Cannot create DNS zones using Centos 6 64 bits

I have followed what is written here - but when I try to start named it still does not want to work.
I still get this errors…
named[10891]: none:0: open: /etc/named.conf: permission denied

so I have gotten it working by changing the owner on /etc/named.conf to - root:named
Please let me know if this is fine or not?

What was the owner/group before that?

On the CentOS 6 system I’m looking at here, /etc/named.conf is set as root:named.

-Eric

Eric,

It was root:root.

Its working fine now - did however need to change alot in the config file - on CentOS 5.7 it works out of the box bu on CentOS 6 I needed to change alot of settings to get it to listen to any; and not just local.

I would just like to make sure that I am not creating a security hole with the root:named - but it seems that is what everyone`s is.

Thanks

In my post above, there are attached screenshots and a .PDF
I found you have to be logged in to see the attached files.

Could these problems also be causing a really high memory usage of named in CentOS 6 - on my larger CentOS 5.7 system named only uses like 0.5MB of ram but on the CentOS 6 system it uses about 20MB ??

Howdy,

Well, did you also move to a 64 bit system? A 64 bit system would use more memory.

However, it’s normal for BIND to use a lot of memory – 20MB is actually kind of small, I’d expect that to grow to over 50-100MB after running for a few days.

-Eric

Eric,

Thanks for the reply.

No I am still on a 32 bit system.

My other systems runs bind at about 8mb ram for months…

Must be a CentOS 6 or Bind 9.7 thing

I actually haven’t seen BIND use that little amount of RAM… on my 32 bit test CentOS 5 system, with only 2 domains, BIND uses about 40MB of RAM after being restarted.

What output are you seeing if you run this command:

ps auxw | grep named

Not sure what I’m doing wrong. Here are my records. It is registered with namecheap.com
and their pointing at my IP.

This is VirtualminPro and the last server I setup with centos5 just worked with not really any issues.

Namecheap mentioned something about my server not broadcasting. Port 53 open and
you can telnet to it so I am stuck in a rut.

Can anyone point me in a direction to look for issues?

$ttl 38400s @ IN SOA chyptech.com. root.chyptech.com. ( 1338969856 10800 3600 604800 38400 ) chyptech.com. IN NS chyptech.com. ns1.chyptech.com. IN NS ns1.chyptech.com. ns2.chyptech.com. IN NS ns2.chyptech.com. chyptech.com. IN A 149.154.158.195 www.chyptech.com. IN A 149.154.158.195 ftp.chyptech.com. IN A 149.154.158.195 m.chyptech.com. IN A 149.154.158.195 localhost.chyptech.com. IN A 127.0.0.1 webmail.chyptech.com. IN A 149.154.158.195 admin.chyptech.com. IN A 149.154.158.195 mail.chyptech.com. IN A 149.154.158.195 chyptech.com. IN MX 5 mail.chyptech.com. chyptech.com. IN TXT "v=spf1 a mx a:chyptech.com ip4:149.154.158.195 ?all"

I just wanted to chime in and say I ran into the same problem on centos 6 (Virtualmin GPL) and it was quite a hassle to get sorted out, but I think I have it working now using JohnWolgamot’s method - thanks!

I also wanted to report that migrating a domain from a cpanel backup did not migrate dns entries that were pointing to IPs NOT on the same server. Both A records and CNAMEs.

Otherwise, very pleased with the migration and virtualmin in general so far (other than this DNS issue).

JohnWolgamot, what do you mean by not propagating? You can test the local dns using dig with

dig chyptech.com @
dig chyptech.com ns @
dig ns1.chyptech.com @
dig chyptech.com mx @
dig mail.chyptech.com @

etc.

Thanks for the suggestions. I’m kind of past all that but;
I have a new problem in the next post but I finally got the server up.

Here is the story. I was trying Scientific Linux which is RHEL just like Centos.

I was able to get BIND to run by doing Jamies thing he mentioned below my earlier post.

But my ip was not propagating as in opendns.com was not seeing my IP like my server wasn’t broadcasting whatever. I did a chat with namecheap and they mentioned my server wasn’t doing something to allow propagation. Namecheap said they could see they were throwing to the proper servers.

Finally as a test, I blanked out my server and installed a minimal Centos5 with virtualmin pro’s install.sh script and all was ok. I looked at opendns.com cache check and it immediately showed the ip’s for my server.

I blanked it again and this time I installed the minimal version Centos6 INSTEAD of SL6. I ran the Virtualmin Pro install.sh.

Virtualmin Pro installed flawlessly. The main server is named chyptech.com so Virtualmin picked that up.

I created a server called chyptech.com and open dns showed the proper ip in their cache. I did a refresh cache to make sure.

I plopped a Joomla install at http://chyptech.com/computer-it-web-tech-support/ and it worked just fine.

And it still is working fine.

I started moving some of my customers onto the server. By today I had calls saying they weren’t getting mail. See the next post.

I have been doing this for years and still consider my self a NOOB. I have learned most of my Linux thanks to Google and the discovery of Webmin and finally Virtualmin Pro’s install.sh that sets up my server flawlessly.

Then I can see how they set it up and learn or glean knowledge from the setup and forums.

Here are my current DNS settings. Virtualmin set it all up, I added the last 4 lines. Not sure If I’m right to do this but I read that the name servers should be in there as well as A records for the name servers. Not sure is this is the way it should be done though.

$ttl 38400s
@ IN SOA chyptech.com. root.chyptech.com. (
1340530430
10800
3600
604800
38400 )
@ IN NS chyptech.com.
@ IN NS 91.227.205.227.
chyptech.com. IN A 149.154.158.195
www.chyptech.com. IN A 149.154.158.195
ftp.chyptech.com. IN A 149.154.158.195
m.chyptech.com. IN A 149.154.158.195
localhost.chyptech.com. IN A 127.0.0.1
webmail.chyptech.com. IN A 149.154.158.195
admin.chyptech.com. IN A 149.154.158.195
mail.chyptech.com. IN A 149.154.158.195
chyptech.com. IN MX 5 mail.chyptech.com.
chyptech.com. IN TXT “v=spf1 a mx a:chyptech.com ip4:149.154.158.195 ?all”
ns1.chyptech.com. IN NS ns1.chyptech.com.
ns2.chyptech.com. IN NS ns2.chyptech.com.
ns1.chyptech.com. IN A 149.154.158.195
ns2.chyptech.com. IN A 149.154.158.195

I used this 2 sites trying to troubleshoot

http://www.opendns.com/support/cache/

and

http://www.intodns.com/chyptech.com

Ok not sure how to make code blocks so sorry if there are formatting issues. I am also rusty on the different legal syntax forms but I do see what your problem is

The A records are good for ns1 and ns2

The NS records are broken though and I’ll address then one at a time, but in short replace all of those NS records with

@ IN NS ns1.chyptech.com.

@ IN NS ns2.chyptech.com.

or perhaps this style if you prefer

chyptech.com. IN NS ns1.chyptech.com.

chyptech.com. IN NS ns2.chyptech.com.

These lines basically say that ns1 and ns2 are nameservers for this zone

Here are the problems with the existing ones

@ IN NS chyptech.com. <-- says chyptech.com is your nameserver
@ IN NS 91.227.205.227. <-- no trailing . needed

ns1.chyptech.com. IN NS ns1.chyptech.com. <-- says ns1.chyptech.com is ns for ns1.chyptech.com
ns2.chyptech.com. IN NS ns2.chyptech.com. <-- says ns2.chyptech.com is ns for ns2.chyptech.com

hth
charles

Hi and thanks for the DNS direction.

At the bottom there is a link that says Input Format and links you to the following page.

https://www.virtualmin.com/filter/tips

$ttl 38400s @ IN SOA chyptech.com. root.chyptech.com. ( 1340530438 10800 3600 604800 38400 ) @ IN NS chyptech.com. chyptech.com. IN NS 91.227.205.227. ;This is the IP of the main KVM Server chyptech.com. IN A 149.154.158.195 www.chyptech.com. IN A 149.154.158.195 ftp.chyptech.com. IN A 149.154.158.195 m.chyptech.com. IN A 149.154.158.195 localhost.chyptech.com. IN A 127.0.0.1 webmail.chyptech.com. IN A 149.154.158.195 admin.chyptech.com. IN A 149.154.158.195 mail.chyptech.com. IN A 149.154.158.195 chyptech.com. IN MX 5 mail.chyptech.com. chyptech.com. IN TXT "v=spf1 a mx a:chyptech.com ip4:149.154.158.195 ?all" ns1.chyptech.com. IN A 149.154.158.195 ns2.chyptech.com. IN A 149.154.158.195 chyptech.com. IN NS ns1.chyptech.com. chyptech.com. IN NS ns2.chyptech.com.

Everything you want in fix font code format you enclose in between this 2 opening and closing tags text

I am still a confused mess in regards to DNS though I’m starting to understand. I’m not sure why I even need the line which referes to the main KVM server my container is hosted under. It has nothing to do with my domain.
chyptech.com. IN NS 91.227.205.227 ;This is the IP of the main KVM Server which is hosted in the Chicago Data Center.

In the EDIS KVM control panel they give this info concerning IP’s

IPv4 Address: 149.154.158.195 Netmask: 255.255.255.128 Gateway: 149.154.158.129 Nameserver: 91.227.204.227 / 91.227.205.227

IPv6 Address: 2a02:748:a800:149:154:158:195:0/112
Gateway: 2a02:748:a800::1
Nameserver: 2001:4860:4860::8888 / 2001:4860:4860::8844

Virtualmin inherits the gateway of the KVM server which apparently allows you to use yum to get out to the internet. I also added in the opendns.com numbers to the main server resolve.conf which seemed to make yum even that much more responsive though I’m not sure if or why it is needed in each Virtual Server DNS.

I thank you for your response and will ponder it until I grasp this better.

As a side note. Although the sites came up right away after changing godaddy to point to the chyptech IP, it still took over 24 hours for the mail to start coming in. So I was worried for nothing concerning mail.