[CLUE-Tech] named & Suse 9

Chris Schock black at clapthreetimes.com
Sun Mar 28 06:53:16 MST 2004 

I don't know what the extra lines are either, but you're missing one
teency part: a default gateway. :)

Add that and you'll be in business.

> I feel dumb for asking this here... but I can't figure it out.  I set up
> a Suse 9 box with dhcp - and then today I changed the IP to a static
> one.  I did so by modifying the file /etc/sysconfig/network/ifcfg-eth0,
> and I changed it to:
>
> BOOTPROTO='static'
> MTU=''
> REMOTE_IPADDR=''
> STARTMODE='onboot'
> UNIQUE='qnJ_.Er3ucFQoZE2'
> DEVICE='eth0'
> BROADCAST='64.242.89.255'
> IPADDR='64.242.89.11'
> NETMASK='255.255.255.0'
> NETWORK='64.242.89.0'
>
> Using Red Hat, I have never seen the network files configured this
> way... I added all the lines from device on down, matching what I had
> used in Red Hat.  I don't know what the lines:
>
> MTU=''
> REMOTE_IPADDR=''
> UNIQUE='qnJ_.Er3ucFQoZE2'
>
> should contain.  I left them alone as a result.  I can ssh into this box
> under that IP now, but running named on it fails.  Here are my logs:
>
> Mar 27 23:31:56 linux named[2102]: starting BIND 9.2.2 -t /var/lib/named
> -u named
> Mar 27 23:31:56 linux named[2102]: using 1 CPU
> Mar 27 23:31:56 linux named[2104]: loading configuration from
> '/etc/named.conf'
> Mar 27 23:31:56 linux named[2104]: listening on IPv6 interfaces, port 53
> Mar 27 23:31:56 linux named[2104]: listening on IPv4 interface lo,
> 127.0.0.1#53
> Mar 27 23:31:56 linux named[2104]: listening on IPv4 interface eth0,
> 64.242.89.11#53
> Mar 27 23:31:56 linux named[2104]: command channel listening on
> 127.0.0.1#953
> Mar 27 23:31:56 linux named[2104]: command channel listening on ::1#953
> Mar 27 23:31:56 linux named[2104]: zone 0.0.127.in-addr.arpa/IN: loaded
> serial 2000122104
> Mar 27 23:31:56 linux named[2104]: zone 89.242.64.in-addr.arpa/IN:
> loaded serial 2001021482
> Mar 27 23:31:58 linux named[2104]: client 193.231.236.25#11505: error
> sending response: network unreachable
> Mar 27 23:31:58 linux named[2104]: client 193.231.236.17#53: error
> sending response: network unreachable
>
> Obviously, the part that concerns me is "network unreachable". This has
> to be a config issue with named, because when I run nmap:
>
> Starting nmap 3.45 ( http://www.insecure.org/nmap/ ) at 2004-03-28 00:44
> MST
> Host kenny.globaltaxnetwork.com (64.242.89.11) appears to be up ... good.
> Initiating SYN Stealth Scan against kenny.globaltaxnetwork.com
> (64.242.89.11) at 00:44
> Adding open port 22/tcp
> Adding open port 111/tcp
> Adding open port 631/tcp
> Adding open port 53/tcp
> The SYN Stealth Scan took 0 seconds to scan 1657 ports.
> For OSScan assuming that port 22 is open and port 1 is closed and
> neither are firewalled
> For OSScan assuming that port 22 is open and port 1 is closed and
> neither are firewalled
> For OSScan assuming that port 22 is open and port 1 is closed and
> neither are firewalled
> Interesting ports on kenny.globaltaxnetwork.com (64.242.89.11):
> (The 1653 ports scanned but not shown below are in state: closed)
> PORT    STATE SERVICE
> 22/tcp  open  ssh
> 53/tcp  open  domain
> 111/tcp open  rpcbind
> 631/tcp open  ipp
>
> I'm wondering if Suse has a firewall running by default? I don't see
> iptables or ipchains in /etc/init.d, but I see some Suse firewall
> stuff... which I stopped all of it.  Also, in /etc/init.d/rc3.d I don't
> see any firewall stuff starting by default.  So, since I'm assuming it's
> a named config issue, here is my named.conf file:
>
> ###########################################################################
> options {
>
>         # The directory statement defines the name server's working
> directory
>
> #       directory "/usr/local/named";
>
>         # Write dump and statistics file to the log subdirectory.  The
>         # pathenames are relative to the chroot jail.
>
>         dump-file "/var/log/named_dump.db";
>         statistics-file "/var/log/named.stats";
>
>         # The listen-on record contains a list of local network
> interfaces to
>         # listen on.  Optionally the port can be specified.  Default is to
>         # listen on all interfaces found on your system.  The default
> port is
>         # 53.
>
>         #listen-on port 53 { 127.0.0.1; };
>
>         # The listen-on-v6 record enables or disables listening on IPv6
>         # interfaces.  Allowed values are 'any' and 'none' or a list of
>         # addresses.
>
>         listen-on-v6 { none; };
>
>         # The next three statements may be needed if a firewall stands
> between
>         # the local server and the internet.
>
>         #query-source address * port 53;
>         #transfer-source * port 53;
>         #notify-source * port 53;
>
>         # The allow-query record contains a list of networks or IP
> addresses
>         # to accept and deny queries from. The default is to allow queries
>         # from all hosts.
>
>         #allow-query { 127.0.0.1; };
>
>         # If notify is set to yes (default), notify messages are sent to
> other
>         # name servers when the the zone data is changed.  Instead of
> setting
>         # a global 'notify' statement in the 'options' section, a separate
>         # 'notify' can be added to each zone definition.
>
>         notify yes;
> };
>
> # The following zone definitions don't need any modification.  The first
> one
> # is the definition of the root name servers.  The second one defines
> # localhost while the third defines the reverse lookup for localhost.
>
>
> #zone "0.0.127.in-addr.arpa" in {
> #       type master;
> #       file "127.0.0";
> #};
>
> zone "." {
>         type hint;
>         file "db.cache";
>
> zone "89.242.64.in-addr.arpa"{
>         type master;
>         file "db.89.242.64";
>         allow-transfer {
>                 64.242.89.11;
>                 64.242.89.12;
>         };
> };
> ###############################################################
>
> I can't find any answers on groups.google.com - so I'm at a loss here.
> I can't find the normal /etc/resolv.conf that I'm used to in Red Hat.
> I'm also confused because to find resolv.conf, I would normally type:
>
> locate resolv.conf
>
> But, I get this when trying:
>
> kenny:/home/staver # locate resolv.conf
> bash: locate: command not found
>
>
>
>
> _______________________________________________
> CLUE-Tech mailing list
> Post messages to: CLUE-Tech at clue.denver.co.us
> Unsubscribe or manage your options:
> http://clue.denver.co.us/mailman/listinfo/clue-tech
>

More information about the clue-tech mailing list