 5011
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;carter.espersunited.com. IN A
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Jan 26 19:06:56 CST 2014
;; MSG SIZE rcvd: 52
Why is this? What am I doing wrong? My db.espersunited.com zone file is:
carter netifrc-0.1 # cat /etc/bind/db.espersunited.com
$TTL 3h
espersunited.com. IN SOA carter.espersunited.com. michael.carter.espersunited.com. (
1 ;Serial
3h ;Refresh after 3 hours
1h ;Retry after one hour
1w ;Expire after one week
1h ) ;Negative caching TTL of 1 hour
;Name server(s)
espersunited.com. IN NS carter.espersunited.com.
ns.espersunited.com IN NS carter.espersunited.com.
cam.espersunited.com IN NS camille.espersunited.com.
cat.espersunited.com IN NS catherine.espersunited.com.
;Host addresses
localhost.espersunited.com. IN A 127.0.0.1
carter.espersunited.com. IN A 192.168.0.2
camille.espersunited.com. IN A 192.168.0.3
catherine.espersunited.com. IN A 192.168.0.4
bullet.espersunited.com. IN A 192.168.0.5
espersunited.com. IN A 192.168.0.2
;MX records
espersunited.com. IN MX 0 carter.espersunited.com.
carter.espersunited.com. IN MX 1 carter.espersunited.com.
;CNAME records
mail.espersunited.com. IN CNAME carter.espersunited.com.
imap.espersunited.com. IN CNAME carter.espersunited.com.
smtp.espersunited.com. IN CNAME carter.espersunited.com.
pop.espersunited.com. IN CNAME carter.espersunited.com.
pop3.espersunited.com. IN CNAME carter.espersunited.com.
ftp.espersunited.com. IN CNAME carter.espersunited.com.
www.espersunited.com. IN CNAME carter.espersunited.com.
festival.espersunited.com. IN CNAME camille.espersunited.com.
carter netifrc-0.1 # named-checkzone espersunited.com /etc/bind/db.espersunited.com
zone espersunited.com/IN: loaded serial 1
OK
And why is netifrc only using my 127.0.0.1 nameserver and ignoring the rest of the commands in /etc/conf.d/net? |
|
| Back to top |
|
 |
msulli1355
Apprentice
Joined: 24 Nov 2005
Posts: 179
Location: OKlahoma, USA
|
| Posted: Mon Jan 27, 2014 1:16 am Post subject: |
|
|
I want the following lines in my /etc/resolv.conf file:
search espersunited.com
nameserver 127.0.0.1
nameserver 192.168.0.1
nameserver 192.168.0.254
domain espersunited.com
How do I get them there? |
|
| Back to top |
|
|
Logicien
Veteran
Joined: 16 Sep 2005
Posts: 1555
Location: Montréal
|
| Posted: Mon Jan 27, 2014 5:39 am Post subject: |
|
|
You can use
| Code: | | bzless /usr/share/doc/netifrc-0.1/net.example.bz2 |
to learn the syntax of netifrc package. It seem's to be the same than Openrc without it.
If you want to configure eth0 statically, it is better to prevent the use of dynamic Dns clients and Iproute2 when you use ifconfig style.
This configuration of /etc/conf.d/net may work better
| Code: | config_eth0=( "192.168.0.2 netmask 255.255.255.0 broadcast 192.168.0.255" )
modules_eth0="!dhclient !dhcpcd !iproute2 !resolvconf"
dns_domain_eth0="espersunited.com"
dns_search_eth0="espersunited.com"
dns_servers_eth0="127.0.0.1 192.168.0.1 192.168.0.254"
routes_eth0=( "default gw 192.168.0.1" ) |
dns and route lines without _eth0 will make the Dns configuration in resolv.conf and the default route apply to all interfaces.
_________________
Paul
Last edited by Logicien on Tue Jan 28, 2014 12:02 am; edited 1 time in total |
|
| Back to top |
|
|
msulli1355
Apprentice
Joined: 24 Nov 2005
Posts: 179
Location: OKlahoma, USA
|
| Posted: Mon Jan 27, 2014 2:50 pm Post subject: |
|
|
I pasted those changes into /etc/conf.d/net and restarted /etc/init.d/net.eth0. Here's the result:
carter bind # cat /etc/resolv.conf
# Generated by resolvconf
domain espersunited.com
nameserver 127.0.0.1
carter bind # dig carter.espersunited.com
; <<>> DiG 9.9.3-P2 <<>> carter.espersunited.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 33445
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;carter.espersunited.com. IN A
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Jan 27 08:49:12 CST 2014
;; MSG SIZE rcvd: 52
Thank you for trying, but I'm exactly where I was before. |
|
| Back to top |
|
|
Ralphred
Guru
Joined: 31 Dec 2013
Posts: 499
|
| Posted: Mon Jan 27, 2014 9:47 pm Post subject: |
|
|
| msulli1355 wrote: | | ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 33445 |
status: SERVFAIL says a lot, double check all your zone files, turn up binds logging verbosity to see where it's failing.
Did you alter your resolv.conf after setting the !resolvconf in the conf.d/net file? |
|
| Back to top |
|
|
msulli1355
Apprentice
Joined: 24 Nov 2005
Posts: 179
Location: OKlahoma, USA
|
| Posted: Tue Jan 28, 2014 2:28 am Post subject: |
|
|
carter bind # cat /etc/resolv.conf
# Generated by resolvconf
domain espersunited.com
nameserver 127.0.0.1 |
|
| Back to top |
|
|
msulli1355
Apprentice
Joined: 24 Nov 2005
Posts: 179
Location: OKlahoma, USA
|
| Posted: Tue Jan 28, 2014 2:29 am Post subject: |
|
|
carter bind # ls
bind.keys db.doubleclick.net db.espersunited.com dyn named.conf pri rndc.key sec
carter bind # named-checkzone espersunited.com db.espersunited.com
zone espersunited.com/IN: loaded serial 1
OK
carter bind # |
|
| Back to top |
|
|
msulli1355
Apprentice
Joined: 24 Nov 2005
Posts: 179
Location: OKlahoma, USA
|
| Posted: Tue Jan 28, 2014 2:32 am Post subject: |
|
|
| I don't know how to turn verbosity for named up. |
|
| Back to top |
|
|
Ralphred
Guru
Joined: 31 Dec 2013
Posts: 499
|
| Posted: Tue Jan 28, 2014 12:25 pm Post subject: |
|
|
First edit resolv.conf to contain the lines you want. It was being auto-generated by resolvconf, the addition of the in the conf.d/net is now stopping this. | Code: | #Manualy created resolv.conf
search espersunited.com
nameserver 127.0.0.1
nameserver 192.168.0.1
nameserver 192.168.0.254
domain espersunited.com
|
There are many ways to try and debug a BIND config, but this I find is the simplest.
You are gonna stop your local named service, but before you do check the command it is being invoked with to check for funky options etc | Code: | | ps aux|grep named|grep -v grep |
the last field in that output will show what command is being used. Mine returns | Code: | | /usr/sbin/named -u named |
Stop the service. Now run named manually from a terminal appending -d9 -g to the end | Code: | | /usr/sbin/named -u named -d9 -g |
It will generate a shedload of output, scroll through it and see for any obvious errors. Leaving that named instance running in the foreground, open another shell and try to 'dig' your domain locally. | Code: | | dig @127.0.0.1 carter.espersunited.com |
Once you have located and fixed the problem end the named process in the terminal, restart the service and test again. |
|
| Back to top |
|
|
Anon-E-moose
Watchman
Joined: 23 May 2008
Posts: 6098
Location: Dallas area
|
| Posted: Tue Jan 28, 2014 1:53 pm Post subject: |
|
|
| msulli1355 wrote: | I pasted those changes into /etc/conf.d/net and restarted /etc/init.d/net.eth0. Here's the result:
carter bind # cat /etc/resolv.conf
# Generated by resolvconf
domain espersunited.com
nameserver 127.0.0.1
carter bind # dig carter.espersunited.com
; <<>> DiG 9.9.3-P2 <<>> carter.espersunited.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 33445
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;carter.espersunited.com. IN A
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Jan 27 08:49:12 CST 2014
;; MSG SIZE rcvd: 52
Thank you for trying, but I'm exactly where I was before. |
For me, I've never had "dig" give me meaningful stuff from my home network
though it works fine for things outside my local network.
I use nslookup instead.
As far as resolv.conf, I set mine manually and don't let it get autoset.
To see what bind/named sees while it is running,
do "rndc dumpdb" (as root) and look at /var/bind/named_dump.db
_________________
PRIME x570-pro, 3700x, 6.1 zen kernel
gcc 13, profile 17.0 (custom bare multilib), openrc, wayland |
|
| Back to top |
|
|
msulli1355
Apprentice
Joined: 24 Nov 2005
Posts: 179
Location: OKlahoma, USA
|
| Posted: Tue Jan 28, 2014 3:27 pm Post subject: |
|
|
| I pasted that stuff manually into /etc/resolv.conf, but don't I have to restart /etc/init.d/net.eth0 to get it to use the new /etc/resolv.conf? At which point it gets overwritten again. |
|
| Back to top |
|
|
msulli1355
Apprentice
Joined: 24 Nov 2005
Posts: 179
Location: OKlahoma, USA
|
| Posted: Tue Jan 28, 2014 3:29 pm Post subject: |
|
|
I don't know how to make text appear in the white box. You said:
As far as resolv.conf, I set mine manually and don't let it get autoset.
How would I do this? I want /etc/resolv.con set manually and not overwritten... |
|
| Back to top |
|
|
Anon-E-moose
Watchman
Joined: 23 May 2008
Posts: 6098
Location: Dallas area
|
| Posted: Tue Jan 28, 2014 4:05 pm Post subject: |
|
|
From the net.example in /etc/conf.d
| Quote: | # Setting name/domain server causes /etc/resolv.conf to be overwritten
# Note that if DHCP is used, and you want this to take precedence then
# set dhcp_ESSID="nodns"
#dns_servers_ESSID=( "192.168.0.1" "192.168.0.2" )
#dns_domain_ESSID="some.domain" |
_________________
PRIME x570-pro, 3700x, 6.1 zen kernel
gcc 13, profile 17.0 (custom bare multilib), openrc, wayland |
|
| Back to top |
|
|
msulli1355
Apprentice
Joined: 24 Nov 2005
Posts: 179
Location: OKlahoma, USA
|
| Posted: Tue Jan 28, 2014 6:06 pm Post subject: |
|
|
| That doesn't tell me how to keep /etc/resolv.conf from being overwritten. |
|
| Back to top |
|
|
Anon-E-moose
Watchman
Joined: 23 May 2008
Posts: 6098
Location: Dallas area
|
| Posted: Tue Jan 28, 2014 6:42 pm Post subject: |
|
|
| msulli1355 wrote: | | That doesn't tell me how to keep /etc/resolv.conf from being overwritten. |
# Setting name/domain server causes /etc/resolv.conf to be overwritten
SETTING dns_* IN /etc/conf.d/net WILL CAUSE THE SYSTEM TO OVERWRITE resolv.conf when you reboot.
And you can change resolv.conf anytime without a reboot or taking net down and up
You can do a "man resolv.conf" for more info on resolv.conf but you shouldn't use search AND domain as they are mutually exclusive.
_________________
PRIME x570-pro, 3700x, 6.1 zen kernel
gcc 13, profile 17.0 (custom bare multilib), openrc, wayland |
|
| Back to top |
|
|
msulli1355
Apprentice
Joined: 24 Nov 2005
Posts: 179
Location: OKlahoma, USA
|
| Posted: Wed Jan 29, 2014 12:22 am Post subject: |
|
|
| Ralphred wrote: | First edit resolv.conf to contain the lines you want. It was being auto-generated by resolvconf, the addition of the in the conf.d/net is now stopping this. | Code: | #Manualy created resolv.conf
search espersunited.com
nameserver 127.0.0.1
nameserver 192.168.0.1
nameserver 192.168.0.254
domain espersunited.com
|
There are many ways to try and debug a BIND config, but this I find is the simplest.
You are gonna stop your local named service, but before you do check the command it is being invoked with to check for funky options etc | Code: | | ps aux|grep named|grep -v grep |
the last field in that output will show what command is being used. Mine returns | Code: | | /usr/sbin/named -u named |
Stop the service. Now run named manually from a terminal appending -d9 -g to the end | Code: | | /usr/sbin/named -u named -d9 -g |
It will generate a shedload of output, scroll through it and see for any obvious errors. Leaving that named instance running in the foreground, open another shell and try to 'dig' your domain locally. | Code: | | dig @127.0.0.1 carter.espersunited.com |
Once you have located and fixed the problem end the named process in the terminal, restart the service and test again. |
You said to "Look for any obvious errors". Are there any text strings I can grep for? I don't know what an "obvious error" would look like in this context... |
|
| Back to top |
|
|
|
Networking & Security
