named-checkconf error

brigzzy

brigzzy

Hi all,

I am trying to get my website working on a FreeBSD web server, but I am running into some configuration problems. I can run dig example.com from the server and get an answer, but not from outside my network. When I run named-checkconf -t /etc/namedb/master/zone.db zone.db I get the output
Code: 
isc_dir_chroot: invalid file

I can start the named daemon just fine, this doesn't seem to be a critical error, but it's all I can think of that may be causing my issue. I copied my zone file from my old (Debian) web server, and recursively chown'd the /etc/namedb directory to the user bind, but I am still having issues. It seems to be a chroot issue, but I have little experiance with chroot'ing files. Can someone please point me in the right direction to fix this issue?

Thanks!

EDIT:

Here is the output of the dig command, just in case it will help debugging. I notice there is no Authority answer, but I am not sure if that is a problem:
Code: 
; <<>> DiG 9.8.3-P4 <<>> example.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8855
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;example.org.                   IN      A

;; ANSWER SECTION:
example.org.            273     IN      A       {My external IP}

;; Query time: 0 msec
;; SERVER: 10.0.0.22#53(10.0.0.22)
;; WHEN: Fri Aug 23 15:58:12 2013
;; MSG SIZE  rcvd: 45
 
Test it with dig @mydnsserver example.com. The @ will tell it to specifically query a server, otherwise it'll try to resolve it using the internet root servers.
 
Thanks for the reply! I ran the command dig @ns1.example.org example.org, and got almost the same output:

Code: 
[root@freebsd /home/brigzzy]# dig @ns1.example.org example.org

; <<>> DiG 9.8.3-P4 <<>> @ns1.example.org example.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60623
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;example.org.                   IN      A

;; ANSWER SECTION:
example.org.            89      IN      A       {external IP}

;; Query time: 0 msec
[color="Red"];; SERVER: {external IP}#53({external IP})[/color]; This line changed
;; WHEN: Fri Aug 23 16:32:16 2013
;; MSG SIZE  rcvd: 45

Did you mean my local DNS server? I thought that the freebsd FreeBSD host was acting as my local DNS server?

Thanks!
 
This is what you are looking for. One command does zones and one does configurations.
named-checkzone example.com /etc/namedb/master/empty.db
named-checkconf /etc/namedb/named.conf

If you decide to use chroot'd BIND to enhance security, the directory structure is replicated under /var/named and commands would use a -t flag.
named-checkconf -t /var/named /etc/namedb/named.conf
named-checkzone -t /var/named example.com /etc/namedb/master/empty.db

See named-checkconf() and named-checkzone() for more.
 
Thanks for the reply, however when I run named-checkconf -t /var/named /etc/namedb/named.conf, I get no output, instead of the chroot error I was getting before. Does this mean my named.conf configuration file is okay? If so, is there anything else I can do to troubleshoot my issue? I'm really drawing a blank here...

Thanks for the reply :)
 
Well, I feel silly, I had my router forwarding port 53 as TCP only instead of TCP/UDP. Thanks for all the help everyone!
 
You must log in or register to reply here.
Back
Top