0

I am running BIND 9.18.12-0 on Ubuntu 22.04 and I have the following problem on more than one installation. I have even installed bind locally with a simple test configuration and I am still seeing this issue.

Whenever i run rndc showzone somezone and sonezone is a valid zone it returns the very unhelpful error message rndc: 'showzone' failed: failure.

The server is otherwise working, I can query it.

When I run rndc zonestatus somezone it returns the expected result.

When I run rndc showzone nonexistantzone it returns:

rndc: 'showzone' failed: not found
no matching zone 'nonexistantzone' in any view

It is only when I run rndc showzone somezone and sonezone is a valid zone that I get rndc: 'showzone' failed: failure.

When I look in the log files there are no errors it just says: received control channel command 'showzone somezone'.

Is there some particular way I need to configure my zones or my server to allow showzone to work or is this just a bug?

Does the showzone rndc command work at all?

As mentioned I have set up a minimal test server to investigate, the config files are as follows:

named.conf

include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";

named.conf.options

options {
    directory "/var/cache/bind";

    dnssec-validation auto;

    listen-on-v6 { any; };
};

named.conf.local

zone "test" {
    type master;
    file "/etc/bind/db.test";
};

db.test

$TTL    604800
@   IN  SOA test. root.test. (
                  3     ; Serial
             604800     ; Refresh
              86400     ; Retry
            2419200     ; Expire
             604800 )   ; Negative Cache TTL
;
@           IN  NS      ns.test.
@           IN  A       192.168.1.1
@           IN  AAAA    ::1
ns          IN  A       192.168.1.1

named.conf.default-zones and the various default zone files are unchanged from their default settings.

Ben Robinson
  • 151
  • 5
  • Could we see your BIND configuration files ? – Saxtheowl Apr 09 '23 at 13:36
  • @Saxtheowl I have added the config files of my minimal test server. My actual servers have a bit more complex setup but none of that seems to make any difference, they behave the same as the minimal test server. – Ben Robinson Apr 09 '23 at 13:54

1 Answers1

2

So it turns out, although it doesn't seem to mention it anywhere in the help like it does with addzone and modzone, that showzone requires the allow-new-zones option.

This needs to be in your config to enable the showzone command:

options {

    //other options

    allow-new-zones yes;
};

It does not however change the behaviour or rndc showzone nonexistantzone it's happy to tell you that the zone doesn't exist without the allow-new-zones option.

Ben Robinson
  • 151
  • 5