Bind zone update problems
by Mike Davies from LinuxQuestions.org on (#57TEW)
I am having a few problems with Bind (9.11.13). It is all installed and running, and once upon a time, it did seem to work, but now, nothing seems to be going out when I update my zone files.
The domain is rovoreed.co.uk, as I type this it is at address 88.144.43.74 and a local dig gives this ...
Code:# dig @localhost rovoreed.co.uk
; <<>> DiG 9.11.13 <<>> @localhost rovoreed.co.uk
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21729
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 1eeac7ac401edb4279670fa15f54ca4a6e50aef0d8b629d2 (good)
;; QUESTION SECTION:
;rovoreed.co.uk. IN A
;; ANSWER SECTION:
rovoreed.co.uk. 300 IN A 88.144.43.74
;; AUTHORITY SECTION:
rovoreed.co.uk. 300 IN NS ns.rovoreed.co.uk.
;; ADDITIONAL SECTION:
ns.rovoreed.co.uk. 300 IN A 88.144.43.74
;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Sep 06 12:38:50 BST 2020
;; MSG SIZE rcvd: 120Now, if you lookup rovoreed.co.uk with things like dns.squish.net or dnschecker.org there will be some returns for the nameserver on an old address 88.144.41.39. That address has not been used for almost a month - I switched off the server; and I would have thought that the DNS caches out there would have forgotten about it by now, as the expiry in the zone file was set to 7 days.
Anyway, if I fire up tcpdump and ...
Code:# rndc reload rovoreed.co.uk
zone reload queued
# rndc notify rovoreed.co.uk
zone notify queuedNothing goes out. No packets. Nothing appears in the named zone_transfers log file either.
The start of my named.conf file looks like ...
Code:options {
dnssec-validation auto;
dnssec-enable yes;
directory "/var/lib/named";
dump-file "/var/log/named_dump.db";
statistics-file "/var/log/named.stats";
max-cache-size 64m;
forwarders { 8.8.8.8 ; 192.168.1.1 ; };
forward first;
notify yes;
};Code:zone "rovoreed.co.uk" in {
type master;
notify yes;
file "/var/lib/named/rovoreed.co.uk.zone";
allow-update { none; };
};
zone "43.144.88.in-addr.arpa" in {
type master;
file "/var/lib/named/reverse.rovoreed.zone";
allow-update { none; };
};I am at bit of a loss to understand why nothing goes out. I am increasing the serial number, and it's nowhere near wrapping yet.
Has anyone got a few hint or tips about what to try or investigate ?
Thanks
The domain is rovoreed.co.uk, as I type this it is at address 88.144.43.74 and a local dig gives this ...
Code:# dig @localhost rovoreed.co.uk
; <<>> DiG 9.11.13 <<>> @localhost rovoreed.co.uk
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21729
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 1eeac7ac401edb4279670fa15f54ca4a6e50aef0d8b629d2 (good)
;; QUESTION SECTION:
;rovoreed.co.uk. IN A
;; ANSWER SECTION:
rovoreed.co.uk. 300 IN A 88.144.43.74
;; AUTHORITY SECTION:
rovoreed.co.uk. 300 IN NS ns.rovoreed.co.uk.
;; ADDITIONAL SECTION:
ns.rovoreed.co.uk. 300 IN A 88.144.43.74
;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Sep 06 12:38:50 BST 2020
;; MSG SIZE rcvd: 120Now, if you lookup rovoreed.co.uk with things like dns.squish.net or dnschecker.org there will be some returns for the nameserver on an old address 88.144.41.39. That address has not been used for almost a month - I switched off the server; and I would have thought that the DNS caches out there would have forgotten about it by now, as the expiry in the zone file was set to 7 days.
Anyway, if I fire up tcpdump and ...
Code:# rndc reload rovoreed.co.uk
zone reload queued
# rndc notify rovoreed.co.uk
zone notify queuedNothing goes out. No packets. Nothing appears in the named zone_transfers log file either.
The start of my named.conf file looks like ...
Code:options {
dnssec-validation auto;
dnssec-enable yes;
directory "/var/lib/named";
dump-file "/var/log/named_dump.db";
statistics-file "/var/log/named.stats";
max-cache-size 64m;
forwarders { 8.8.8.8 ; 192.168.1.1 ; };
forward first;
notify yes;
};Code:zone "rovoreed.co.uk" in {
type master;
notify yes;
file "/var/lib/named/rovoreed.co.uk.zone";
allow-update { none; };
};
zone "43.144.88.in-addr.arpa" in {
type master;
file "/var/lib/named/reverse.rovoreed.zone";
allow-update { none; };
};I am at bit of a loss to understand why nothing goes out. I am increasing the serial number, and it's nowhere near wrapping yet.
Has anyone got a few hint or tips about what to try or investigate ?
Thanks