Well That's what I was thinking too, till I noticed that named jsut would not work, due to the error message I was getting from the Service Configuration GUI: rndc:connect failed: connection refused

I just "Carefully" installed Fedora Core 2, I did not chose this time to install the chroot tree for the bind nameserver, I finished installing, went to the Service Configuration GUI, checked named, clicked on start and viola
I now get :
number of zones: 4
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
server is up and running

YeeeeeeeeeAAAAAAAA HOOOOOOOOOOO

Now I simply go to terminal:
vi /etc/named.conf
then added:

//Forward zone file for tech-magic.net
zone "tech-magic.net" IN {
type master
file "tech-magic.forward";
allow update {none};
};

//Reverse zone file for tech-magic.net
zone "63.91.64.in-addr.arpa" IN {
type master
file "tech-magic.rev";
allow update {none};
};

I then hit esc key, type :wq

and once again I get this message:

rndc:connect failed: connection refused

I'm confused as what to try next, any Ideas?

why did you reinstall bind? you're there already. havent you read my previous post?

the only difference with chrooted bind (with installed chroot rpm) and the basic configuration is the "directory location."

now that you have installed bind without chroot support, which is not safe. you have to copy all your zone files to /var/named directory and your rndc.key and named.conf to /etc. and of course check /etc/sysconfig/named should be no Rootdir entry there.

regarding rndc.key i dont have entry in my named.conf but this file should present along with named.conf on the same directory.

and of course donot forget to run #service named restart (2x)

Because bind " would not restart no matter what "
when that happens I just reinstall again, about 50 times now!
I put an ad in the paper $50.00 to anyone who could setup my Bind 9 nameserver, but no response on that ad I ran for 2-weeks. So now I'm stuck till I get it working...
I have over 300 hours trying to figure out how to get this to just work, the chroot stuff didn't work either and seemed to add to the problem so onto the next thing I could think of. I can always install the chroot part of the program, and move the files but no matter what, as soon as I touch /etc/named.conf it locks up and will not work. So now with a fresh install I've been able to copy my zone files to /var/named/ , modify /etc/sysconfig/named

# Currently, you can use the following options:
# ROOTDIR="/var/named" -- will run named in a chroot environment.
# you must set up the chroot environment before
# doing this.
# OPTIONS="whatever" -- These additional options will be passed to named
# at startup. Don't add -t here, use ROOTDIR instead.
~

and bind is actually still running "unbelievable"
So how is it possible to modify /etc/named.conf without frying bind ?

I've done everything I can think of ... My offer still stands $50.00 to anyone that can help me get this gosh darn frittin frattin thing to work securely and show my website by the www.tech-magic.net address !

bsurfin, do you have rndc.rpmsave in /etc/?

No Sir. I believe this is because I unchecked the chroot box while I was selecting packages during the Fedora Core 2 install. I just doublechecked. I know what you are talking about because about 3:30 this morning, after I had went into add or remove programs and unchecked it I noticed that it did that to almost all the files in /var/named/chroot/etc
as well as my zone files in /var/named/chroot/var/named/ . So I deleted them and put everything as it is now and no matter what I couldn't refire bind. if I need chroot I can easily reinstall Fedora Core 2 so it is nice and clean, and it does fire up that way as soon as I copy the rndc.key file to the chroot directory. Would that be a step in the right direction for me ?

will i think so, a fresh install is really a solution for newbies like us. do not forget to copy your zone files, and check always the location of the configuration file and its permission before you replace it with your backup. and donot allow firewall for the meantime while you are experimenting with the config. anyway you can tight it later on.

hope it will work this time. GOODLUCK.

I'll reinstall it , vi into the directories and creat the file and retype it in again and be back to exactly to where I am now, "not working" because I can't seem to touch named.conf without it locking up completely regardless of the directory. I still won't know what to do, anyway with no accurate documentation, be back in 45 mins when I have it reinstalled again, and confirming that is once again the case. I just hope I can take my info back out of named.conf in the /var/named/chroot/etc/ directory this time...

Anyway I'll give it heck....

Thanks Linner

ok, if nothing happens just sing HAKUNA MATATA..i'll backed you up..lolz

i believe you can do it.

Thanks again for the backup, the moral support helps...

lol, well I'm not singing yet ! I copied the text out of the /etc/named.conf and pasted
( having 2 terminal sessions running ) anyway I pasted it into /var/named/chroot/etc/named.conf
sure as you know what, bind locked up ( it binded, lol ).
I was quite luckily able to drag & drop in the root desktop my zone files to /var/named/chroot/var/named/ without any problems.

Overview: I completely reinstalled Fedora Core 2, copied the rndc.key, copied my zone files, edited named, it locked up, so I then deleted everything out of /var/named/chroot/etc/named.conf , and bind unbinded, I mean it fired right back up again.

Now I know why they call it BIND

What should I do now ?

ei, what do you mean locked up, are you editing configuration file using at least vi or any text editor in the terminal?

i advise you to stay using chroot configuration, do not reinstall the rpms, so you dont mess up by doing this and that, there you can troubleshoot the problem.

pls try below without missing anything, please.

- try to use the terminal or command line interface
- check if you have named user (#finger named)
- pls make sure the original rndc.key is located in /var/named/chroot/etc together with named.conf
- check if you dont have misspelled directives or you forgot to closed it , also check if you have entry "rndc.key" in named.conf file, remove it for the meantime, you can experiment later with that security feauture.
- copy all the zone file including reverse, roothints to /var/named/chroot/var/named
- view the file /etc/sysconfig/named and verify if the rootdir is pointing to /var/named/chroot
- restart the service TWICE (#service named restart) because on first attempt rndc will complain, maybe its because we dont have entry in named.conf.

I know you did all that for so many times but pls try again.

bsurfin

If as you say Bind is now running repost your /etc/named.conf plus the contents of /var/named and we will see what we can do for you

Do you plan on using this as the authoritative DNS server for your domain name or simply to resolve your Local Area Network ?

Pete

Mr. Linner, I don't plan on changing from the Chroot Configuration. Yes I've been using vi. I did copy the rndc.key file to /var/named/chroot/etc/
And that is what makes it work initially in the chroot configuration, till I modify named.

[root@ns1 tech1]# cd /var/named/chroot/etc
[root@ns1 etc]# ls
named.conf rndc.key
[root@ns1 etc]#



this is what I did with the #finger named command:

[tech1@ns1 tech1]$ finger named
Login: named Name: Named
Directory: /var/named Shell: /sbin/nologin
Never logged in.
No mail.
No Plan.
[tech1@ns1 tech1]$ su
Password:
[root@ns1 tech1]# finger named
Login: named Name: Named
Directory: /var/named Shell: /sbin/nologin
Never logged in.
No mail.
No Plan.
[root@ns1 tech1]#


"also check if you have entry "rndc.key" in named.conf file"
the key with numbers and letters is not in the /etc/named.conf file, is that what you mean? the named.conf file that is in the /var/named/chroot/etc/ directory that the installation put there by default is blank, if I edit either named.conf file it still locks up and I can restart it using the GUI 10 times and it will not come back up.

the forward and reverse zone files are in the /var/named/chroot/var/named directory, here is output:

[root@ns1 etc]# cd /var/named/chroot/var/named
[root@ns1 named]# ls
localhost.zone named.ca named.local tech-magic.forward tech-magic.rev
[root@ns1 named]#


this is /etc/sysconfig/named

# Currently, you can use the following options:
# ROOTDIR="/some/where" -- will run named in a chroot environment.
# you must set up the chroot environment before
# doing this.
# OPTIONS="whatever" -- These additional options will be passed to named
# at startup. Don't add -t here, use ROOTDIR instead.
ROOTDIR=/var/named/chroot
~
it looks right to me...

[root@ns1 root]# service named restart
bash: service: command not found
[root@ns1 root]#

Should I vi into the /etc/named.conf and paste all that text into /var/named/chroot/etc/named.conf Anyway???


To: Pete M,
I have been easily able to reconfigure the resolv.conf & hosts files and be able to http://www.tech-magic.net , even http://tech-magic.net , only on local machines even while bind is not running, But nada from the internet. Yes I do need this to be my Authoritive DNS server for my domain.
That is also part of the reason I haven't touched those files yet this time.

here is /var/named:

" Press ? for keyboard shortcuts
" Sorted by name (.bak,~,.o,.h,.info,.swp,.obj at end of list)
"= /var/named/
../
chroot/
slaves/
localhost.zone
named.ca
named.local



Here is /etc/named.conf

// generated by named-bootconf.pl

options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};

//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};

zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};

include "/etc/rndc.key";


I find this fact interesting, the one time I did not install Fedora Core with the chroot configuration, I noticed that the GUI for Domain Name System actually showed the localhost zone records. Now with the chroot configuration it is empty. Anyway that's another $0.002 worth

What to do next ?

ok, why dont you start from this sample named.conf.

## named.custom - custom configuration for bind
#
# Any changes not currently supported by redhat-config-bind should be put
# in this file.
#
options {
directory "/var/named";
allow-query { 192.168.0.0/16; localhost; };
allow-recursion { 192.168.0.0/16; localhost; };
listen-on { 192.168.0.1; };
version "Go away!";
};

logging {
category lame-servers { null; };
};

// Root server hints
zone "." { type hint; file "db.cache"; };

// Provide a reverse mapping for the loopback address 127.0.0.1
zone "0.0.127.in-addr.arpa" {
type master;
file "db.127.0.0";
notify no;
};

// We are the master server for my.domain.com
zone "my.domain.com" {
type master;
file "db.my.domain.com";
allow-query { any; };
};

zone "0.168.192.in-addr.arpa" {
type master;
file "db.192.168.0";
allow-query { any; };
};


just copy the configuration as named.conf, move it to var/named/chroot/etc/ and edit this configuration in vi (not in gui).

Like WOW, I did it and now when I restarted bind it now says 4 zones instead of two,
YYYYaaaaaaaaaa HHoooooooo
I think we are getting closer... I can now ns1.tech-magic.net Atleast on server...
I have to go back to work now, I'll try from there and see what I get, be back around 5:00pm Mountain Time...

This file is Tech Magic's /var/named/tech-magic.forward

$TTL 86400
@ IN SOA tech-magic.net.
hostmaster.tech-magic.net. (
20040610019 ;Serial#
28800 ;Refresh
7200 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)

NS ns1.tech-magic.net.
tech-magic.net. A 64.91.63.93
localhost A 127.0.0.1
mail A 64.91.63.93
ns1 CNAME tech-magic.net.
email CNAME tech-magic.net.
www CNAME tech-magic.net.


This file is: /var/named/tech-magic.rev

$TTL 86400
@ IN SOA tech-magic.net.
hostmaster.tech-magic.net. (
20040610019 ;Serial#
28800 ;Refresh
7200 ;Refresh
604800 ;Expire
86400 ;Minimum TTL
)

NS ns1.tech-magic.net.
93 PTR tech-magic.net.
93 PTR www.tech-magic.net.
93 PTR mail. tech-magic.net.
93 PTR email.tech-magic.net.
93 PTR ns1.magic-tech.net.



You also need db.127.0.0 in /etc/named.conf

zone "0.0.127.IN-ADDR.ARPA" {
type master;
notify no;
file "db.127.0.0";
};


This file is: /var/named/db.127.0.0

$TTL 86400
@ IN SOA tech-magic.net.
hostmaster.tech-magic.net. (
20040610019 ;Serial#
28800 ;Refresh
7200 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)

NS ns1.tech-magic.net.
1 PTR localhost.



Don't forget the . after the domain name, most important
Have you got a file called db.cache or something similar and have you down loaded the root servers into it

Entry in /etc/named.conf should be something like this
zone "." {
type hint;
file "db.cache";
};

You also need a corresponding file in /var/named/

On the command line
dig @e.root-servers.net . ns>/var/named/db.cache
Should do the trick

Don't forget to modify your nameserver entries in /etc/resolv.conf otherwise you won't be able to test your DNS server

Have added mail as an A record should you wish to have your own mail server but we'll discuss that some other time

Hope this helps you in some way

Pete