Find the answer to your Linux question:
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 20
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    IPv6 BIND DNS server problem!

    I am currently working on my IPv6 LAN with BIND DNS server, but I have been stuck on DNS server over 2 weeks since I still couldn't run DNS server, I searched all the information I could find in the internet, but still couldn't help me, I guess there must be something missing that I don't even know. So please check my files and kindly tell me what else I need to to, thank you very much in advance.

    I can make IPv4 DNS server run succefully,but the problem is IPv6 DNS server. I only need to build up the simpliest LAN, 1 switch, 1 windows workstation and 1 linux which runns BIND DNS server, IP address for linux server is 2001:db8:0:1:2e0:29ff:fe9e:eb29 , domain: , name server : jedy . I put my ipv6 address into file /etc/hosts first so that ping6 can work first, then I add nameserver in
    file /etc/resolv.conf like this :
    nameserver 2001:db8:0:1:2e0:29ff:fe9e:eb29

    Here are my files that I have edited (I took off comments):

    options {
    directory "/var/named";

    // a caching only nameserver config

    controls {
    inet allow { localhost; } keys { rndckey; };

    zone "." IN {
    type hint;
    file "";

    zone "localhost" {
    type master;
    file "named.local";

    include "/etc/rndc.key";

    zone "" IN {
    type master;
    file "named.local";
    allow-update { none; };

    // IPv6 zone files

    zone "" {
    type master;
    file "/var/named/";
    zone "" {
    type master;
    file "/var/named/2001:db8:0:1::_64.rev";

    $ttl 38400 IN SOA (
    38400 ) IN NS IN AAAA 2001:db8:0:1:2e0:29ff:fe9e:eb29

    host1 IN AAAA 2001:db8:0:1:2e0:29ff:fe9e:eb29 //I dont know if it is necessary to put host here, but DNS server wont work no matter i put it or not.//

    I also add this to ,but anyway it doesn't solve the problem.
    . 3600000 IN NS 3600000 AAAA 2001:db8:0:1:2e0:29ff:fe9e:eb29

    $TTL 86400
    @ IN SOA localhost. root.localhost. (
    1997022700 ; Serial
    28800 ; Refresh
    14400 ; Retry
    3600000 ; Expire
    86400 ) ; Minimum
    IN NS localhost.

    I think DNS server should work without rev file like IPv4 dns server if everything is correct so far, but anyway i put my rev files here.

    $ttl 38400 IN SOA
    . (
    38400 ) IN NS
    IN PTR

    $TTL 86400
    @ IN SOA localhost. root.localhost (
    2 ; serial
    28800 ; refresh
    7200 ; retry
    604800 ; expire
    86400 ; ttk

    @ IN NS localhost.

    1 IN PTR localhost.
    5 IN PTR dnsserver.

  2. #2
    The first thing we need to do is make sure it's listening on IPv6 addresses. Show me the results for the following command:

    netstat -an | grep ':53'

  3. #3
    tcp 0 0:::53 ::: LISTEN
    udp 0 0
    udp 0 0:::53 :::

    I also add this to /etc/named.conf so that dns server will listen IPv6 address.

    options {
    directory "/var/named";
    listen-on-v6 {any;};

    I have been working a whole day on this work again, still failed, i typed
    /usr/sbin/named -d 4 -f -g to check the problem, i didnt notice any problem, maybe still something wrong with my file?

  4. $spacer_open
  5. #4
    well. for ipv4, there should be like
    udp 0 0

    but it is listening on localhost for my linux server now. Hmm, there is ipv6 address and this linux server can ping windows workstation and router too, what could be the problem? ipv6 network is 2001:db8:0:1::/64

  6. #5
    Well have a bit of patience. My helping style is slow, but thorough. We'll more likely than not find the problem.

    Since you've messed with your file, we're not gonna use it anymore. It's optional anyway, and wasn't meant to be used in the way you tried. Remove these lines from named.conf:

    zone "." IN {
    type hint;
    file "";

    Show me the results of this command. It will tell me what version you're using. Even if you know what version you're using, I want to see the results anyway. This will also tell me if you managed to get BIND running.

    dig @ +short version.bind txt ch

    Also, show me the results for this command. It will tell me how you are executing BIND.

    ps -Af | grep 'named'

    This command will tell me what IP addresses/interfaces you've got set on the server.

    ifconfig | grep 'inet'

    This command will probably only tell me you've got your resolv.conf properly configured, but I like to be thorough.

    cat /etc/resolv.conf

    And finally, just in case all of the above is perfection, let's see what happens with this command:

    dig aaaa

  7. #6
    # dig @ +short version.bind txt ch

    # ps -Af | grep 'named'
    named 2779 1 0 18:48 ? 00:00:00 /usr/sbin/named -u named
    root 3774 3726 0 20:59 pts/0 00:00:00 grep named

    # ifconfig | grep 'inet'
    inet6 addr: 2001:db8:0:1:2e0:29ff:fe9e:eb29/128 Scope:Global
    inet6 addr: fe80::2e0:29ff:fe9e:eb29/64 Scope:Link
    inet addr: Mask:
    inet6 addr: ::1/128 Scope:Host

    # cat /etc/resolv.conf
    nameserver 2001:db8:0:1:2e0:29ff:fe9e:eb29

    # dig aaaa

    ; <<>> DiG 9.2.1 <<>> aaaa
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52300
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

    ; IN AAAA

    ;; AUTHORITY SECTION: 3600 IN SOA 504291154 172800 3600 1728000 3600

    ;; Query time: 188 msec
    ;; WHEN: Fri Apr 29 21:00:57 2005
    ;; MSG SIZE rcvd: 92

  8. #7
    for file , i can take off these 2 lines if it is unnecessary to add them, so that it gets back to the original one.

    . 3600000 IN NS 3600000 AAAA 2001:db8:0:1:2e0:29ff:fe9e:eb29

  9. #8
    I'd rather you just not use the file. It isn't doing you any good except as entertainment value. If you want a more detailed explanation for my preference, I'll be glad to tell you if you're curious.

    Anyway, that last dig command was very helpful indeed. Not only did we get a NXDOMAIN response, but there isn't any 'aa' flag which would indicate that the dns server is authoritative for the zone. So at this point it looks like either BIND isn't configured to host that zone in named.conf (which doesn't appear to be the case), or there was some problem that prevented BIND from loading the zone (can't imagine why at this point).

    But we're about to find out. First, shut down BIND and show me the results for this command so that I am positive you shut it down correctly.

    ps -Af | grep 'named'

    Then show me the results for this command:

    named -u named -g

  10. #9
    # ps -Af | grep 'named'
    root 4197 3951 0 23:22 pts/0 00:00:00 grep named

    # named -u named -g
    Apr 29 23:22:40.751 starting BIND 9.2.1 -u named -g
    Apr 29 23:22:40.751 using 1 CPU
    Apr 29 23:22:40.757 loading configuration from '/etc/named.conf'
    Apr 29 23:22:40.758 listening on IPv6 interfaces, port 53
    Apr 29 23:22:40.759 listening on IPv4 interface lo,
    Apr 29 23:22:40.760 binding TCP socket: address in use
    Apr 29 23:22:40.763 command channel listening on
    Apr 29 23:22:40.764 ignoring config file logging statement due to -g option
    Apr 29 23:22:40.766 zone has no NS records
    Apr 29 23:22:40.767 zone loaded serial 2005042903
    Apr 29 23:22:40.769 zone loaded serial 2005042905
    Apr 29 23:22:40.772 zone localhost/IN: loaded serial 2005042901
    Apr 29 23:22:40.773 running

  11. #10
    Well that is very strange indeed. The dig said the zone did not exist on the server, the -g messages say that the zone does exist on the server and was loaded without error. Makes me wonder if something had changed since seeing the dig and all is working now. Just in case it isn't though, I'm going to show you a way of seeing exactly what zones BIND has currently loaded.

    Change your named.conf so that the options block looks like this:

    options {
    directory "/var/named";
    zone-statistics yes;

    Then start BIND again and run these commands for me. The first command tells me the number of zones on the server, the second command dumps statistics to file, the third command abbreviates the contents of the file for me.

    rndc stats
    rndc status
    grep '^success' /var/named/named.stats

    Let's also make sure it still doesn't work:

    rndc flush
    dig +norec @ soa

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts