Configuring my own zone

Issues related to configuring your network
Post Reply
User avatar
laznar
Posts: 3
Joined: 2020/02/03 22:58:45

Configuring my own zone

Post by laznar » 2020/03/29 00:30:11

I followed the next steps,
first I edit /etc/named.conf, as the follows:

Code: Select all

//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//

options {
	listen-on port 53 { 127.0.0.1;190.157.8.109;};
	listen-on-v6 port 53 { ::1; };
	directory 	"/var/named";
	dump-file 	"/var/named/data/cache_dump.db";
	statistics-file "/var/named/data/named_stats.txt";
	memstatistics-file "/var/named/data/named_mem_stats.txt";
	secroots-file	"/var/named/data/named.secroots";
	recursing-file	"/var/named/data/named.recursing";
	allow-query     { localhost; };

	/* 
	 - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
	 - If you are building a RECURSIVE (caching) DNS server, you need to enable 
	   recursion. 
	 - If your recursive DNS server has a public IP address, you MUST enable access 
	   control to limit queries to your legitimate users. Failing to do so will
	   cause your server to become part of large scale DNS amplification 
	   attacks. Implementing BCP38 within your network would greatly
	   reduce such attack surface 
	*/
	recursion yes;

	dnssec-enable yes;
	dnssec-validation yes;

	managed-keys-directory "/var/named/dynamic";

	pid-file "/run/named/named.pid";
	session-keyfile "/run/named/session.key";

	/* https://fedoraproject.org/wiki/Changes/CryptoPolicy */
	include "/etc/crypto-policies/back-ends/bind.config";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
	type hint;
	file "named.ca";
};

zone "midominio1.org" IN {
	type master;
	file "midominio1.org.zone";
		allow-query { any; };

};

zone "0.168.192.in-addr.arpa" IN {
	type master;
	file "0.168.192.zone";
	allow-query { any; };
	allow-update { none; };
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
Then, I edit /var/named/midominio1.org.zone like this:

Code: Select all

$TTL 300
@	IN SOA	server.midominio1.org. root. midominio1.org (
	1	;Serial
	3600	;Refresh
	1800	;Retry
	86400	;Expire
	300	;Minimum TTL
)
		IN	NS		server.midominio1.org
		IN	A		192.168.0.28
		IN	MX 10		mx.midominio1.org
mx		IN	A		192.168.0.28
server		IN	A		192.168.0.28
and the /var/named/0.168.192.zone:

Code: Select all

$TTL 86400
@	IN  SOA		server.midominio1.org.	root.midominio1.org. (
	    1		;Serial
	    3600	;Refresh
	    1800	;Retry
	    86400	;Expire
	    300		;nx
)

			IN  NS		server.midominio1.org.
			IN  PTR		midominio1.org.
4			IN  PTR		server.midominio1.org.
After doing the following steps, I run the command: systemctl start named
but I got this error message:
Job for named.service failed because the control process exited with error code.
See "systemctl status named.service" and "journalctl -xe" for details.

So, I saw the "systemctl status named.service" command and got the next message:

Code: Select all

● named.service - Berkeley Internet Name Domain (DNS)
   Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Sat 2020-03-28 19:28:17 -05; 50s ago
  Process: 4621 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Chec>

Mar 28 19:28:17 miservidor.midominio.org bash[4621]: _default/midominio1.org/IN: not a valid number
Mar 28 19:28:17 miservidor.midominio.org bash[4621]: zone 0.168.192.in-addr.arpa/IN: loaded serial 1
Mar 28 19:28:17 miservidor.midominio.org bash[4621]: zone localhost.localdomain/IN: loaded serial 0
Mar 28 19:28:17 miservidor.midominio.org bash[4621]: zone localhost/IN: loaded serial 0
Mar 28 19:28:17 miservidor.midominio.org bash[4621]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
Mar 28 19:28:17 miservidor.midominio.org bash[4621]: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
Mar 28 19:28:17 miservidor.midominio.org bash[4621]: zone 0.in-addr.arpa/IN: loaded serial 0
Mar 28 19:28:17 miservidor.midominio.org systemd[1]: named.service: Control process exited, code=exited status=1
Mar 28 19:28:17 miservidor.midominio.org systemd[1]: named.service: Failed with result 'exit-code'.
Mar 28 19:28:17 miservidor.midominio.org systemd[1]: Failed to start Berkeley Internet Name Domain (DNS).
What could be the issue here?
Thanks in advance.

User avatar
TrevorH
Forum Moderator
Posts: 29471
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Configuring my own zone

Post by TrevorH » 2020/03/29 00:38:51

@ IN SOA server.midominio1.org. root. midominio1.org (
You have an extraneous space just after root.
CentOS 6 will die in November 2020 - migrate sooner rather than later!
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke

User avatar
laznar
Posts: 3
Joined: 2020/02/03 22:58:45

Re: Configuring my own zone

Post by laznar » 2020/03/29 00:46:16

I just made the changes and now I have this message:

Code: Select all

[root@miservidor laznar]# systemctl status named.service
● named.service - Berkeley Internet Name Domain (DNS)
   Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Sat 2020-03-28 19:45:54 -05; 6s ago
  Process: 5509 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Chec>

Mar 28 19:45:54 miservidor.midominio.org bash[5509]: zone 0.168.192.in-addr.arpa/IN: not loaded due to errors.
Mar 28 19:45:54 miservidor.midominio.org bash[5509]: _default/0.168.192.in-addr.arpa/IN: unexpected end of input
Mar 28 19:45:54 miservidor.midominio.org bash[5509]: zone localhost.localdomain/IN: loaded serial 0
Mar 28 19:45:54 miservidor.midominio.org bash[5509]: zone localhost/IN: loaded serial 0
Mar 28 19:45:54 miservidor.midominio.org bash[5509]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
Mar 28 19:45:54 miservidor.midominio.org bash[5509]: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
Mar 28 19:45:54 miservidor.midominio.org bash[5509]: zone 0.in-addr.arpa/IN: loaded serial 0
Mar 28 19:45:54 miservidor.midominio.org systemd[1]: named.service: Control process exited, code=exited status=1
Mar 28 19:45:54 miservidor.midominio.org systemd[1]: named.service: Failed with result 'exit-code'.
Mar 28 19:45:54 miservidor.midominio.org systemd[1]: Failed to start Berkeley Internet Name Domain (DNS).

Post Reply

Return to “CentOS 8 - Networking Support”