Pb bind

Support Debian
#1

Bonjour,
ci-joint une trace de syslog:

root@alpha30:/etc# /etc/init.d/bind9 restart [....] Stopping domain name service...: bind9waiting for pid 469 to die . ok [ ok ] Starting domain name service...: bind9. root@alpha30:/etc# tail -30 /var/log/syslog Jul 5 09:14:23 alpha30 named[2367]: error (unexpected RCODE REFUSED) resolving '128.in-addr.arpa/DNSKEY/IN': 217.70.177.40#53 Jul 5 09:14:23 alpha30 named[2367]: validating @0x7fa1a10a83d0: 128.in-addr.arpa DNSKEY: got insecure response; parent indicates it should be secure Jul 5 09:14:23 alpha30 named[2367]: error (insecurity proof failed) resolving '128.in-addr.arpa/DNSKEY/IN': 194.206.126.25#53 Jul 5 09:14:23 alpha30 named[2367]: error (unexpected RCODE REFUSED) resolving '168.192.131.178.in-addr.arpa/PTR/IN': 217.70.177.40#53 Jul 5 09:14:23 alpha30 named[2367]: error (unexpected RCODE REFUSED) resolving '178.in-addr.arpa/DS/IN': 217.70.177.40#53 Jul 5 09:14:23 alpha30 named[2367]: error (chase DS servers) resolving '178.in-addr.arpa/DS/IN': 194.206.126.25#53 Jul 5 09:14:23 alpha30 named[2367]: error (unexpected RCODE REFUSED) resolving 'in-addr.arpa/NS/IN': 217.70.177.40#53 Jul 5 09:14:23 alpha30 named[2367]: validating @0x7fa1900090f0: in-addr.arpa NS: got insecure response; parent indicates it should be secure Jul 5 09:14:23 alpha30 named[2367]: error (insecurity proof failed) resolving 'in-addr.arpa/NS/IN': 194.206.126.25#53 Jul 5 09:14:23 alpha30 named[2367]: error (unexpected RCODE REFUSED) resolving '131.178.in-addr.arpa/DS/IN': 217.70.177.40#53 Jul 5 09:14:23 alpha30 named[2367]: validating @0x7fa190008130: 178.in-addr.arpa SOA: got insecure response; parent indicates it should be secure Jul 5 09:14:23 alpha30 named[2367]: error (no valid RRSIG) resolving '131.178.in-addr.arpa/DS/IN': 194.206.126.25#53 Jul 5 09:14:23 alpha30 named[2367]: validating @0x7fa190014a80: 178.in-addr.arpa DNSKEY: got insecure response; parent indicates it should be secure Jul 5 09:14:23 alpha30 named[2367]: error (insecurity proof failed) resolving '178.in-addr.arpa/DNSKEY/IN': 194.206.126.25#53 Jul 5 09:14:23 alpha30 named[2367]: error (unexpected RCODE REFUSED) resolving '178.in-addr.arpa/DNSKEY/IN': 217.70.177.40#53 Jul 5 09:14:24 alpha30 named[2367]: validating @0x7fa1a10bf110: 178.in-addr.arpa SOA: got insecure response; parent indicates it should be secure Jul 5 09:14:24 alpha30 named[2367]: error (no valid RRSIG) resolving '192.131.178.in-addr.arpa/DS/IN': 194.206.126.25#53 Jul 5 09:14:24 alpha30 named[2367]: error (unexpected RCODE REFUSED) resolving '192.131.178.in-addr.arpa/DS/IN': 217.70.177.40#53 Jul 5 09:14:24 alpha30 named[2367]: validating @0x7fa190008130: 178.in-addr.arpa SOA: got insecure response; parent indicates it should be secure Jul 5 09:14:24 alpha30 named[2367]: error (no valid RRSIG) resolving '168.192.131.178.in-addr.arpa/DS/IN': 194.206.126.25#53 Jul 5 09:14:24 alpha30 named[2367]: error (unexpected RCODE REFUSED) resolving '168.192.131.178.in-addr.arpa/DS/IN': 217.70.177.40#53 Jul 5 09:14:24 alpha30 named[2367]: error (insecurity proof failed) resolving '168.192.131.178.in-addr.arpa/PTR/IN': 194.206.126.25#53 Jul 5 09:14:29 alpha30 named[2367]: validating @0x7fa1a10a83d0: 1.in-addr.arpa SOA: got insecure response; parent indicates it should be secure Jul 5 09:14:29 alpha30 named[2367]: validating @0x7fa190021b30: . NS: got insecure response; parent indicates it should be secure Jul 5 09:14:29 alpha30 named[2367]: error (insecurity proof failed) resolving './NS/IN': 194.206.126.25#53 Jul 5 09:14:29 alpha30 named[2367]: validating @0x7fa1900090f0: 1.in-addr.arpa SOA: got insecure response; parent indicates it should be secure Jul 5 09:14:29 alpha30 named[2367]: error (no valid RRSIG) resolving '1.1.in-addr.arpa/DS/IN': 194.206.126.25#53 Jul 5 09:14:29 alpha30 named[2367]: error (unexpected RCODE REFUSED) resolving '0.1.1.in-addr.arpa/DS/IN': 217.70.177.40#53 Jul 5 09:14:29 alpha30 named[2367]: error (unexpected RCODE REFUSED) resolving '0.0.1.1.in-addr.arpa/DS/IN': 217.70.177.40#53 Jul 5 09:14:30 alpha30 named[2367]: error (insecurity proof failed) resolving '0.0.1.1.in-addr.arpa/PTR/IN': 194.206.126.25#53 root@alpha30:/etc#

je m’en sors comment SVP?
A vous lire
A+
JB1

#2

Salut,

Au minimum en donnant un peu plus de détails…
Configuration de bind ? Fichier /etc/network/interfaces ?

#3

bha tu as des erreur voila comment tu t’en sort.

un peu plus d’explication sur ce que tu veut faire exactement serait pas mal non?

EDIT : doublé par @LOL :006

#4

les fichiers:

[code]root@alpha30:/etc# pg /etc/network/interfaces

This file describes the network interfaces available on your system

and how to activate them. For more information, see interfaces(5).

The loopback network interface

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static

address		192.168.1.30
netmask		255.255.255.0
broadcast	192.168.1.255
gateway		192.168.1.1

auto eth1
iface eth1 inet static

address		10.0.0.30
netmask		255.255.255.0
broadcast	10.0.0.255

brodcast 192.168.1.255

gateway 192.168.1.1

root@alpha30:/etc# cd bind
root@alpha30:/etc/bind# pg db.bohain.org
$TTL 86400
@ IN SOA alpha30.bohain.org. root.bohain.org. (

@ IN SOA pgdebian.mondomaine.com. root.mondomaine.com.

                    2012042602       ; serial, todays date + todays serial #
                    28800              ; refresh, seconds
                    7200              ; retry, seconds
                    604800              ; expire, seconds
                    86400 )            ; minimum, seconds

;

           NS      alpha30.bohain.org.        ;Nom du serveur

alpha30 A 192.168.1.30 ;Adresse IP du

@ 10800 IN A 193.250.69.233
@ 10800 IN MX 10 alpha30.dyndns.org.
www 10800 IN CNAME alpha30.dyndns.org.

mail 10800 IN CNAME alpha30.dyndns.org.

ftp 10800 IN CNAME alpha30.dyndns.org.

bohain.org. 86400 A IP_publique

bohain.org. 86400 MX 10 mail.bohain.org.

bohain.org. 86400 NS ns1.bohain.org.

bohain.org. 86400 NS ns2.bohain.org.

alpha30 86400 A IP_publique

mail 86400 A IP_publique

ns1 86400 A 193.250.97.63

ns2 86400 A IP_publique

www 86400 A IP_publique

root@alpha30:/etc/bind# pg DB*ORG
$TTL 1600
@ IN SOA alpha30.bohain.org. root.alpha30.bohain.org. (
2009012907 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
1600 ) ; Negative Cache TTL

chezmoi.ici. IN NS tebilepas.chezmoi.ici.

@bohain.org. IN NS alpha30.bohain.org.
alpha30.bohain. IN A 192.168.1.30
alpha30 IN A 192.168.1.30
alpha200 IN A 10.0.0.200

chezmoi.ici. IN A 192.168.1.254

tebilepas IN A 192.168.1.254

coucou IN A 192.168.1.1

pourquoi IN CNAME coucou

tespascheztoi IN CNAME forum.debian-fr.org.

root@alpha30:/etc/bind# pg db.127
;
; BIND reverse data file for local loopback interface
;
$TTL 604800
@ IN SOA localhost. root.localhost. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS localhost.
1.0.0 IN PTR localhost.
root@alpha30:/etc/bind#

[/code]

root@alpha30:/etc/bind# cd …
root@alpha30:/etc# pg resolv.conf
nameserver 127.0.0.1
domain orange.fr bohain.fr bohain.org
search orange.fr bohain.fr bohain.org

nameserver 80.10.246.2
nameserver 193.252.19.3
nameserver 194.206.126.24
nameserver 194.206.126.25
nameserver 217.70.177.40
nameserver 217.70.177.13

(EOF):

bonne lecture
A+
JB1

#5

Il en manque…

named.conf
named.conf.localn
named.conf.options