Fix default BIND install on CentOS

Posted: 6th April 2010 by Valkyrka in dns
5

As described here, the BIND package doesn't install the default configuration and zone files. On a default CentOS server, if you are trying to start named, you would get this :

[root@valkyrka ~]# /etc/init.d/named start
Locating /var/named/chroot//etc/named.conf failed:
                                                           [FAILED]

This is due to the fact that named.conf is missing from /var/named/chroot/etc :

[root@valkyrka etc]# ls -la /var/named/chroot/etc/
total 32
drwxr-x--- 2 root named 4096 Jan 20 11:33 .
drwxr-x--- 5 root named 4096 Jan 20 11:33 ..
-rw-r--r-- 1 root root  3519 Feb 26  2006 localtime
-rw-r----- 1 root named  113 Apr  4 07:48 rndc.key

You would need to copy named.conf into /var/named/chroot/etc :

cp /usr/share/doc/bind-9.3.6/sample/etc/named.conf /var/named/chroot/etc

After this was done, if you'll try to start named, you'll get the following error :

[root@valkyrka etc]# /etc/init.d/named start
Starting named:
Error in named configuration:
/etc/named.conf:57: open: /etc/named.root.hints: file not found
                                                           [FAILED]

Again, we need to copy the missing file to /var/named/chroot/etc :

cp /usr/share/doc/bind-9.3.6/sample/etc/named.root.hints /var/named/chroot/etc/

The next error you will encounter while trying to start up bind will be the following :

[root@valkyrka etc]# /etc/init.d/named start
Starting named:
Error in named configuration:
/etc/named.conf:63: open: /etc/named.rfc1912.zones: file not found
                                                           [FAILED]

Obviously, we need to copy /etc/named.rfc1912.zones to /var/named/chroot/etc :

cp /usr/share/doc/bind-9.3.6/sample/etc/named.rfc1912.zones /var/named/chroot/etc/

Now, you'll get *multiple* errors regarding missing stuff :

[root@valkyrka etc]# /etc/init.d/named start
Starting named:
Error in named configuration:
zone localdomain/IN: loading master file localdomain.zone: file not found
localhost_resolver/localdomain/IN: file not found
zone localhost/IN: loading master file localhost.zone: file not found
localhost_resolver/localhost/IN: file not found
zone 0.0.127.in-addr.arpa/IN: loading master file named.local: file not found
localhost_resolver/0.0.127.in-addr.arpa/IN: file not found
zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loading master file named.ip6.local: file not found
localhost_resolver/0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: file not found
zone 255.in-addr.arpa/IN: loading master file named.broadcast: file not found
localhost_resolver/255.in-addr.arpa/IN: file not found
zone 0.in-addr.arpa/IN: loading master file named.zero: file not found
localhost_resolver/0.in-addr.arpa/IN: file not found
zone my.internal.zone/IN: loading master file my.internal.zone.db: file not found
internal/my.internal.zone/IN: file not found
zone my.ddns.internal.zone/IN: loading master file slaves/my.ddns.internal.zone.db: file not found
internal/my.ddns.internal.zone/IN: file not found
zone my.external.zone/IN: loading master file my.external.zone.db: file not found
external/my.external.zone/IN: file not found
                                                           [FAILED]

We begin copying the missing files :

cp /usr/share/doc/bind-9.3.6/sample/var/named/localdomain.zone /var/named/chroot/var/named/
cp /usr/share/doc/bind-9.3.6/sample/var/named/localhost.zone /var/named/chroot/var/named/
cp /usr/share/doc/bind-9.3.6/sample/var/named/named.local /var/named/chroot/var/named/
cp /usr/share/doc/bind-9.3.6/sample/var/named/named.ip6.local /var/named/chroot/var/named/
cp /usr/share/doc/bind-9.3.6/sample/var/named/named.broadcast /var/named/chroot/var/named/
cp /usr/share/doc/bind-9.3.6/sample/var/named/named.zero /var/named/chroot/var/named/

After copying these, you will only be left with the following errors :

zone my.internal.zone/IN: loading master file my.internal.zone.db: file not found
internal/my.internal.zone/IN: file not found
zone my.ddns.internal.zone/IN: loading master file slaves/my.ddns.internal.zone.db: file not found
internal/my.ddns.internal.zone/IN: file not found
zone my.external.zone/IN: loading master file my.external.zone.db: file not found
external/my.external.zone/IN: file not found

You would need to remove the following entries from /var/named/chroot/etc/named.conf :

        zone "my.internal.zone" {
                type master;
                file "my.internal.zone.db";
        };
        zone "my.slave.internal.zone" {
                type slave;
                file "slaves/my.slave.internal.zone.db";
                masters { /* put master nameserver IPs here */ 127.0.0.1; } ;
                // put slave zones in the slaves/ directory so named can update them
        };
        zone "my.ddns.internal.zone" {
                type master;
                allow-update { key ddns_key; };
                file "slaves/my.ddns.internal.zone.db";
                // put dynamically updateable zones in the slaves/ directory so named can update them
        };

and also, at the bottom of the named.conf :

        zone "my.external.zone" {
                type master;
                file "my.external.zone.db";
        };

After that, if you try to start named you will get a FAILED error message with no actual error message. This is logged in /var/log/messages :

[root@valkyrka etc]# tail -f /var/log/messages
Apr  6 09:01:40 valkyrka named[3431]: found 1 CPU, using 1 worker thread
Apr  6 09:01:40 valkyrka named[3431]: using up to 4096 sockets
Apr  6 09:01:40 valkyrka named[3431]: loading configuration from '/etc/named.conf'
Apr  6 09:01:40 valkyrka named[3431]: using default UDP/IPv4 port range: [1024, 65535]
Apr  6 09:01:40 valkyrka named[3431]: using default UDP/IPv6 port range: [1024, 65535]
Apr  6 09:01:40 valkyrka named[3431]: listening on IPv4 interface lo, 127.0.0.1#53
Apr  6 09:01:40 valkyrka named[3431]: listening on IPv4 interface eth0, 192.168.76.133#53
Apr  6 09:01:40 valkyrka named[3431]: could not configure root hints from 'named.root': file not found
Apr  6 09:01:40 valkyrka named[3431]: loading configuration: file not found
Apr  6 09:01:40 valkyrka named[3431]: exiting (due to fatal error)

As you probably guessed, this is due to the named.root file missing. We are going to go ahead and copy that :

cp /usr/share/doc/bind-9.3.6/sample/var/named/named.root /var/named/chroot/var/named/

Next you will see the following error message in /var/log/messages :

[root@valkyrka etc]# tail -f /var/log/messages
Apr  6 09:03:27 valkyrka named[3465]: found 1 CPU, using 1 worker thread
Apr  6 09:03:27 valkyrka named[3465]: using up to 4096 sockets
Apr  6 09:03:27 valkyrka named[3465]: loading configuration from '/etc/named.conf'
Apr  6 09:03:27 valkyrka named[3465]: using default UDP/IPv4 port range: [1024, 65535]
Apr  6 09:03:27 valkyrka named[3465]: using default UDP/IPv6 port range: [1024, 65535]
Apr  6 09:03:27 valkyrka named[3465]: listening on IPv4 interface lo, 127.0.0.1#53
Apr  6 09:03:27 valkyrka named[3465]: listening on IPv4 interface eth0, 192.168.76.133#53
Apr  6 09:03:27 valkyrka named[3465]: /etc/named.conf:84: configuring key 'ddns_key': bad base64 encoding
Apr  6 09:03:27 valkyrka named[3465]: loading configuration: bad base64 encoding
Apr  6 09:03:27 valkyrka named[3465]: exiting (due to fatal error)

Go ahead and run /usr/sbin/dns-keygen and you should get an output similar to this :

[root@valkyrka etc]# /usr/sbin/dns-keygen
AHwqxhBEt9XinjXWTvATG2lxbbpOqMXjNRWy2KGYZpl4SRikna5nVMuIsdfy

After that, paste "AHwqxhBEt9XinjXWTvATG2lxbbpOqMXjNRWy2KGYZpl4SRikna5nVMuIsdfy" ( in your case, whatever was generated ) into the "secret" field which should look like this :

key ddns_key
{
        algorithm hmac-md5;
        secret "AHwqxhBEt9XinjXWTvATG2lxbbpOqMXjNRWy2KGYZpl4SRikna5nVMuIsdfy";
};

After this, named should successfully start :

[root@valkyrka etc]# /etc/init.d/named start
Starting named:                                            [  OK  ]

Also, check /var/log/messages to make sure named properly started :

[root@valkyrka etc]# tail -f /var/log/messages
Apr  6 09:08:58 valkyrka named[3583]: command channel listening on 127.0.0.1#953
Apr  6 09:08:58 valkyrka named[3583]: command channel listening on ::1#953
Apr  6 09:08:58 valkyrka named[3583]: the working directory is not writable
Apr  6 09:08:58 valkyrka named[3583]: zone 0.in-addr.arpa/IN/localhost_resolver: loaded serial 42
Apr  6 09:08:58 valkyrka named[3583]: zone 0.0.127.in-addr.arpa/IN/localhost_resolver: loaded serial 1997022700
Apr  6 09:08:58 valkyrka named[3583]: zone 255.in-addr.arpa/IN/localhost_resolver: loaded serial 42
Apr  6 09:08:58 valkyrka named[3583]: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/localhost_resolver: loaded serial 1997022700
Apr  6 09:08:58 valkyrka named[3583]: zone localdomain/IN/localhost_resolver: loaded serial 42
Apr  6 09:08:58 valkyrka named[3583]: zone localhost/IN/localhost_resolver: loaded serial 42
Apr  6 09:08:58 valkyrka named[3583]: running

You may now begin to configure named and configure your zones.

  1. elgeo says:
    August 10, 2010 at 15:11

    well….finally i found a tutorial, that i almost fix it….
    at the end i have this screen
    Aug 10 14:07:55 server named[18622]: command channel listening on 127.0.0.1#953
    Aug 10 14:07:55 server named[18622]: command channel listening on ::1#953
    Aug 10 14:07:55 server named[18622]: zone 0.in-addr.arpa/IN/localhost_resolver: loaded serial 42
    Aug 10 14:07:55 server named[18622]: zone 0.0.127.in-addr.arpa/IN/localhost_resolver: loaded serial 1997022700
    Aug 10 14:07:55 server named[18622]: zone 255.in-addr.arpa/IN/localhost_resolver: loaded serial 42
    Aug 10 14:07:55 server named[18622]: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/localhost_resolver: loaded serial 1997022700
    Aug 10 14:07:55 server named[18622]: zone localdomain/IN/localhost_resolver: loaded serial 42
    Aug 10 14:07:55 server named[18622]: zone localhost/IN/localhost_resolver: loaded serial 42

    but
    /etc/init.d/named start
    Starting named: [FAILED]

    if you could help me it would be good.

    thank you.

  2. Valkyrka says:
    August 11, 2010 at 05:16

    Hi,

    Aug 10 14:07:55 server named[18622]: zone localhost/IN/localhost_resolver: loaded serial 42

    Is this the last line that's in /var/log/messages ? Try and start named using

    /etc/init.d/named restart

    and then see what's written in the logs :

    tail -f /var/log/messages

  3. Samantha.lk says:
    January 28, 2011 at 03:50

    Finally I found the great place to resolve my bllody Bind issue. thanks Million mate..

  4. Nick says:
    April 23, 2011 at 18:36

    Where is this secret file that we need to paste that into ?

  5. Jackma says:
    October 23, 2011 at 15:50

    Thanks a tom mate .. …. ……