DNS / named Trouble since some days / weeks -> configuration error???
Happy new year :-) I set up a new server (DHCO+DNS+NFS) to replace my old one. During the setup with yast2 tools. After starting the services. named isn't working with following error messages: # systemctl status named.service ● named.service - Berkeley Internet Name Domain (DNS) Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since Fri 2021-01-08 11:39:15 CET; 11s ago Process: 18809 ExecStart=/usr/sbin/named.init start (code=exited, status=6) Jan 08 11:39:15 server systemd[1]: Starting Berkeley Internet Name Domain (DNS)... Jan 08 11:39:15 server named.init[18809]: Starting name server BIND Jan 08 11:39:15 server named.init[18862]: /etc/named.d/my.key:5: unknown algorithm 'rsasha512' Jan 08 11:39:15 server systemd[1]: named.service: Control process exited, code=exited, status=6/NOTCONFIGURED Jan 08 11:39:15 server systemd[1]: named.service: Failed with result 'exit-code'. Jan 08 11:39:15 server systemd[1]: Failed to start Berkeley Internet Name Domain (DNS). # journalctl _SYSTEMD_UNIT=named.service [...] Jan 08 11:39:15 server named.init[18809]: Starting name server BIND Jan 08 11:39:15 server named.init[18862]: /etc/named.d/my.key:5: unknown algorithm 'rsasha512' # systemctl status dhcpd.service ● dhcpd.service - ISC DHCPv4 Server Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; enabled; vendor preset: disabled) Active: active (running) since Fri 2021-01-08 11:38:56 CET; 10min ago Process: 18673 ExecStart=/usr/libexec/dhcp/dhcpd -4 start (code=exited, status=0/SUCCESS) Main PID: 18802 (dhcpd) Tasks: 1 (limit: 4915) CGroup: /system.slice/dhcpd.service └─18802 /usr/sbin/dhcpd -4 -cf /etc/dhcpd.conf -pf /run/dhcpd.pid -chroot /var/lib/dhcp -lf /db/dhcpd.leases -user dhcpd -group dhcpd enp5s0 Jan 08 11:38:56 server dhcpd[18801]: Multiple interfaces match the same subnet: enp3s0 enp5s0 Jan 08 11:38:56 server dhcpd[18801]: Multiple interfaces match the same shared network: enp3s0 enp5s0 Jan 08 11:38:56 server dhcpd[18801]: Multiple interfaces match the same subnet: enp3s0 enp6s0 Jan 08 11:38:56 server dhcpd[18801]: Multiple interfaces match the same shared network: enp3s0 enp6s0 Jan 08 11:38:56 server dhcpd[18801]: Listening on LPF/enp5s0/aa:bb:cc:dd:ee:ff/x.y.z.0/24 Jan 08 11:38:56 server dhcpd[18801]: Sending on LPF/enp5s0/aa:bb:cc:dd:ee:ff/x.y.z.0/24 Jan 08 11:38:56 server dhcpd[18801]: Sending on Socket/fallback/fallback-net Jan 08 11:38:56 server dhcpd[18802]: Server starting service. Jan 08 11:38:56 server dhcpd[18673]: Starting ISC DHCPv4 Server [chroot] Jan 08 11:38:56 server systemd[1]: Started ISC DHCPv4 Server. According "dnssec-keygen --help" , "rsasha512" is a valid algorithm. Anyway I change it to big letters (RSASHA512), still unchanged. # systemctl status named.service ● named.service - Berkeley Internet Name Domain (DNS) Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since Fri 2021-01-08 11:56:56 CET; 13s ago Process: 19544 ExecStart=/usr/sbin/named.init start (code=exited, status=6) Jan 08 11:56:56 server systemd[1]: Starting Berkeley Internet Name Domain (DNS)... Jan 08 11:56:56 server named.init[19544]: Starting name server BIND Jan 08 11:56:56 server named.init[19597]: /etc/named.d/my.key:5: unknown algorithm 'RSASHA512' Jan 08 11:56:56 server systemd[1]: named.service: Control process exited, code=exited, status=6/NOTCONFIGURED Jan 08 11:56:56 server systemd[1]: named.service: Failed with result 'exit-code'. Jan 08 11:56:56 server systemd[1]: Failed to start Berkeley Internet Name Domain (DNS). Any Idea? Remark: Some names and MAC addresses was changed, due to privacy reasons Ulf
Update Am Freitag, 8. Januar 2021, 12:09:30 CET schrieb Ulf:
According "dnssec-keygen --help" , "rsasha512" is a valid algorithm. Anyway I change it to big letters (RSASHA512), still unchanged.
# systemctl status named.service ● named.service - Berkeley Internet Name Domain (DNS) Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since Fri 2021-01-08 11:56:56 CET; 13s ago Process: 19544 ExecStart=/usr/sbin/named.init start (code=exited, status=6)
Jan 08 11:56:56 server systemd[1]: Starting Berkeley Internet Name Domain (DNS)... Jan 08 11:56:56 server named.init[19544]: Starting name server BIND Jan 08 11:56:56 server named.init[19597]: /etc/named.d/my.key:5: unknown algorithm 'RSASHA512' Jan 08 11:56:56 server systemd[1]: named.service: Control process exited, code=exited, status=6/NOTCONFIGURED Jan 08 11:56:56 server systemd[1]: named.service: Failed with result 'exit-code'. Jan 08 11:56:56 server systemd[1]: Failed to start Berkeley Internet Name Domain (DNS).
If I comment out in " /etc/named.conf.include" #include "/etc/named.d/my.key"; named.service start well # systemctl restart named.service # systemctl status named.service ● named.service - Berkeley Internet Name Domain (DNS) Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled) Active: active (running) since Sat 2021-01-09 20:52:03 CET; 6s ago Process: 4207 ExecStart=/usr/sbin/named.init start (code=exited, status=0/SUCCESS) Main PID: 4257 (named) Tasks: 14 (limit: 4915) CGroup: /system.slice/named.service └─4257 /usr/sbin/named -t /var/lib/named -u named Jan 09 20:52:03 maxi named[4257]: zone 2.168.192.in-addr.arpa/IN: NS 'maxi3.2.168.192.in-addr.arpa' has no address records (A or AAAA) Jan 09 20:52:03 maxi named[4257]: zone 2.168.192.in-addr.arpa/IN: NS 'maxi4.2.168.192.in-addr.arpa' has no address records (A or AAAA) Jan 09 20:52:03 maxi named[4257]: zone 2.168.192.in-addr.arpa/IN: NS 'fritzbox.2.168.192.in-addr.arpa' has no address records (A or AAAA) Jan 09 20:52:03 maxi named[4257]: zone 2.168.192.in-addr.arpa/IN: not loaded due to errors. Jan 09 20:52:03 maxi named[4257]: zone localhost/IN: loaded serial 42 Jan 09 20:52:03 maxi named[4257]: all zones loaded Jan 09 20:52:03 maxi named[4257]: running Jan 09 20:52:03 maxi systemd[1]: Started Berkeley Internet Name Domain (DNS). Jan 09 20:52:03 maxi named[4257]: managed-keys-zone: Key 20326 for zone . is now trusted (acceptance timer complete) Jan 09 20:52:03 maxi named[4257]: resolver priming query complete But for sure - the local IP's assigned via dhcpd.service will not be available :-( Regards Ulf
participants (1)
-
Ulf