ご注意下さい
この記事は3年以上前に書かれた記事ですので、内容が古い可能性があります。
bindをbind-9.9.4-29.el7_2.4.x86_64からbind-9.9.4-38.el7_3.x86_64にバージョンアップしたら急に起動しなくなってしまいました。
syslogには以下のような
12月 25 02:58:26 localhost systemd[1]: Unit named-chroot.service entered failed state.
12月 25 02:58:26 localhost systemd[1]: named-chroot.service failed.
そこで、configを見直してみます。
● named-chroot.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named-chroot.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since 日 2016-12-25 03:22:16 JST; 6s ago
Process: 11505 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -t /var/named/chroot -z /etc/named.conf; else echo "Checking of zone files is disabled"; fi (code=exited, status=1/FAILURE)
12月 25 03:22:17 localhost bash[11505]: zone cannon-ball.net/IN: loaded serial 20160619
12月 25 03:22:17 localhost bash[11505]: zone k184224.ppp.asahi-net.or.jp/IN: loaded serial 20100228
12月 25 03:22:17 localhost bash[11505]: zone localhost/IN: loaded serial 20060309
12月 25 03:22:17 localhost bash[11505]: zone 10.168.192.in-addr.arpa/IN: loaded serial 20100228
12月 25 03:22:17 localhost bash[11505]: zone 184.45.218.in-addr.arpa/IN: loaded serial 20100228
12月 25 03:22:17 localhost bash[11505]: zone 0.0.127.in-addr.arpa/IN: loaded serial 20100228
12月 25 03:22:16 localhost systemd[1]: Unit named-chroot.service entered failed state.
12月 25 03:22:16 localhost systemd[1]: named-chroot.service failed.
# /usr/sbin/named-checkconf -t /var/named/chroot -z /etc/named.conf
zone localhost.localdomain/IN: loading from master file named.localhost failed: file not found
zone localhost.localdomain/IN: not loaded due to errors.
internal/localhost.localdomain/IN: file not found
zone localhost/IN: loading from master file named.localhost failed: file not found
zone localhost/IN: not loaded due to errors.
internal/localhost/IN: file not found
zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loading from master file named.loopback failed: file not found
zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: not loaded due to errors.
internal/1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: file not found
zone 1.0.0.127.in-addr.arpa/IN: loading from master file named.loopback failed: file not found
zone 1.0.0.127.in-addr.arpa/IN: not loaded due to errors.
internal/1.0.0.127.in-addr.arpa/IN: file not found
zone 0.in-addr.arpa/IN: loading from master file named.empty failed: file not found
zone 0.in-addr.arpa/IN: not loaded due to errors.
internal/0.in-addr.arpa/IN: file not found
zone kamata-net.com/IN: loaded serial 20160619
zone kamata-net.jp/IN: loaded serial 20160619
zone cannon-ball.net/IN: loaded serial 20160619
zone k184224.ppp.asahi-net.or.jp/IN: loaded serial 20100228
zone localhost/IN: loaded serial 20060309
zone 10.168.192.in-addr.arpa/IN: loaded serial 20100228
zone 184.45.218.in-addr.arpa/IN: loaded serial 20100228
zone 0.0.127.in-addr.arpa/IN: loaded serial 20100228
1.0.0......ip6.arpa/INってなんだ?ってことで、/var/named/chroot/etc/named.confを見直してみると、
options {
#listen-on port 53 { 127.0.0.1; };
#listen-on-v6 port 53 { ::1; };
version "unknown";
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; my-network; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
managed-keys-directory "/var/named/dynamic";
empty-zones-enable no;
use-v6-udp-ports {};
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
forwarders{
192.168.10.10;
};
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
/*channel default_debug {
file "data/named.run";
severity dynamic;*/
channel "default_syslog" {
syslog daemon;
severity info;
};
category lame-servers { null; };
};
view "internal" {
match-clients { my-network; };
match-destinations { my-network; };
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
};
view "external" {
match-clients { any; };
match-destinations { any; };
recursion no;
zone "kamata-net.com" in {
…
named.rfc1912.zonesってなんだっけ?
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
// and http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt
// (c)2007 R W Franks
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
zone "localhost.localdomain" IN {
type master;
file "named.localhost";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "named.localhost";
allow-update { none; };
};
zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};
zone "1.0.0.127.in-addr.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};
[/plain]
zone "0.in-addr.arpa" IN {
type master;
file "named.empty";
allow-update { none; };
};
ビンゴですね。このファイルを読み込んでいたことが悪さの原因でしたので、inlucdeしないように当該行をコメントアウトしたところ無事に起動するようになりました。
