/etc/named.conf error with command systemctl status named.service
0
votes
0
answers
1094
views
I am using Rocky Linux 8.7 on 64-bit
I am configuring and trying to start a BIND domain as follows:
[root@dbwr1 ~]# ls -l /var/named/localdomain.zone
-rw-r-----. 1 root named 506 May 14 19:29 /var/named/localdomain.zone
[root@dbwr1 ~]# cat /var/named/localdomain.zone
$TTL 86400
@ IN SOA dbwr1.localdomain.com. root.localdomain.com. (
2014051001 ; serial
3600 ; refresh
1800 ; retry
604800 ; expire
86400 ; minimum
)
;Name Server Information
@ IN NS dbwr1.localdomain.
;IP address of Name Server
localhost IN A 127.0.0.1
dbwr1 IN A 192.168.24.1
dbwr2 IN A 192.168.24.2
dbwr1-priv IN A 192.168.10.1
dbwr2-priv IN A 192.168.10.1
dbwr1-vip IN A 192.168.24.31
dbwr2-vip IN A 192.168.24.32
dbwr-scan IN A 192.168.24.41
dbwr-scan IN A 192.168.24.42
dbwr-scan IN A 192.168.24.43
-----------------------------------------------
[root@dbwr1 ~]# ls -l /var/named/24.168.192.in-addr.arpa
-rw-r-----. 1 root named 440 May 14 19:27 /var/named/24.168.192.in-addr.arpa
[root@dbwr1 ~]# cat /var/named/24.168.192.in-addr.arpa
$TTL 86400
@ IN SOA dbwr1.localdomain.com. root.localdomain.com. (
2
3H
1H
1W
1H )
;Name Server Information
@ IN NS dbwr1.localdomain.com.
@ IN PTR localdomain.com.
;Reverse lookup for Name Server
dbwr1 IN A 192.168.24.1
dbwr-scan IN A 192.168.24.41
dbwr-scan IN A 192.168.24.42
dbwr-scan IN A 192.168.24.43
1 IN PTR dbwr1.localdomain.com.
41 IN PTR dbwr-scan.localdomain.
42 IN PTR dbwr-scan.localdomain.
43 IN PTR dbwr-scan.localdomain.
-----------------------------------------------
[root@dbwr1 ~]# ls -l /etc/named.conf
-rwxrwxr-x. 1 root root 2018 May 14 19:31 /etc/named.conf
[root@dbwr1 ~]# cat /etc/named.conf
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// See the BIND Administrator’s Reference Manual (ARM) for details about the
// configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html
options {
listen-on port 53 { 127.0.0.1; 192.168.24.1; };
listen-on-v6 port 53 { ::1; };
directory “/var/named”;
dump-file “/var/named/data/cache_dump.db”;
statistics-file “/var/named/data/named_stats.txt”;
memstatistics-file “/var/named/data/named_mem_stats.txt”;
recursing-file “/var/named/data/named.recursing”;
secroots-file “/var/named/data/named.secroots”;
allow-query { localhost; 192.168.24.0/24; };
/*
– If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
– If you are building a RECURSIVE (caching) DNS server, you need to enable
recursion.
– If your recursive DNS server has a public IP address, you MUST enable access
control to limit queries to your legitimate users. Failing to do so will
cause your server to become part of large scale DNS amplification
attacks. Implementing BCP38 within your network would greatly
reduce such attack surface
*/
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
/* Path to ISC DLV key */
bindkeys-file “/etc/named.root.key”;
managed-keys-directory “/var/named/dynamic”;
pid-file “/run/named/named.pid”;
session-keyfile “/run/named/session.key”;
};
logging {
channel default_debug {
file “data/named.run”;
severity dynamic;
};
};
zone “.” IN {
type hint;
file “named.ca”;
};
zone “localdomain.com” IN {
type master;
file “localdomain.zone”;
allow-update { none; };
};
zone “24.168.192.in-addr.arpa.” IN {
type master;
file “24.168.192.in-addr.arpa”;
allow-update { none; };
};
include “/etc/named.rfc1912.zones”;
include “/etc/named.root.key”;
-----------------------------------------------
And I get this output when running
[root@dbwr1 ~]# systemctl status named.service
● named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since Mon 2023-05-15 18:30:13 MDT; 14s ago
Process: 6749 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exi>
May 15 18:30:13 dbwr1.localdomain systemd: Starting Berkeley Internet Name Domain (DNS)...
May 15 18:30:13 dbwr1.localdomain bash: /etc/named.conf:14: expected quoted string near '“'
May 15 18:30:13 dbwr1.localdomain systemd: named.service: Control process exited, code=exited status=1
May 15 18:30:13 dbwr1.localdomain systemd: named.service: Failed with result 'exit-code'.
May 15 18:30:13 dbwr1.localdomain systemd: Failed to start Berkeley Internet Name Domain (DNS).
-----------------------------------------------
Can anyone help me to debug this? I appreciate any help
I am configuring and trying to start a BIND domain as follows:
[root@dbwr1 ~]# ls -l /var/named/localdomain.zone
-rw-r-----. 1 root named 506 May 14 19:29 /var/named/localdomain.zone
[root@dbwr1 ~]# cat /var/named/localdomain.zone
$TTL 86400
@ IN SOA dbwr1.localdomain.com. root.localdomain.com. (
2014051001 ; serial
3600 ; refresh
1800 ; retry
604800 ; expire
86400 ; minimum
)
;Name Server Information
@ IN NS dbwr1.localdomain.
;IP address of Name Server
localhost IN A 127.0.0.1
dbwr1 IN A 192.168.24.1
dbwr2 IN A 192.168.24.2
dbwr1-priv IN A 192.168.10.1
dbwr2-priv IN A 192.168.10.1
dbwr1-vip IN A 192.168.24.31
dbwr2-vip IN A 192.168.24.32
dbwr-scan IN A 192.168.24.41
dbwr-scan IN A 192.168.24.42
dbwr-scan IN A 192.168.24.43
-----------------------------------------------
[root@dbwr1 ~]# ls -l /var/named/24.168.192.in-addr.arpa
-rw-r-----. 1 root named 440 May 14 19:27 /var/named/24.168.192.in-addr.arpa
[root@dbwr1 ~]# cat /var/named/24.168.192.in-addr.arpa
$TTL 86400
@ IN SOA dbwr1.localdomain.com. root.localdomain.com. (
2
3H
1H
1W
1H )
;Name Server Information
@ IN NS dbwr1.localdomain.com.
@ IN PTR localdomain.com.
;Reverse lookup for Name Server
dbwr1 IN A 192.168.24.1
dbwr-scan IN A 192.168.24.41
dbwr-scan IN A 192.168.24.42
dbwr-scan IN A 192.168.24.43
1 IN PTR dbwr1.localdomain.com.
41 IN PTR dbwr-scan.localdomain.
42 IN PTR dbwr-scan.localdomain.
43 IN PTR dbwr-scan.localdomain.
-----------------------------------------------
[root@dbwr1 ~]# ls -l /etc/named.conf
-rwxrwxr-x. 1 root root 2018 May 14 19:31 /etc/named.conf
[root@dbwr1 ~]# cat /etc/named.conf
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// See the BIND Administrator’s Reference Manual (ARM) for details about the
// configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html
options {
listen-on port 53 { 127.0.0.1; 192.168.24.1; };
listen-on-v6 port 53 { ::1; };
directory “/var/named”;
dump-file “/var/named/data/cache_dump.db”;
statistics-file “/var/named/data/named_stats.txt”;
memstatistics-file “/var/named/data/named_mem_stats.txt”;
recursing-file “/var/named/data/named.recursing”;
secroots-file “/var/named/data/named.secroots”;
allow-query { localhost; 192.168.24.0/24; };
/*
– If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
– If you are building a RECURSIVE (caching) DNS server, you need to enable
recursion.
– If your recursive DNS server has a public IP address, you MUST enable access
control to limit queries to your legitimate users. Failing to do so will
cause your server to become part of large scale DNS amplification
attacks. Implementing BCP38 within your network would greatly
reduce such attack surface
*/
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
/* Path to ISC DLV key */
bindkeys-file “/etc/named.root.key”;
managed-keys-directory “/var/named/dynamic”;
pid-file “/run/named/named.pid”;
session-keyfile “/run/named/session.key”;
};
logging {
channel default_debug {
file “data/named.run”;
severity dynamic;
};
};
zone “.” IN {
type hint;
file “named.ca”;
};
zone “localdomain.com” IN {
type master;
file “localdomain.zone”;
allow-update { none; };
};
zone “24.168.192.in-addr.arpa.” IN {
type master;
file “24.168.192.in-addr.arpa”;
allow-update { none; };
};
include “/etc/named.rfc1912.zones”;
include “/etc/named.root.key”;
-----------------------------------------------
And I get this output when running
[root@dbwr1 ~]# systemctl status named.service
● named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since Mon 2023-05-15 18:30:13 MDT; 14s ago
Process: 6749 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exi>
May 15 18:30:13 dbwr1.localdomain systemd: Starting Berkeley Internet Name Domain (DNS)...
May 15 18:30:13 dbwr1.localdomain bash: /etc/named.conf:14: expected quoted string near '“'
May 15 18:30:13 dbwr1.localdomain systemd: named.service: Control process exited, code=exited status=1
May 15 18:30:13 dbwr1.localdomain systemd: named.service: Failed with result 'exit-code'.
May 15 18:30:13 dbwr1.localdomain systemd: Failed to start Berkeley Internet Name Domain (DNS).
-----------------------------------------------
Can anyone help me to debug this? I appreciate any help
Asked by Rich007
(1 rep)
May 16, 2023, 01:21 AM