ispconfig problema con bind9

[tecasoft]

Código (bash) [Seleccionar] Expandir


root@tecasoft:/etc/bind# cat named.conf
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local

include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";



Código (bash) [Seleccionar] Expandir


root@tecasoft:/etc/bind# cat named.conf.default-zones
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};

// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912

zone "localhost" {
type master;
file "/etc/bind/db.local";
};

zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};

zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};

zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};



Código (bash) [Seleccionar] Expandir


root@tecasoft:/etc/bind# cat named.conf.options
options {
directory "/var/cache/bind";

// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk.  See http://www.kb.cert.org/vuls/id/800113

// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.  
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.

// forwarders {
// 0.0.0.0;
// };

//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys.  See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation auto;

auth-nxdomain no;    # conform to RFC1035
listen-on-v6 { any; };
};



Código (bash) [Seleccionar] Expandir


root@tecasoft:/etc/bind# cat zones.rfc1918
zone "10.in-addr.arpa"      { type master; file "/etc/bind/db.empty"; };

zone "16.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "17.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "18.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "19.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "20.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "21.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "22.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "23.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "24.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "25.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "26.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "27.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "28.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "29.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "30.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "31.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };

zone "168.192.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };



Código (bash) [Seleccionar] Expandir


root@tecasoft:/etc/bind# cat db.empty
; BIND reverse data file for empty rfc1918 zone
;
; DO NOT EDIT THIS FILE - it is used for multiple zones.
; Instead, copy it, edit named.conf, and use that copy.
;
$TTL 86400
@ IN SOA localhost. root.localhost. (
      1 ; Serial
604800 ; Refresh
  86400 ; Retry
2419200 ; Expire
  86400 ) ; Negative Cache TTL
;
@ IN NS localhost.



[MinusFour]

No esta la zona en cuestión dentro del named.conf. ¿Será algo del ispconfig? Creo que el script no tiene permisos para escribir sobre el archivo, por eso no pudo agregar la zona. Aunque... creo que la carpeta de /etc/bind es igual de restrictiva.

[tecasoft]

que me recomiendas que haga?

[MinusFour]

que me recomiendas que haga?

Pues puedes intentar ponerle permisos de escrituras a others pero siento que no es una buena idea. Podrías también agregar la zona manualmente. La syntax es parecida a las demás. La zona se debe llamar tecasoft.local y reinicia el server.

[tecasoft]

resuelve tecasoft.local cambiando permisos a la carpeta /etc/bind pero no resuelve www.tecasoft.local

[MinusFour]

resuelve tecasoft.local cambiando permisos a la carpeta /etc/bind pero no resuelve www.tecasoft.local

Es porque necesitas agregar un registro www.

[tecasoft]

me sigue dando problemas cuando le parece va y cuando no, no va, estoy hecho un lio