Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

DNS not working

Opening a new Thread regarding this matter as I'm close to solving the problem but stil not completely there.

server:~ root# cd /var/named
server:/var/named root# named-checkzone macmangement.nl macmanagement.nl.zone
dns masterload: macmanagement.nl.zone:2: ignoring out-of-zone data (macmanagement.nl)
dns masterload: macmanagement.nl.zone:8: ignoring out-of-zone data (macmanagement.nl)
dns masterload: macmanagement.nl.zone:9: ignoring out-of-zone data (macmanagement.nl)
dns masterload: macmanagement.nl.zone:14: ignoring out-of-zone data (macmanagement.nl)
zone macmangement.nl/IN: could not find NS and/or SOA records
zone macmangement.nl/IN: has 0 SOA records
zone macmangement.nl/IN: has no NS records
server:/var/named root#

This happens during startup
Jan 24 13:03:45 server ntpd[175]: bind() fd 5, family 2, port 123, addr 0.0.0.0, in_classd=0 flags=1 fails: Address already in use
Jan 24 13:03:47 server servermgrd: servermgr_dns: Reloaded named
Jan 24 13:03:48 server ntpd[181]: bind() fd 6, family 2, port 123, addr 127.0.0.1, in_classd=0 flags=0 fails: Address already in use
Jan 24 13:03:48 server ntpd[181]: bind() fd 6, family 2, port 123, addr 10.0.13.100, in_classd=0 flags=1 fails: Address already in use

And this is my named.conf file:
// Declares control channels to be used by the rndc utility.
// It is recommended that 127.0.0.1 be the only address used.
// This also allows non-privileged users on the local host to manage
// your name server.
//
controls {
inet 127.0.0.1 port 54 allow {any; };

};
options {
directory "/var/named";
allow-transfer {none;};
recursion true;
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;



forwarders {
194.109.6.66;
194.109.9.99;
};
forward only;
listen-on {127.0.0.1;
10.0.13.100;
};
};

// a caching only nameserver config
//
zone "." IN {
type hint;
file "named.ca";
};

zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};

zone "macmanagement.nl" in {
type master;
file "macmanagement.nl.zone";
};

zone "13.0.10.in-addr.arpa" IN {
file "db.10.0.13";
type master;
};

logging {
category default {
defaultlog;
};

channel defaultlog {
file "/Library/Logs/named.log";
severity debug;
print-time yes;
};
};


And the MacManagement zone file. Which shows a SOA and NS record or am I overlooking something.
$TTL 86400
macmanagement.nl. IN SOA server.macmanagement.nl. roel.macmanagement.nl. (
2006012401 ; serial
3h ; refresh
1h ; retry
1w ; expiry
1h ) ; minimum
macmanagement.nl. IN NS server.macmanagement.nl.
macmanagement.nl. IN A 10.0.13.100
server IN A 10.0.13.100
mail.macmanagement.nl IN CNAME server
www.macmanagement.nl IN CNAME server
ftp.macmanagement.nl IN CNAME server
macmanagement.nl. IN MX 0 server
Any help would be appreciated because it's driving me nuts.

Powerbook G4, Mac OS X (10.4.4)

Posted on Jan 24, 2006 12:48 PM

Reply
18 replies

Jan 24, 2006 1:07 PM in response to xmacmanx

This is the proper outcome:

server:~ root# cd /var/named
server:/var/named root# named-checkzone
usage: named-checkzone [-djqv] [-c class] zonename filename
server:/var/named root# named-checkzone macmanagement.nl macmanagement.nl.zone
zone macmanagement.nl/IN: loaded serial 2006012401
OK

This happens during startup
Jan 24 13:03:45 server ntpd[175]: bind() fd 5, family
2, port 123, addr 0.0.0.0, in_classd=0 flags=1 fails:
Address already in use
Jan 24 13:03:47 server servermgrd: servermgr_dns:
Reloaded named
Jan 24 13:03:48 server ntpd[181]: bind() fd 6, family
2, port 123, addr 127.0.0.1, in_classd=0 flags=0
fails: Address already in use
Jan 24 13:03:48 server ntpd[181]: bind() fd 6, family
2, port 123, addr 10.0.13.100, in_classd=0 flags=1
fails: Address already in use

And this is my named.conf file:
// Declares control channels to be used by the rndc
utility.
// It is recommended that 127.0.0.1 be the only
address used.
// This also allows non-privileged users on the local
host to manage
// your name server.
//
controls {
inet 127.0.0.1 port 54 allow {any; };

};
options {
directory "/var/named";
allow-transfer {none;};
recursion true;
/*
* If there is a firewall between you and nameservers
you want
* to talk to, you might need to uncomment the
query-source
* directive below. Previous versions of BIND always
asked
* questions using port 53, but BIND 8.1 uses an
unprivileged
* port by default.
*/
// query-source address * port 53;



forwarders {
194.109.6.66;
194.109.9.99;
};
forward only;
listen-on {127.0.0.1;
10.0.13.100;
};
};

// a caching only nameserver config
//
zone "." IN {
type hint;
file "named.ca";
};

zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};

zone "macmanagement.nl" in {
type master;
file "macmanagement.nl.zone";
};

zone "13.0.10.in-addr.arpa" IN {
file "db.10.0.13";
type master;
};

logging {
category default {
defaultlog;
};

channel defaultlog {
file "/Library/Logs/named.log";
severity debug;
print-time yes;
};
};


And the MacManagement zone file.
$TTL 86400
macmanagement.nl. IN SOA server.macmanagement.nl.
roel.macmanagement.nl. (
2006012401 ; serial
3h ; refresh
1h ; retry
1w ; expiry
1h ) ; minimum
macmanagement.nl. IN NS server.macmanagement.nl.
macmanagement.nl. IN A 10.0.13.100
server IN A 10.0.13.100
mail.macmanagement.nl IN CNAME server
www.macmanagement.nl IN CNAME server
ftp.macmanagement.nl IN CNAME server
macmanagement.nl. IN MX 0 server
Any help would be appreciated because it's driving me
nuts.

Jan 24, 2006 1:55 PM in response to xmacmanx

his happens during startup
Jan 24 13:03:45 server ntpd[175]: bind() fd 5,
family
2, port 123, addr 0.0.0.0, in_classd=0 flags=1
fails:
Address already in use
Jan 24 13:03:47 server servermgrd: servermgr_dns:
Reloaded named
Jan 24 13:03:48 server ntpd[181]: bind() fd 6,
family
2, port 123, addr 127.0.0.1, in_classd=0 flags=0
fails: Address already in use
Jan 24 13:03:48 server ntpd[181]: bind() fd 6,
family
2, port 123, addr 10.0.13.100, in_classd=0 flags=1
fails: Address already in use


I'm not a DNS expert but the above references the same IPs as declared in your "listen-on" clause...

options {
directory "/var/named";
allow-transfer {none;};
recursion true;
forwarders {
194.109.6.66;
194.109.9.99;
};
forward only;
listen-on {127.0.0.1;
10.0.13.100;
};
};


Out of curiosity, what is the listen-on clause intended to do for you?

My source defines listen-on as...

listen-on defines the port and IP address(es) on which BIND will listen for incoming queries. The default is port 53 on all server interfaces. Multiple listen-on statements are allowed. This statement may only be used in a global options clause.

So to me this is denying any DNS querying from your LAN - maybe this is what you want. (But as I said, I'm not familiar with with this specific bit).

Might it be worth remarking out the listen-on just to see if the errors go away? Alternatively, the special address 'localhost' (without the quotes) is supposed to resolve to all the IPs on the server (127.0.0.1 & it's 'real' IP) in Bind...
http://www.zytrax.com/books/dns/ch7/addressmatchlist.html

Just some ideas.

-david

Jan 25, 2006 2:11 AM in response to David_x

Well the listen on was set to make sure that all request for external websites would be fast handled. I had a situation when this was not don't that all external request from the browser takes about 10 to 15 seconds to load. So all internal DNS request went fast and all external request where very slow. With this option in it I hope to solve that.

Jan 25, 2006 2:25 AM in response to xmacmanx

OK now the named.conf is like this
// Declares control channels to be used by the rndc utility.
// It is recommended that 127.0.0.1 be the only address used.
// This also allows non-privileged users on the local host to manage
// your name server.
//
controls {
inet 127.0.0.1 port 54 allow {any; };

};
options {
directory "/var/named";
allow-transfer {none;};
recursion true;
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};

// a caching only nameserver config
//
zone "." IN {
type hint;
file "named.ca";
};

zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};

zone "macmanagement.nl" in {
type master;
file "macmanagement.nl.zone";
};

zone "13.0.10.in-addr.arpa" IN {
file "db.10.0.13";
type master;
};

logging {
category default {
defaultlog;
};

channel defaultlog {
file "/Library/Logs/named.log";
severity debug;
print-time yes;
};
};

I took the listen part out of it. But the error remains during boot.
Jan 25 11:16:55 server lookupd[110]: lookupd (version 369.2) starting - Wed Jan 25 11:16:55 2006
Jan 25 11:16:58 server servermgrd: servermgr_dns: Reloaded named
Jan 25 11:16:58 server ntpdate[122]: the NTP socket is in use, exiting
Jan 25 11:16:58 server ntpd[181]: bind() fd 5, family 2, port 123, addr 0.0.0.0, in_classd=0 flags=1 fails: Address already in use
Jan 25 11:16:58 server ntpd[181]: bind() fd 5, family 2, port 123, addr 127.0.0.1, in_classd=0 flags=0 fails: Address already in use
Jan 25 11:16:58 server ntpd[181]: bind() fd 5, family 2, port 123, addr 10.0.13.100, in_classd=0 flags=1 fails: Address already in use
Jan 25 11:17:01 server servermgrd: servermgr_dns: Reloaded named

Hope you have any more suggestions 🙂

Jan 25, 2006 2:40 AM in response to xmacmanx

Sounds like you want a forwarders option. Add the following to the global options clause...

forward only;
forwarders { ispdns1; ispdns2; };


where ispdns1 & 2 are your ISPs dns IPs
http://www.zytrax.com/books/dns/ch6/#forwarding

It will still give you info for your own zones but will resolve others by querying your ISP servers instead of the Internet Root servers.

Check syntax with: named-checkconf
...no response = good.

Reload named with: killall -HUP named

-david

[EDIT] Posted at same time as your last post - let me think...

Jan 25, 2006 2:46 AM in response to xmacmanx

Jan 25 11:16:58 server ntpdate[122]: the NTP socket is in use, exiting
Jan 25 11:16:58 server ntpd[181]: bind() fd 5, family 2, port 123, addr 0.0.0.0, in_classd=0 flags=1 fails: Address already in use
Jan 25 11:16:58 server ntpd[181]: bind() fd 5, family 2, port 123, addr 127.0.0.1, in_classd=0 flags=0 fails: Address already in use
Jan 25 11:16:58 server ntpd[181]: bind() fd 5, family 2, port 123, addr 10.0.13.100, in_classd=0 flags=1 fails: Address already in use


[Shooting in dark a bit here]

This seems to reference your Network Time Protocol demon (ntpd) - have you been setting this up for something?

-david

Jan 25, 2006 2:56 AM in response to xmacmanx

Couple of other things which are different in your named.conf compared to mine...

controls {
inet 127.0.0.1 port 54 allow {any;} keys {
"rndc-key";
};


And you seem to be missing the reverse lookup zone for localhost IP 127.0.0.1...

zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};


My understanding is that this and the corresponding localhost.zone clause are required by some of the system processes. Check there is a named.local zone file in /var/named. There should be by default.

-david

Jan 25, 2006 3:25 AM in response to David_x

Hey David your fast thx for the info I will get on it as soon as possible and will post the outcome. Hope it helps. About the question for time stuff. I set up the server as being a network time server. Could go wrong there then probably. But if it has nothing to do with DNS I skip it without problems for now. My main worry it to get DNS to work.

Jan 25, 2006 4:18 AM in response to David_x

He David,

Well I changed settings in /etc/named.conf and checked the settings. Which results in no error. So I think that it's ok. When I check with TraceRoute www.macmanagement.nl from inside. It tells me there is no host with that name. When I skip the www and trace macmangement.nl it comes back with 10.0.13.100 which is the static IP of my server. So it's probably not resolving the CNAME www.macmanagement.nl I made those with the SA GUI as being aliases and set the name server.macmanagement.nl to be the email server to. Underneeth you find the macmanagement.nl.zone file. Can you see any errors there which could cause this to happen.

$TTL 86400
macmanagement.nl. IN SOA server.macmanagement.nl. roel.macmanagement.nl. (
2006012401 ; serial
3h ; refresh
1h ; retry
1w ; expiry
1h ) ; minimum
macmanagement.nl. IN NS server.macmanagement.nl.
macmanagement.nl. IN A 10.0.13.100
server IN A 10.0.13.100
mail.macmanagement.nl IN CNAME server
www.macmanagement.nl IN CNAME server
ftp.macmanagement.nl IN CNAME server
macmanagement.nl. IN MX 0 server
THX for the help sofar I think we are close to get it working

Jan 25, 2006 6:31 AM in response to David_x

Hello David,

It works for the DNS part. The only thing missing for me now is the www, mail and ftp. Should they be CN or A records in the macmanagement.nl.zone file. If I type server.macmanagement.nl in the webbrowser it works and I see my web site. But typed www/ftp or mail no host available.

Again thx for the help sofar it's nice we almost have it working 😉

Jan 25, 2006 8:13 AM in response to David_x

Well actually you where the genius here. I took every step you told me to. I was missing the standard named.local file I don't know why but is was not there. And I changed settings to named.conf and macmanagement.nl.zone file as suggested by you and it worked out OK. So I'm gonna try the next step which is the part where I hope to get the www/mail and ftp to work when that's done I really happy we were able to cleanup the mess. What I do not understand is that it worked in 10.4.3 and was killed in 10.4.4 So Apple made some changes and with the GUI you can only do the most simple things. When it works from there great. But I think that most of the time it want. If you need DNS and it's not working anymore it's really a pain in the bud. So I will be more carefull with future updates. Because I want go true this madness again.

Jan 25, 2006 1:57 PM in response to xmacmanx

I'm jumping in late on this one, but as david_x has also mentioned in another post, your MX record should not point to a CNAME. Officially, it should not.

It seems counterintuitive, but the way to do it is:

macmanagement.nl. IN NS server.macmanagement.nl.
macmanagement.nl. IN A 10.0.13.100
mail IN A 10.0.13.100
server IN CNAME mail
www IN CNAME mail
ftp IN CNAME mail
macmanagement.nl. IN MX 0 mail


See here:
http://www.zytrax.com/books/dns/ch8/mx.html

and here:
http://www.zytrax.com/books/dns/ch8/cname.html

DNS not working

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.