named fails to start on a CentOS7.5 VPS

mathgeek

New member
Joined
Feb 4, 2020
Messages
6
I have a CentOS 7.5 VPS that's running DirectAdmin. When I try to start named by issuing `systemctl start named` it says:

Job for named.service failed because the control process exited with error code. See "systemctl status named.service" and "journalctl -xe" for details.

This is what systemctl status named.service says:

● named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/etc/systemd/system/named.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Wed 2020-02-05 07:22:06 +0100; 29s ago
Process: 12793 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=1/FAILURE)

And this is the response that `whereis named` gives:
named: /usr/sbin/named /etc/named.conf /etc/named /usr/share/man/man8/named.8.gz

And this is output of `where is bind`:
bind: /usr/lib64/bind /usr/share/man/man1/bind.1.gz

Meanwhile, my /etc/init.d/ directory has no file called named in it. It has only one executable file which is called functions. Any help is appreciated.
 

mathgeek

New member
Joined
Feb 4, 2020
Messages
6
Hello,

What do you see?

Code:
grep named /var/log/messages
Hi
Thanks for your help. It showed thousands of line, so I decided to copy only the last lines which have been created at the same time and have been repeated several times in /var/log/messages:

Code:
Feb  5 12:46:06 server bash: zone server.[domain].[tld]/IN: loading from master file /var/named/server.[domain].[tld].db failed: file not found
Feb  5 12:46:06 server systemd: named.service: control process exited, code=exited status=1
Feb  5 12:46:06 server systemd: Unit named.service entered failed state.
Feb  5 12:46:06 server systemd: named.service failed.
I have replaced my domain address to remove identifying information. Other than that, the file is exactly as it is.

One more thing that might be helpful is that server.[domain].[tld] is also my hostname in DirectAdmin. When I log in using the admin user, it is the only domain in the DNS Administration page that says it has no local data.
 

mathgeek

New member
Joined
Feb 4, 2020
Messages
6
I removed server.[domain].[tld] which seemed to be causing the problem as a separate domain in the DNS Administration page in DirectAdmin and now bind is working. Although, `service named status` gives:

Code:
Feb 05 15:57:53 server.[domain].[tld] named[15821]: network unreachable resolving './DNSKEY/IN': 2001:dc3::35#53

Feb 05 15:57:53 server.[domain].[tld] named[15821]: network unreachable resolving './NS/IN': 2001:dc3::35#53

Feb 05 15:57:53 server.[domain].[tld] named[15821]: network unreachable resolving './DNSKEY/IN': 2001:503:ba3e...0#53

Feb 05 15:57:53 server.[domain].[tld] named[15821]: network unreachable resolving './NS/IN': 2001:503:ba3e::2:30#53

Feb 05 15:57:53 server.[domain].[tld] named[15821]: network unreachable resolving './DNSKEY/IN': 2001:500:200::b#53

Feb 05 15:57:53 server.[domain].[tld] named[15821]: network unreachable resolving './NS/IN': 2001:500:200::b#53

Feb 05 15:57:53 server.[domain].[tld] named[15821]: network unreachable resolving './DNSKEY/IN': 2001:503:c27:...0#53

Feb 05 15:57:53 server.[domain].[tld] named[15821]: network unreachable resolving './NS/IN': 2001:503:c27::2:30#53

Feb 05 15:57:53 server.[domain].[tld] named[15821]: managed-keys-zone: Key 20326 for zone . acceptance timer c...sted

Feb 05 15:57:53 server.[domain].[tld] named[15821]: resolver priming query complete
Is this normal?
 

mathgeek

New member
Joined
Feb 4, 2020
Messages
6
For future reference, it turns out that was an IPv6 issue. I added
Code:
OPTIONS="-4"
to /etc/sysconfig/named and now everything seems to be working as expected.
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
14,243
Location
GMT +7.00
You might re-create server.[domain].[tld] in directadmin DNS manager. It does no harm if it exists, but if it's missing you might have various issues.
 

mathgeek

New member
Joined
Feb 4, 2020
Messages
6
You might re-create server.[domain].[tld] in directadmin DNS manager. It does no harm if it exists, but if it's missing you might have various issues.
Thanks.

Does it suffice to add an A record with "server" as Name and the IP address of my server as Value inside [domain].[tld]?
 

jordivn

Verified User
Joined
Nov 4, 2016
Messages
52
For future reference, it turns out that was an IPv6 issue. I added
Code:
OPTIONS="-4"
to /etc/sysconfig/named and now everything seems to be working as expected.
Why not config your ipv6 to also work with named?
 

mathgeek

New member
Joined
Feb 4, 2020
Messages
6
Why not config your ipv6 to also work with named?
I don't know how to do that. But isn't IPv6 still an experimental thing?
I don't know even my own server's IPv6 and I haven't bothered to find out what it is. Should I start using IPv6 or is it still too early for that?
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
14,243
Location
GMT +7.00
Does it suffice to add an A record with "server" as Name and the IP address of my server as Value inside [domain].[tld]?
Yes


I don't know even my own server's IPv6 and I haven't bothered to find out what it is. Should I start using IPv6 or is it still too early for that?
That's fully up to you. There is no much sense to use IPv6 without IPv4 yet.
 

jordivn

Verified User
Joined
Nov 4, 2016
Messages
52
Ipv6 config in bind:
Code:
options{
 listen-on-v6 port 53 { any; };
}
You can check if your host has an ipv6 with ifconfig:
Code:
$ ifconfig

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 1xx.1xx.1xx.1xx  netmask 255.255.255.0  broadcast 1xx.1xx.1xx.2xx
        inet6 2axx:xx8:aac7:53:xxxx:xxxx:xxxx:xxxx  prefixlen 64  scopeid 0x0<global>
        ether 52:54:xx:xx:xx:xx  txqueuelen 1000  (Ethernet)
        RX packets 97800754  bytes 12464740882 (11.6 GiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 48551708  bytes 457623533957 (426.1 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
inet6 is your ipv6.

You still indeed need ipv4 to be reachable. But Ipv6 is comming. For example, gmail connects by ipv6 with exim if you publish an AAAA record.
When i check my named.log, i see some query comming on the ipv6. Most of them for AAAA records.

With the low cost of setting, i provide it.
 
Top