• RE: [Non-DoD Source] Re: BIND installed on a Solaris 11.4 x 86virtual server

    From DeCaro, James John (Jim) CIV DISA FE (USA)@james.j.decaro3.civ@mail.mil to bind-users@lists.isc.org on Mon Jun 1 19:23:15 2020
    From Newsgroup: comp.protocols.dns.bind

    named -c /etc/named.conf -g
    01-Jun-2020 15:02:22.034 starting BIND 9.16.3 (Stable Release) <id:5ea41c1> 01-Jun-2020 15:02:22.034 running on SunOS i86pc 5.11 11.4.20.4.0
    01-Jun-2020 15:02:22.034 built with '--with-gssapi=krb5-config' 'LDFLAGS=-L/usr/local/lib -R/usr/local/lib' 'PKG_CONFIG_PATH=/usr/lib/pkgconfig:/usr/local/lib/pkgconfig'
    01-Jun-2020 15:02:22.034 running as: named -c /etc/named.conf -g
    01-Jun-2020 15:02:22.034 compiled by GCC 9.2.0
    01-Jun-2020 15:02:22.034 compiled with OpenSSL version: OpenSSL 1.1.1b 26 Feb 2019
    01-Jun-2020 15:02:22.034 linked to OpenSSL version: OpenSSL 1.1.1b 26 Feb 2019 01-Jun-2020 15:02:22.034 compiled with libxml2 version: 2.9.9
    01-Jun-2020 15:02:22.034 linked to libxml2 version: 20909
    01-Jun-2020 15:02:22.035 compiled with json-c version: 0.12
    01-Jun-2020 15:02:22.035 linked to json-c version: 0.12
    01-Jun-2020 15:02:22.035 compiled with zlib version: 1.2.11
    01-Jun-2020 15:02:22.035 linked to zlib version: 1.2.11
    01-Jun-2020 15:02:22.035 ---------------------------------------------------- 01-Jun-2020 15:02:22.035 BIND 9 is maintained by Internet Systems Consortium, 01-Jun-2020 15:02:22.035 Inc. (ISC), a non-profit 501(c)(3) public-benefit 01-Jun-2020 15:02:22.035 corporation. Support and training for BIND 9 are 01-Jun-2020 15:02:22.035 available at https://www.isc.org/support
    01-Jun-2020 15:02:22.035 ---------------------------------------------------- 01-Jun-2020 15:02:22.035 found 2 CPUs, using 2 worker threads
    01-Jun-2020 15:02:22.035 using 2 UDP listeners per interface
    01-Jun-2020 15:02:22.038 using up to 21000 sockets
    01-Jun-2020 15:02:22.044 loading configuration from '/etc/named.conf' <<----------------------------correct
    01-Jun-2020 15:02:22.046 reading built-in trust anchors from file '/usr/local/etc/bind.keys'
    01-Jun-2020 15:02:22.049 using default UDP/IPv4 port range: [1024, 65535] 01-Jun-2020 15:02:22.050 using default UDP/IPv6 port range: [1024, 65535] 01-Jun-2020 15:02:22.051 listening on IPv4 interface net1, <IP> #53
    01-Jun-2020 15:02:22.053 creating TCP socket: address in use <<--------------------------????
    01-Jun-2020 15:02:22.053 IPv6 socket API is incomplete; explicitly binding to each IPv6 address separately
    01-Jun-2020 15:02:22.053 listening on IPv6 interface lo0, ::1#53
    01-Jun-2020 15:02:22.055 creating TCP socket: address in use <<--------------------------????
    01-Jun-2020 15:02:22.055 unable to listen on any configured interfaces 01-Jun-2020 15:02:22.056 loading configuration: failure <<---------------------------------????
    01-Jun-2020 15:02:22.056 exiting (due to fatal error)

    OK, thanks I did not read it closely enough the first time. However it is still not loading. I had disabled svc:/network/dns/server:default prior to running the command to avoid 2 instances of named running and got the above output. When I enable it, it goes into maintenance. When I try named -c /etc/named.conf -g when dns/server is enabled (in maintenance) I get the same result as above.

    Note: the named.conf file is blank.

    Named -V
    BIND 9.16.3 (Stable Release) <id:5ea41c1>
    running on SunOS i86pc 5.11 11.4.20.4.0
    built by make with '--with-gssapi=krb5-config' 'LDFLAGS=-L/usr/local/lib -R/usr/local/lib' 'PKG_CONFIG_PATH=/usr/lib/pkgconfig:/usr/local/lib/pkgconfig'
    compiled by GCC 9.2.0
    compiled with OpenSSL version: OpenSSL 1.1.1b 26 Feb 2019
    linked to OpenSSL version: OpenSSL 1.1.1b 26 Feb 2019
    compiled with libxml2 version: 2.9.9
    linked to libxml2 version: 20909
    compiled with json-c version: 0.12
    linked to json-c version: 0.12
    compiled with zlib version: 1.2.11
    linked to zlib version: 1.2.11
    threads support is enabled

    default paths: <<------------------------incorrect
    named configuration: /usr/local/etc/named.conf
    rndc configuration: /usr/local/etc/rndc.conf
    DNSSEC root key: /usr/local/etc/bind.keys
    nsupdate session key: /usr/local/var/run/named/session.key
    named PID file: /usr/local/var/run/named/named.pid
    named lock file: /usr/local/var/run/named/named.lock

    ------------------->>default paths: these are not what I was shooting for --should be:

    named configuration: /etc/named.conf
    rndc configuration: /etc/rndc.conf
    DNSSEC root key: /etc/bind.keys
    nsupdate session key: /usr/var/run/named/session.key
    named PID file: /usr/var/run/named/named.pid
    named lock file: /usr/var/run/named/named.lock

    Thank you

    V/R
    Jim DeCaro
    DISA
    Systems Administrator
    Windows and Unix Server Operations
    FE222/DoDNet Service Section
    Defense Enclave Services Directorate
    ¢Ï 301-225-8180
    ¢Ï 301-375-8180
    James.j.decaro3.civ@mail.mil
    James.j.decaro3.civ@mail.smil.mil

    "If you always do what you always did you will always get what you always got."


    -----Original Message-----
    From: Anand Buddhdev <anandb@ripe.net>
    Sent: Monday, June 1, 2020 3:00 PM
    To: DeCaro, James John (Jim) CIV DISA FE (USA) <james.j.decaro3.civ@mail.mil>; bind-users@lists.isc.org
    Subject: [Non-DoD Source] Re: BIND installed on a Solaris 11.4 x 86 virtual server

    On 01/06/2020 20:08, DeCaro, James John (Jim) CIV DISA FE (USA) via
    bind-users wrote:

    Hi Jim,

    Installed BIND 9.16.3 and I discovered that the SMF dns/server is
    trying to read named.conf from /usr/local/etc/:
    "/usr/local/etc/named.conf: file not found". I am trying to figure
    out how point named to read /etc/named.conf.

    I last touched SMF over 15 years ago, and I don't remember enough about
    it now, so I can't speak for the SMF parts of your question.

    I did try re-compiling BIND with different switches but it resulted
    in the same thing. Is there an environment variable or a ./configure
    switch to re-point the default to /etc/named.conf? I tried '--sysconfdir=/etc' --no luck there. Do I edit the manifest file?

    This *is* the correct way to define the default location of named.conf.

    I attempted named -c /etc/named.conf with no luck

    This *must* work. However, your description "no luck" isn't enough. Can
    you describe exactly what happened when you named "named -c
    /etc/named.conf"?

    $ named -g:

    Run "named -c /etc/named.conf -g" and see what happens.

    Regards,
    Anand
    --- Synchronet 3.18a-Linux NewsLink 1.113
  • From DeCaro, James John (Jim) CIV DISA FE (USA)@james.j.decaro3.civ@mail.mil to bind-users@lists.isc.org on Mon Jun 1 19:49:17 2020
    From Newsgroup: comp.protocols.dns.bind

    Also, BIND binaries are located in /usr/bin and /usr/sbin --sorry I forgot to mention that. I went ahead and re-compiled with ./configure --enable-full-report --with-gssapi=krb5-config --sysconfdir=/etc --with-openssl=/usr/local --localstatedir=/var --enable-fixed-rrset and installed it, now the default directories are correct but the service still goes into maintenance with the same error as produced by named -c /etc/named.conf -g.

    I apologize that my inexperience makes this confusing.


    V/R
    Jim DeCaro
    DISA
    Systems Administrator
    Windows and Unix Server Operations
    FE222/DoDNet Service Section
    Defense Enclave Services Directorate
    ¢Ï 301-225-8180
    ¢Ï 301-375-8180
    James.j.decaro3.civ@mail.mil
    James.j.decaro3.civ@mail.smil.mil

    "If you always do what you always did you will always get what you always got."


    -----Original Message-----
    From: DeCaro, James John (Jim) CIV DISA FE (USA)
    Sent: Monday, June 1, 2020 3:23 PM
    To: 'Anand Buddhdev' <anandb@ripe.net>; bind-users@lists.isc.org
    Subject: RE: [Non-DoD Source] Re: BIND installed on a Solaris 11.4 x 86 virtual server

    named -c /etc/named.conf -g
    01-Jun-2020 15:02:22.034 starting BIND 9.16.3 (Stable Release) <id:5ea41c1> 01-Jun-2020 15:02:22.034 running on SunOS i86pc 5.11 11.4.20.4.0
    01-Jun-2020 15:02:22.034 built with '--with-gssapi=krb5-config' 'LDFLAGS=-L/usr/local/lib -R/usr/local/lib' 'PKG_CONFIG_PATH=/usr/lib/pkgconfig:/usr/local/lib/pkgconfig'
    01-Jun-2020 15:02:22.034 running as: named -c /etc/named.conf -g
    01-Jun-2020 15:02:22.034 compiled by GCC 9.2.0
    01-Jun-2020 15:02:22.034 compiled with OpenSSL version: OpenSSL 1.1.1b 26 Feb 2019
    01-Jun-2020 15:02:22.034 linked to OpenSSL version: OpenSSL 1.1.1b 26 Feb 2019 01-Jun-2020 15:02:22.034 compiled with libxml2 version: 2.9.9
    01-Jun-2020 15:02:22.034 linked to libxml2 version: 20909
    01-Jun-2020 15:02:22.035 compiled with json-c version: 0.12
    01-Jun-2020 15:02:22.035 linked to json-c version: 0.12
    01-Jun-2020 15:02:22.035 compiled with zlib version: 1.2.11
    01-Jun-2020 15:02:22.035 linked to zlib version: 1.2.11
    01-Jun-2020 15:02:22.035 ---------------------------------------------------- 01-Jun-2020 15:02:22.035 BIND 9 is maintained by Internet Systems Consortium, 01-Jun-2020 15:02:22.035 Inc. (ISC), a non-profit 501(c)(3) public-benefit 01-Jun-2020 15:02:22.035 corporation. Support and training for BIND 9 are 01-Jun-2020 15:02:22.035 available at https://www.isc.org/support
    01-Jun-2020 15:02:22.035 ---------------------------------------------------- 01-Jun-2020 15:02:22.035 found 2 CPUs, using 2 worker threads
    01-Jun-2020 15:02:22.035 using 2 UDP listeners per interface
    01-Jun-2020 15:02:22.038 using up to 21000 sockets
    01-Jun-2020 15:02:22.044 loading configuration from '/etc/named.conf' <<----------------------------correct
    01-Jun-2020 15:02:22.046 reading built-in trust anchors from file '/usr/local/etc/bind.keys'
    01-Jun-2020 15:02:22.049 using default UDP/IPv4 port range: [1024, 65535] 01-Jun-2020 15:02:22.050 using default UDP/IPv6 port range: [1024, 65535] 01-Jun-2020 15:02:22.051 listening on IPv4 interface net1, <IP> #53
    01-Jun-2020 15:02:22.053 creating TCP socket: address in use <<--------------------------????
    01-Jun-2020 15:02:22.053 IPv6 socket API is incomplete; explicitly binding to each IPv6 address separately
    01-Jun-2020 15:02:22.053 listening on IPv6 interface lo0, ::1#53
    01-Jun-2020 15:02:22.055 creating TCP socket: address in use <<--------------------------????
    01-Jun-2020 15:02:22.055 unable to listen on any configured interfaces 01-Jun-2020 15:02:22.056 loading configuration: failure <<---------------------------------????
    01-Jun-2020 15:02:22.056 exiting (due to fatal error)

    OK, thanks I did not read it closely enough the first time. However it is still not loading. I had disabled svc:/network/dns/server:default prior to running the command to avoid 2 instances of named running and got the above output. When I enable it, it goes into maintenance. When I try named -c /etc/named.conf -g when dns/server is enabled (in maintenance) I get the same result as above.

    Note: the named.conf file is blank.

    Named -V
    BIND 9.16.3 (Stable Release) <id:5ea41c1>
    running on SunOS i86pc 5.11 11.4.20.4.0
    built by make with '--with-gssapi=krb5-config' 'LDFLAGS=-L/usr/local/lib -R/usr/local/lib' 'PKG_CONFIG_PATH=/usr/lib/pkgconfig:/usr/local/lib/pkgconfig'
    compiled by GCC 9.2.0
    compiled with OpenSSL version: OpenSSL 1.1.1b 26 Feb 2019
    linked to OpenSSL version: OpenSSL 1.1.1b 26 Feb 2019
    compiled with libxml2 version: 2.9.9
    linked to libxml2 version: 20909
    compiled with json-c version: 0.12
    linked to json-c version: 0.12
    compiled with zlib version: 1.2.11
    linked to zlib version: 1.2.11
    threads support is enabled

    default paths: <<------------------------incorrect
    named configuration: /usr/local/etc/named.conf
    rndc configuration: /usr/local/etc/rndc.conf
    DNSSEC root key: /usr/local/etc/bind.keys
    nsupdate session key: /usr/local/var/run/named/session.key
    named PID file: /usr/local/var/run/named/named.pid
    named lock file: /usr/local/var/run/named/named.lock

    ------------------->>default paths: these are not what I was shooting for --should be:

    named configuration: /etc/named.conf
    rndc configuration: /etc/rndc.conf
    DNSSEC root key: /etc/bind.keys
    nsupdate session key: /usr/var/run/named/session.key
    named PID file: /usr/var/run/named/named.pid
    named lock file: /usr/var/run/named/named.lock

    Thank you

    V/R
    Jim DeCaro
    DISA
    Systems Administrator
    Windows and Unix Server Operations
    FE222/DoDNet Service Section
    Defense Enclave Services Directorate
    ¢Ï 301-225-8180
    ¢Ï 301-375-8180
    James.j.decaro3.civ@mail.mil
    James.j.decaro3.civ@mail.smil.mil

    "If you always do what you always did you will always get what you always got."


    -----Original Message-----
    From: Anand Buddhdev <anandb@ripe.net>
    Sent: Monday, June 1, 2020 3:00 PM
    To: DeCaro, James John (Jim) CIV DISA FE (USA) <james.j.decaro3.civ@mail.mil>; bind-users@lists.isc.org
    Subject: [Non-DoD Source] Re: BIND installed on a Solaris 11.4 x 86 virtual server

    On 01/06/2020 20:08, DeCaro, James John (Jim) CIV DISA FE (USA) via
    bind-users wrote:

    Hi Jim,

    Installed BIND 9.16.3 and I discovered that the SMF dns/server is
    trying to read named.conf from /usr/local/etc/:
    "/usr/local/etc/named.conf: file not found". I am trying to figure
    out how point named to read /etc/named.conf.

    I last touched SMF over 15 years ago, and I don't remember enough about
    it now, so I can't speak for the SMF parts of your question.

    I did try re-compiling BIND with different switches but it resulted
    in the same thing. Is there an environment variable or a ./configure
    switch to re-point the default to /etc/named.conf? I tried '--sysconfdir=/etc' --no luck there. Do I edit the manifest file?

    This *is* the correct way to define the default location of named.conf.

    I attempted named -c /etc/named.conf with no luck

    This *must* work. However, your description "no luck" isn't enough. Can
    you describe exactly what happened when you named "named -c
    /etc/named.conf"?

    $ named -g:

    Run "named -c /etc/named.conf -g" and see what happens.

    Regards,
    Anand
    --- Synchronet 3.18a-Linux NewsLink 1.113