-3

Im having an issue with a zone file in BIND.

Here is the zone file, private information is masked.

$ORIGIN xx.com.
$TTL 60

@                       IN SOA  ns01.xx.com. hostmaster.xx.com. (
                            2019040702   ; serial number DATE PLUS SEQUENCENR
                            3600       ; refresh (15 minutes)
                            3600       ; retry (10 minutes)
                            86400      ; expire (1 day)
                            3600       ; minimum (1 hour)
                            )

                    NS      ns01.xx.com.
                    NS      ns02.xx.com.

; Mail-servers
@                       MX      10      ASPMX.L.GOOGLE.COM.
@                       MX      20      ALT1.ASPMX.L.GOOGLE.COM.
@                       MX      20      ALT2.ASPMX.L.GOOGLE.COM.
@                       MX      30      ASPMX2.GOOGLEMAIL.COM.
@                       MX      30      ASPMX3.GOOGLEMAIL.COM.

@                       A       1.2.3.4
www                     A       1.2.3.4

Whenever i run named-checkconf xx.com i get this error:

xx.com:1: unknown option '$ORIGIN'
xx.com:5: unknown option 'serial'
xx.com:6: unknown option 'refresh'
xx.com:7: unknown option 'retry'
xx.com:8: unknown option 'expire'
xx.com:9: unknown option 'minimum'
xx.com:15: unknown option 'Mail-servers'
xx.com:24: unexpected token near end of file

And then BIND doesnt start up.

Anyone see any issues with this file?

Dj1
  • 1
  • 1
  • 3

1 Answers1

1

As it name implies named-checkconf is to check Bind configuration files, not zonefiles!

To check zonefiles you need to use named-checkzone

It will let you know that your zone has a problem because your in-bailiwick nameservers have no A nor AAAA records.

PS: do not obfuscate things so badly, 1.2.3.4 and xx.com are valid global public identifiers that exist today and are not yours. There are guidelines to obfuscation, look at RFC2606 and RFC5737

Patrick Mevzek
  • 9,921
  • 7
  • 32
  • 43