связка named и dhcpd - не обновляет зоны
Добавлено: 2012-10-23 7:05:31
named.conf
local.doiman.zone
10.10.in-addr.arpa.zone
права:
логи старта named:
dhcpd:
dhcpd.leases пустой почему то 
старт:
проверка показывает что зоны не пашут
в чем может дело?
Код: Выделить всё
# cat /etc/namedb/named.conf
// $FreeBSD: src/etc/namedb/named.conf,v 1.29.2.6.2.1 2012/03/03 06:15:13 kensmi th Exp $
options {
directory "/etc/namedb/working";
pid-file "/var/run/named/pid";
dump-file "/var/dump/named_dump.db";
statistics-file "/var/stats/named.stats";
listen-on { 127.0.0.1; 10.10.220.1; };
listen-on-v6 { ::1; };
disable-empty-zone "255.255.255.255.IN-ADDR.ARPA";
disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0. 0.0.0.0.0.0.IP6.ARPA";
disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0. 0.0.0.0.0.0.IP6.ARPA";
forward only;
forwarders {
83.219.128.10;
83.219.128.14;
8.8.8.8;
8.8.4.4;
};
allow-recursion {
127.0.0.1;
10.10.0.0/16;
};
};
key DHCP_UPDATER {
algorithm hmac-md5;
secret 4Ha3dkkRqovhpKcEuZYmvQ==;
};
zone "." {
type hint;
file "/etc/namedb/named.root";
};
zone "localhost" {
type master;
file "/etc/namedb/master/localhost-forward.db";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/namedb/master/localhost-reverse.db";
};
zone "local.doiman" {
type master;
file "/etc/namedb/dynamic/local.doiman.zone";
allow-update {
key DHCP_UPDATER;
};
};
zone "10.10.in-addr.arpa" {
type master;
file "/etc/namedb/dynamic/10.10.in-addr.arpa.zone";
allow-update {
key DHCP_UPDATER;
};
};
logging {
channel update_debug {
file "/var/log/named-update.log";
severity debug 3;
print-category yes;
print-severity yes;
print-time yes;
};
channel security_info {
file "/var/log/named-auth.log";
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
category update { update_debug; };
category security { security_info; };
};Код: Выделить всё
# cat /etc/namedb/dynamic/local.doiman.zone
$TTL 1D
@ IN SOA server.local.doiman. root.local.doiman. (
20121022
12H
1H
1W
1H
)
NS server.local.doiman.
MX 10 server.local.doiman.
router A 10.10.220.1
server A 10.10.220.1
www CNAME serverКод: Выделить всё
# cat /etc/namedb/dynamic/10.10.in-addr.arpa.zone
$TTL 1D
@ IN SOA server.local.doiman. root.local.doiman. (
20121022
12H
1H
1W
1H
)
NS server.local.doiman.
220.1 PTR server.local.doiman.
220.1 PTR router.local.doiman.Код: Выделить всё
# ls -l /etc/namedb/named.conf
-rw-r--r-- 1 root wheel 1815 Oct 23 00:55 /etc/namedb/named.conf
# ls -l /etc/namedb/ | grep dyn
drwxr-xr-x 2 bind wheel 512 Oct 22 23:06 dynamic
# ls -l /etc/namedb/dynamic/
total 4
-rw-rw-r-- 1 bind bind 212 Oct 22 23:06 10.10.in-addr.arpa.zone
-rw-rw-r-- 1 bind bind 232 Oct 22 22:30 local.doiman.zoneКод: Выделить всё
Oct 23 06:22:15 radist04ka named[1286]: starting BIND 9.8.3-P3 -u bind -c /etc/namedb/named.conf -t /var/named -u bind
Oct 23 06:22:15 radist04ka named[1286]: built with '--localstatedir=/var' '--disable-linux-caps' '--disable-symtable' '--with-randomdev=/dev/random' '--with-openssl=/usr' '--with-libxml2=/usr/local' '--without-idn' '--enable-ipv6' '--enable-threads' '--sysconfdir=/etc/namedb' '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info/' '--build=i386-portbld-freebsd8.3' 'build_alias=i386-portbld-freebsd8.3' 'CC=cc' 'CFLAGS=-O2 -pipe -fno-strict-aliasing' 'LDFLAGS= -rpath=/usr/lib:/usr/local/lib' 'CPPFLAGS=' 'CPP=cpp' 'CXX=c++' 'CXXFLAGS=-O2 -pipe -fno-strict-aliasing'
Oct 23 06:22:15 radist04ka named[1286]: ----------------------------------------------------
Oct 23 06:22:15 radist04ka named[1286]: BIND 9 is maintained by Internet Systems Consortium,
Oct 23 06:22:15 radist04ka named[1286]: Inc. (ISC), a non-profit 501(c)(3) public-benefit
Oct 23 06:22:15 radist04ka named[1286]: corporation. Support and training for BIND 9 are
Oct 23 06:22:15 radist04ka named[1286]: available at https://www.isc.org/support
Oct 23 06:22:15 radist04ka named[1286]: ----------------------------------------------------
Oct 23 06:22:15 radist04ka named[1286]: found 2 CPUs, using 2 worker threads
Oct 23 06:22:15 radist04ka named[1286]: using up to 4096 sockets
Oct 23 06:22:16 radist04ka named[1286]: loading configuration from '/etc/namedb/named.conf'
Oct 23 06:22:16 radist04ka named[1286]: using default UDP/IPv4 port range: [49152, 65535]
Oct 23 06:22:16 radist04ka named[1286]: using default UDP/IPv6 port range: [49152, 65535]
Oct 23 06:22:16 radist04ka named[1286]: listening on IPv6 interface lo0, ::1#53
Oct 23 06:22:16 radist04ka named[1286]: listening on IPv4 interface lo0, 127.0.0.1#53
Oct 23 06:22:16 radist04ka named[1286]: listening on IPv4 interface bridge0, 10.10.220.1#53
Oct 23 06:22:16 radist04ka named[1286]: generating session key for dynamic DNS
Oct 23 06:22:16 radist04ka named[1286]: sizing zone task pool based on 5 zones
Oct 23 06:22:16 radist04ka named[1286]: set up managed keys zone for view _default, file 'managed-keys.bind'
Oct 23 06:22:16 radist04ka named[1286]: command channel listening on 127.0.0.1#953
Oct 23 06:22:16 radist04ka named[1286]: command channel listening on ::1#953
Oct 23 06:22:16 radist04ka named[1286]: zone 10.10.in-addr.arpa/IN: loaded serial 20121022
Oct 23 06:22:16 radist04ka named[1286]: zone 127.in-addr.arpa/IN: loaded serial 42
Oct 23 06:22:16 radist04ka named[1286]: zone local.doiman/IN: loaded serial 20121022
Oct 23 06:22:16 radist04ka named[1286]: zone localhost/IN: loaded serial 42
Oct 23 06:22:16 radist04ka named[1286]: managed-keys-zone ./IN: loaded serial 0
Oct 23 06:22:16 radist04ka named[1286]: running
Oct 23 06:22:26 radist04ka named[1286]: error (network unreachable) resolving 'emupdate.avast.com/AAAA/IN': 83.219.128.14#53
Oct 23 06:22:26 radist04ka named[1286]: error (network unreachable) resolving 'emupdate.avast.com/AAAA/IN': 8.8.4.4#53
Oct 23 06:22:26 radist04ka named[1286]: error (network unreachable) resolving 'emupdate.avast.com/AAAA/IN': 83.219.128.10#53
Oct 23 06:22:26 radist04ka named[1286]: error (network unreachable) resolving 'emupdate.avast.com/AAAA/IN': 8.8.8.8#53
Oct 23 06:22:28 radist04ka named[1286]: error (network unreachable) resolving 'ping.avast.com/A/IN': 83.219.128.14#53
Oct 23 06:22:28 radist04ka named[1286]: error (network unreachable) resolving 'ping.avast.com/A/IN': 8.8.4.4#53
Oct 23 06:22:28 radist04ka named[1286]: error (network unreachable) resolving 'ping.avast.com/A/IN': 83.219.128.10#53
Oct 23 06:22:28 radist04ka named[1286]: error (network unreachable) resolving 'ping.avast.com/A/IN': 8.8.8.8#53
Oct 23 06:22:31 radist04ka named[1286]: error (network unreachable) resolving 'emupdate.avast.com/AAAA/IN': 83.219.128.14#53
Oct 23 06:22:31 radist04ka named[1286]: error (network unreachable) resolving 'emupdate.avast.com/AAAA/IN': 8.8.4.4#53
Oct 23 06:22:31 radist04ka named[1286]: error (network unreachable) resolving 'emupdate.avast.com/AAAA/IN': 83.219.128.10#53
Oct 23 06:22:31 radist04ka named[1286]: error (network unreachable) resolving 'emupdate.avast.com/AAAA/IN': 8.8.8.8#53
Oct 23 06:22:34 radist04ka named[1286]: error (network unreachable) resolving 'vl.ff.avast.com/AAAA/IN': 83.219.128.14#53
Oct 23 06:22:34 radist04ka named[1286]: error (network unreachable) resolving 'vl.ff.avast.com/AAAA/IN': 8.8.4.4#53
Oct 23 06:22:34 radist04ka named[1286]: error (network unreachable) resolving 'vl.ff.avast.com/AAAA/IN': 83.219.128.10#53
Oct 23 06:22:34 radist04ka named[1286]: error (network unreachable) resolving 'vl.ff.avast.com/AAAA/IN': 8.8.8.8#53
Oct 23 06:22:49 radist04ka named[1286]: error (network unreachable) resolving 'emupdate.avast.com/A/IN': 83.219.128.14#53
Oct 23 06:22:49 radist04ka named[1286]: error (network unreachable) resolving 'emupdate.avast.com/A/IN': 8.8.4.4#53
Oct 23 06:22:49 radist04ka named[1286]: error (network unreachable) resolving 'emupdate.avast.com/A/IN': 83.219.128.10#53
Oct 23 06:22:49 radist04ka named[1286]: error (network unreachable) resolving 'emupdate.avast.com/A/IN': 8.8.8.8#53
Код: Выделить всё
# cat /usr/local/etc/dhcpd.conf
server-identifier 10.10.220.1;
always-broadcast on;
ddns-domainname "local.doiman";
default-lease-time 500;
max-lease-time 3600;
authoritative;
log-facility local7;
ddns-update-style interim;
deny client-updates;
key DHCP_UPDATER {
algorithm hmac-md5;
secret "4Ha3dkkRqovhpKcEuZYmvQ==";
};
zone local.doiman. {
primary 10.10.220.1 ;
key DHCP_UPDATER;
}
zone 10.10.in-addr.arpa. {
primary 10.10.220.1;
key DHCP_UPDATER;
}
option domain-name-servers 10.10.220.1, 83.219.128.10, 83.219.128.14, 8.8.8.8, 8.8.4.4;
option routers 10.10.220.1;
subnet 10.10.0.0 netmask 255.255.0.0 {
range 10.10.220.65 10.10.220.90;
deny unknown-clients;
}
host Loner-XP {
hardware ethernet 00:04:61:1F:75:58;
fixed-address 10.10.220.7;
}
host vitaminchik {
hardware ethernet 04:7d:7b:bf:c6:40;
fixed-address 10.10.220.79;
}Код: Выделить всё
# tail /var/db/dhcpd/var/db/dhcpd/dhcpd.leases
# The format of this file is documented in the dhcpd.leases(5) manual page.
# This lease file was written by isc-dhcp-4.2.4-P2
server-duid "\000\001\000\001\030\027,~L\000\020a3c";
# tail /var/db/dhcpd/var/db/dhcpd/dhcpd.leases~
# The format of this file is documented in the dhcpd.leases(5) manual page.
# This lease file was written by isc-dhcp-4.2.4-P2
server-duid "\000\001\000\001\030\027,~L\000\020a3c";Код: Выделить всё
# cat /etc/rc.conf | grep named
named_enable="YES"
named_program="/usr/sbin/named"
named_flags="-u bind -c /etc/namedb/named.conf"
# cat /etc/rc.conf | grep dhcpd
dhcpd_enable="YES"
dhcpd_ifaces="bridge0"
dhcpd_flags="-q -4"
dhcpd_withumask="022"
dhcpd_chuser_enable="YES"
dhcpd_withuser="dhcpd"
dhcpd_withgroup="dhcpd"
dhcpd_chroot_enable="YES"
dhcpd_devfs_enable="YES"
dhcpd_rootdir="/var/db/dhcpd"Код: Выделить всё
# host 10.10.220.1
Host 1.220.10.10.in-addr.arpa. not found: 3(NXDOMAIN)
# host router
Host router not found: 3(NXDOMAIN)Код: Выделить всё
# nslookup server 10.10.220.1
Server: 10.10.220.1
Address: 10.10.220.1#53
** server can't find server: NXDOMAIN
Код: Выделить всё
# cat /var/log/named-update.log
# cat /var/log/named-auth.log