0

I recently tried to setup a DNS. The checking tool tells me that some A records are missing. But I think I did.

Zonefile: 

$ORIGIN .
$TTL 2D
.       IN      SOA     ns1. root.ns1. (
                        2016052404    ; Serial
                                8H      ; Refresh
                                2H      ; Retry
                                4W      ; Expire
                                3H      ; NX (TTL Negativ Cache)
)
.                               IN      NS      ns1.
ns1.                            IN      A       192.168.107.2
at.                             IN      NS      ns1.at.
ns1.at.                         IN      A       192.168.107.3
jp.                             IN      NS      ns1.jp.
ns1.jp.                         IN      A       192.168.107.5

user@dns1:/etc/bind# sudo named-checkzone . db.zonefile
zone ./IN: at/NS 'ns1.at' (out of zone) has no addresses records (A or AAAA)
zone ./IN: jp/NS 'ns1.jp' (out of zone) has no addresses records (A or AAAA)
zone ./IN: loaded serial 2016052404
OK

/etc/bind/named-conf.local 

zone "." {
type master;
file "/etc/bind/db.zonefile";
};

zone "0.168.192.in-addr.arpa" {
type master;
file "/etc/bind/db.0.168.192";
};

/etc/resolv.conf: 

search .
nameserver 127.0.0.1
Shinobu
  • 11
  • 7

1 Answers1

1

You probably want to use sudo named-checkzone -i local . db.zonefile

from named-checkzone man page:

OPTIONS

...

-i mode

Perform post-load zone integrity checks. Possible modes are "full" (default), "full-sibling", "local", "local-sibling" and "none". ... Mode "full" checks that delegation NS records refer to A or AAAA record (both in-zone and out-of-zone hostnames). It also checks that glue address records in the zone match those advertised by the child. Mode "local" only checks NS records which refer to in-zone hostnames or that some required glue exists, that is when the nameserver is in a child zone. ...

Without -i local option, upstream DNS server (defined in /etc/resolv.conf) will also be checked, so for example with 8.8.8.8 I get the following result (which is expected):

[root@localhost ~]# named-checkzone . foo.db
zone ./IN: at/NS 'ns1.at' extra GLUE A record (192.168.107.3)
zone ./IN: at/NS 'ns1.at' missing GLUE A record (176.28.37.75)
zone ./IN: at/NS 'ns1.at' missing GLUE AAAA record (2a01:488:42:1000:b01c:254b:fffe:f92a)
zone ./IN: getaddrinfo(ns1.jp) failed: Temporary failure in name resolution
zone ./IN: loaded serial 2016052404
OK
[root@localhost ~]#
Dusan Bajic
  • 10,249
  • 3
  • 33
  • 43
  • hmm, so the issue may lie in the /etc/resolv.conf file? I have edited it previosuly that it only contains my local configured dns, maybe something there is wrong. Could you please take a look? I have added the other files i have edited above too. – Shinobu May 24 '16 at 22:15