Solved bind916 error message

wolffnx

wolffnx

Hi, in a new server I had to install bind, so, install the latest, but the logs show me this, and dns queries dont work

Code: 
managed-keys-zone/full: No valid trust anchors for '.'!
managed-keys-zone/full: 0 key(s) revoked, 1 still pending
managed-keys-zone/full: All queries to '.' will fail

my bind config:


Code: 
include "/usr/local/etc/namedb/usuarios/full/full";

acl "full" {
"full-users";
localhost;
localnets;
};

view full {
match-clients { full;};
allow-recursion { any;};
zone "youtube.com" { type master; file "/usr/local/etc/namedb/zonas/youtube.db"; };
zone "googlevideo.com" { type master; file "/usr/local/etc/namedb/zonas/googlevideo.db"; };
zone "facebook.com" { type master; file "/usr/local/etc/namedb/zonas/facebook.db"; };
include "/usr/local/etc/namedb/zonas/default.db";
zone "netflix.com" { type master; file "/usr/local/etc/namedb/zonas/netflix.db"; };
};

options {
        listen-on       { 192.168.20.2; };


        forwarders {
8.8.8.8;
        };
       allow-query { any;};
       allow-recursion { any;};
       allow-query-cache { any;};


check-names master ignore;
check-names slave ignore;
check-names response ignore;
dnssec-validation auto;

recursive-clients 9000;

};

the youtube,googlevideo, are black hole zones

what I missing here?
 
now the error is gone, but I have this now:

Code: 
full.mkeys.jnl: open: permission denied
managed-keys-zone/full: keyfetch_done:dns_journal_open -> unexpected error
managed-keys-zone/full: error during managed-keys processing (unexpected error): DNSSEC validation may be at ris
 
update:

the last error was:
Code: 
/usr/local/etc/namedb/working//full.mkeys.jnl: open: permission denied

after I find the "jnl" path and add to named.conf
Code: 
managed-keys-directory "/usr/local/etc/namedb/working/";

so, I made a chown bind:bind /usr/local/etc/namedb/working
and now is working :)
 
You must log in or register to reply here.
Back
Top