HPE Community
Operating System - HP-UX
1834761 Members
3363 Online
110070 Solutions
New Discussion

Re: Upgrade from Bind 4.9.7 to 9.2.0

 
John Pretti
Advisor

‎10-19-2004 01:21 AM

‎10-19-2004 01:21 AM

Upgrade from Bind 4.9.7 to 9.2.0

I have upgraded an HP-UX 11 box to BIND 9.2.0 that is to be configured as a local DNS cache. Upon completion of the upgrade, it fails to resolve nslookups when I add nameserver 127.0.0.1 to the resolv.conf. Upon further investigation I have noticed that the server is not listening for UDP requests on 127.0.0.1.53. Please see the following output:

tcp 0 0 127.0.0.1.53 *.* LISTEN
udp 0 0 127.0.0.1.53 *.*

The server does not have a local firewall and local network admin says the UDP traffic is coming through, but the server times out. Anyone ever seen this or have any ideas what may be causing it?

TIA,
John Pretti
0 Kudos
7 REPLIES 7
Steven E. Protter
Exalted Contributor

‎10-19-2004 01:47 AM

‎10-19-2004 01:47 AM

Re: Upgrade from Bind 4.9.7 to 9.2.0

Few things to check:

1) Is the named daemon running.
ps -ef | grep named. If not, start it.

/sbin/init.d/named start

2) Your 4.9.7 DNS database may not have mirgrated properly. You may be able to convert it, you may need to enter the records again in a new format. Here is a Linux doc that works very wellon HP-UX.

http://www.charvolant.org/~doug/network/html/node10.html

http://www.ibiblio.org/pub/Linux/docs/HOWTO/other-formats/html/DNS-HOWTO-html.tar.gz

Make sure no firewalls like ipfilter are running and blocking port 53. I can provide ipfilter configuration information if you wish.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
harry d brown jr
Honored Contributor

‎10-19-2004 01:56 AM

‎10-19-2004 01:56 AM

Re: Upgrade from Bind 4.9.7 to 9.2.0

Why do you have

nameserver 127.0.0.1

in /etc/resolv.conf?

Can you post the following files:

/etc/resolv.conf
/etc/nsswitch.conf
/etc/named.conf
and all config files in /etc/named.data

also, are you using rndc??

live free or die
harry d brown jr
Live Free or Die
0 Kudos
John Pretti
Advisor

‎10-19-2004 01:58 AM

‎10-19-2004 01:58 AM

Re: Upgrade from Bind 4.9.7 to 9.2.0

Thank you for the information. As indicated above I do not have ipfilter running or any type of host-based fw. Named appears to be running properly, no errors in the logs and ps-ef reports the following:

root 19096 12025 0 08:51:00 pts/1 0:00 grep named
root 28579 1 0 16:14:33 ? 0:00 /usr/sbin/named

One other thing I should have indicated previously that no zone files were migrated. I generated all new files by hand. Here are the files:

#### named.conf
// BIND configuration file

options {
directory "/var/named";
pid-file "/var/named/named.pid";
listen-on { 127.0.0.1; };
};

# Use with the following in named.conf, adjusting the allow list as needed:
key "rndc-key" {
algorithm hmac-md5;
secret "7PKq0am2emDonElnpUKP3g==";
};

controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
};

zone "." in {
type hint;
file "named.ca";
};

zone "0.0.127.in-addr.arpa" in {
type master;
file "named.local";
};

logging {
channel general_named {
file "/var/named/log/named.log" versions 5 size 5M;
severity dynamic;
print-category yes;
print-severity yes;
print-time yes;
};

category general { general_named; };
category default { general_named; };
};


#### localhost.zone

$TTL 86400
$ORIGIN localhost.
@ 1D IN SOA @ root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum

1D IN NS @
1D IN A 127.0.0.1

#### named.local
$TTL 86400
@ IN SOA localhost. root.localhost. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.

1 IN PTR localhost.

Is it required to remove BIND all together before you do an upgrade?

TIA,
John Pretti
0 Kudos
John Pretti
Advisor

‎10-19-2004 02:03 AM

‎10-19-2004 02:03 AM

Re: Upgrade from Bind 4.9.7 to 9.2.0

Please ntoe this is a DNS cache. Here are more of the requested files:

##### resolv.conf
search mydomain.com
nameserver 127.0.0.1

#### nsswitch.conf
#
# /etc/nsswitch.hp_defaults:
#
# An example file that could be copied over to /etc/nsswitch.conf; it
# uses NIS (YP) in conjunction with files.
#

passwd: files
group: files
hosts: files [NOTFOUND=continue] dns
networks: files
protocols: files
rpc: files
publickey: files
netgroup: files
automount: files
aliases: files
services: files

Thanks,
John Pretti
0 Kudos
harry d brown jr
Honored Contributor

‎10-19-2004 02:23 AM

‎10-19-2004 02:23 AM

Re: Upgrade from Bind 4.9.7 to 9.2.0

John,

(REMEMBER TO BACKUP ANYFILE BEFORE YOU MODIFY THEM)


Modify /etc/named.data with the following items (get rid of the listen-to option):

options {

directory "/etc/named.data";
dump-file "/etc/named.data/named_dump.db";
statistics-file "/etc/named.data/named.stats";
zone-statistics yes;

recursion yes;

version "4.1"; # they them some lies!
pid-file "/var/run/named.pid";

forwarders {

10.2.180.9; # put your DNS IP address here
10.2.190.5; # put a backup (secondary DNS) IP here

};

forward only;
};

-----------------------------------
ADD the following to /etc/named.data:

zone "localhost.YOURDOMAINNAME" {
type master;
file "localhost.YOURDOMAINNAME.zone";
};

-----------------------------------
CREATE a new ZONE_file called localhost.YOURDOMAINNAME.zone (see change in /etc/named.data above):

$TTL 99999999
; @(#)B.11.11_LR
@ IN SOA localhost.YOURDOMAINNAME.com. root.localhost.YOURDOMAINNAME.com. (
2003010101 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.YOURDOMAINNAME.com.
localhost.YOURDOMAINNAME.com. IN A 127.0.0.1

-----------------------------------
REPLACE your localhost.zone with:

$TTL 99999999
; @(#)B.11.11_LR
@ IN SOA localhost. root.localhost. (
2003010101 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.

localhost IN A 127.0.0.1

-----------------------------------
Modify /etc/resolv.conf to reflect:


domain YOURDOMAINAME.com
options ndots:2


Get RID of any other options!

-----------------------------------

and MOST IMPORTANTLY, your /etc/nsswitch.conf file MUST look like this for HOSTS:

hosts: dns[NOTFOUND=continue UNAVAIL=continue FOUND=return] files[NOTFOUND=continue UNAVAIL=continue FOUND=return] files



I have over 300 HPux servers running DNS Caching and it is FAST (at least 20 times faster than /etc/files).


live free or die
harry d brown jr
Live Free or Die
0 Kudos
harry d brown jr
Honored Contributor

‎10-19-2004 02:39 AM

‎10-19-2004 02:39 AM

Re: Upgrade from Bind 4.9.7 to 9.2.0

Also, your named.ca file should contain ONLY references to YOUR DNS servers:

;
; FILL IN THE NAMES AND ADDRESSES OF THE ROOT SERVERS
;
; . 99999999 IN NS root.server.
; root.server. 99999999 IN A ??.??.??.??
;
. 99999999 IN NS dnssvr1.
dnssvr1. 99999999 IN A 10.2.168.9
. 99999999 IN NS dnssvr2.
dnssvr2. 99999999 IN A 10.2.160.5
. 99999999 IN NS dnssvr3.
dnssvr3. 99999999 IN A 10.3.160.5
. 99999999 IN NS dnssvr4.
dnssvr4. 99999999 IN A 10.4.86.5
. 99999999 IN NS dnssvr5.
dnssvr5. 99999999 IN A 10.5.18.5
. 99999999 IN NS dnssvr6.
dnssvr6. 99999999 IN A 140.109.222.201
#

--------------------------------------------
Also, if you want to add things like loghost or loopback, you simply add them to /etc/named.conf and add the new zone files to /etc/named.data:

/etc/named.conf (for loghost and/or loopback):

zone "loghost.YOURDOMAINNAME.com" {
type master;
file "db.loghost.YOURDOMAINNAME.com";
};

zone "loopback.YOURDOMAINNAME.com" {
type master;
file "db.loopback.YOURDOMAINNAME.com";
};

--------------------------------------------
then add the two new files to /etc/named.data:

db.loghost.YOURDOMAINNAME.com:

$TTL 99999999
; @(#)B.11.11_LR
@ IN SOA loghost.YOURDOMAINNAME.com. root.loghost.YOURDOMAINNAME.com. (
2003010101 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS loghost.YOURDOMAINNAME.com.
loghost.YOURDOMAINNAME.com. IN A 127.0.0.1

--------------------------------------------
db.loopback.YOURDOMAINNAME.com:

$TTL 99999999
; @(#)B.11.11_LR
@ IN SOA loopback.YOURDOMAINNAME.com. root.loopback.YOURDOMAINNAME.com. (
2003010101 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS loopback.YOURDOMAINNAME.com.
loopback.YOURDOMAINNAME.com. IN A 127.0.0.1



--------------------------------------------


live free or die
harry d brown jr
Live Free or Die
0 Kudos
John Pretti
Advisor

‎10-19-2004 03:44 AM

‎10-19-2004 03:44 AM

Re: Upgrade from Bind 4.9.7 to 9.2.0

Thank you Harry. It works like a champ. I guesss I have a lot of brushing up to do on my DNS.

Thank you again,
John Pretti
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.