6 Aug
2010
6 Aug
'10
7:12 p.m.
I can't tell if it's running properly. When I run 'named -g -p 53', I
get the following:
06-Aug-2010 18:59:22.781 found 1 CPU, using 1 worker thread
06-Aug-2010 18:59:22.781 using up to 4096 sockets
06-Aug-2010 18:59:22.785 loading configuration from
'/etc/bind/named.conf'
06-Aug-2010 18:59:22.786 reading built-in trusted keys from file
'/etc/bind/bind.keys'
06-Aug-2010 18:59:22.786 max open files (1024) is smaller than max
sockets (4096)
06-Aug-2010 18:59:22.786 using default UDP/IPv4 port range: [1024,
65535]
06-Aug-2010 18:59:22.787 using default UDP/IPv6 port range: [1024,
65535]
06-Aug-2010 18:59:22.788 listening on IPv6 interfaces, port 53
06-Aug-2010 18:59:22.788 could not listen on UDP socket: permission
denied
06-Aug-2010 18:59:22.788 listening on all IPv6 interfaces failed
06-Aug-2010 18:59:22.788 listening on IPv4 interface lo, 127.0.0.1#53
06-Aug-2010 18:59:22.788 could not listen on UDP socket: permission
denied
06-Aug-2010 18:59:22.788 creating IPv4 interface lo failed;
interface ignored
06-Aug-2010 18:59:22.788 listening on IPv4 interface eth0,
212.13.195.254#53
06-Aug-2010 18:59:22.789 could not listen on UDP socket: permission
denied
06-Aug-2010 18:59:22.789 creating IPv4 interface eth0 failed;
interface ignored
06-Aug-2010 18:59:22.789 not listening on any interfaces
06-Aug-2010 18:59:22.789 could not open file
'/var/run/named/named.pid': Permission denied
06-Aug-2010 18:59:22.789 generating session key for dynamic DNS
06-Aug-2010 18:59:22.789 could not open file
'/var/run/named/session.key': Permission denied
06-Aug-2010 18:59:22.789 could not create /var/run/named/session.key
06-Aug-2010 18:59:22.789 failed to generate session key for dynamic
DNS: permission denied
06-Aug-2010 18:59:22.791 automatic empty zone: 254.169.IN-ADDR.ARPA
06-Aug-2010 18:59:22.791 automatic empty zone: 2.0.192.IN-ADDR.ARPA
06-Aug-2010 18:59:22.791 automatic empty zone:
255.255.255.255.IN-ADDR.ARPA
06-Aug-2010 18:59:22.791 automatic empty zone:
0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
06-Aug-2010 18:59:22.791 automatic empty zone:
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
06-Aug-2010 18:59:22.791 automatic empty zone: D.F.IP6.ARPA
06-Aug-2010 18:59:22.791 automatic empty zone: 8.E.F.IP6.ARPA
06-Aug-2010 18:59:22.791 automatic empty zone: 9.E.F.IP6.ARPA
06-Aug-2010 18:59:22.791 automatic empty zone: A.E.F.IP6.ARPA
06-Aug-2010 18:59:22.791 automatic empty zone: B.E.F.IP6.ARPA
06-Aug-2010 18:59:22.794 none:0: open: /etc/bind/rndc.key:
permission denied
06-Aug-2010 18:59:22.794 couldn't add command channel 127.0.0.1#953:
permission denied
06-Aug-2010 18:59:22.794 none:0: open: /etc/bind/rndc.key:
permission denied
06-Aug-2010 18:59:22.794 couldn't add command channel ::1#953:
permission denied
06-Aug-2010 18:59:22.794 the working directory is not writable
06-Aug-2010 18:59:22.794 ignoring config file logging statement due
to -g option
06-Aug-2010 18:59:22.795 listening on IPv6 interfaces, port 53
06-Aug-2010 18:59:22.795 could not listen on UDP socket: permission
denied
06-Aug-2010 18:59:22.795 listening on all IPv6 interfaces failed
06-Aug-2010 18:59:22.795 additionally listening on IPv4 interface
lo, 127.0.0.1#53
06-Aug-2010 18:59:22.795 could not listen on UDP socket: permission
denied
06-Aug-2010 18:59:22.795 creating IPv4 interface lo failed;
interface ignored
06-Aug-2010 18:59:22.795 additionally listening on IPv4 interface
eth0, 212.13.195.254#53
06-Aug-2010 18:59:22.795 could not listen on UDP socket: permission
denied
06-Aug-2010 18:59:22.795 creating IPv4 interface eth0 failed;
interface ignored
06-Aug-2010 18:59:22.795 zone 0.in-addr.arpa/IN: loaded serial 1
06-Aug-2010 18:59:22.796 zone 127.in-addr.arpa/IN: loaded serial 1
06-Aug-2010 18:59:22.796 zone 255.in-addr.arpa/IN: loaded serial 1
06-Aug-2010 18:59:22.797 zone ilovephilosophy.com/IN: loaded serial
2010080601
06-Aug-2010 18:59:22.797 zone localhost/IN: loaded serial 2
06-Aug-2010 18:59:22.798 running
06-Aug-2010 18:59:22.798 zone ilovephilosophy.com/IN: sending
notifies (serial 2010080601)
...
There are a number of "permission denied", "failed..." and "could
not..." lines, which I'm guessing are bad. I thought it might be
iptables blocking the port, but I fixed my rules and even tried flushing
the rules to see if that would do it, to no avail. All the files it's
claiming not to have permission for are owned by root and the group bind.
Andy Smith wrote:
Hi Michael,
The old nameserver names have been working for years and I expect
them to continue to work for years to come, so I would rank changing
them as a very low priority for you. Basically get everything else
working first is my advice.
Since you are currently in a known-working state, you can avoid
problems by setting up the new DNS server and querying it to check
that it has the records you expect. *Only then* would you instruct
BitFolk to get your zone from your new server rather than your
current one.
Cheers,
Andy
On Tue, Aug 03, 2010 at 10:46:30AM -0400, Michael Corliss wrote:
Part of this process also involves changing the
nameservers from Bitfolks
old servers to their new ones. My registrar currently has the old ones,
would it make sense add the three new ones to my zone file, then have my
registrar update to the new ones, and then remove the old ones? I'm
hoping to avoid as much downtime as possible, and there's a lag between
requesting the change from my registrar and the change actually being
made.
_______________________________________________
users mailing list
users(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/users