I am using Centos Web Panel, everything was just working like it normally should… However the Bind DNS just stopped working out of nowhere.
Here is the error code provided:
● named.service - Berkeley Internet Name Domain (DNS) Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since Tue 2018-04-10 00:02:41 UTC; 4min 41s ago Process: 4363 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=1/FAILURE) Apr 10 00:02:41 server.odhosting.org bash[4363]: zone themerchandiseman.com/IN: loaded serial 2013071600 Apr 10 00:02:41 server.odhosting.org bash[4363]: zone bdfinancegroup.com/IN: loaded serial 2013071600 Apr 10 00:02:41 server.odhosting.org bash[4363]: zone saltymanufacturing.com/IN: loaded serial 2013071600 Apr 10 00:02:41 server.odhosting.org bash[4363]: zone cryptonewstv.com/IN: loaded serial 2013071600 Apr 10 00:02:41 server.odhosting.org bash[4363]: zone odmarketing.org/IN: loaded serial 2013071600 Apr 10 00:02:41 server.odhosting.org bash[4363]: zone talkthatheals.com/IN: loaded serial 2013071600 Apr 10 00:02:41 server.odhosting.org systemd[1]: named.service: control process exited, code=exited status=1 Apr 10 00:02:41 server.odhosting.org systemd[1]: Failed to start Berkeley Internet Name Domain (DNS). Apr 10 00:02:41 server.odhosting.org systemd[1]: Unit named.service entered failed state. Apr 10 00:02:41 server.odhosting.org systemd[1]: named.service failed.From what I can gather, everything is loading properly but then just fails.
I have glue records properly set, name servers are also done properly. (this happened recently wen trying to configure DKIM, dmarc, SPF records to the DNS template. Deleted the template, re-built DNS zones. However still not able to start the BIND DNS.
If anyone has seen this before and knows what might be wrong / has fixed this before please reply.
Also more information regarding the error with the “journalctl -xe” command and the following was the output:
******************************************** Welcome to CWP (CentOS WebPanel) server ******************************************** CWP Wiki: http://wiki.centos-webpanel.com CWP Forum: http://forum.centos-webpanel.com CWP Support: http://centos-webpanel.com/support-services 00:19:42 up 22 min, 1 user, load average: 0.00, 0.01, 0.05 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT root pts/0 cpe-108-184-219- 00:19 0.00s 0.05s 0.00s sh /root/.bash_ [root@server ~]# journalctl -xe Apr 10 00:19:43 server.odhosting.org postfix/qmgr[1459]: AF56BC152F2: removed Apr 10 00:20:01 server.odhosting.org systemd[1]: Started Session 8 of user root. -- Subject: Unit session-8.scope has finished start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit session-8.scope has finished starting up. -- -- The start-up result is done. Apr 10 00:20:01 server.odhosting.org systemd[1]: Starting Session 8 of user root -- Subject: Unit session-8.scope has begun start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit session-8.scope has begun starting up. Apr 10 00:20:01 server.odhosting.org CROND[8019]: (root) CMD (/usr/lib64/sa/sa1 Apr 10 00:20:03 server.odhosting.org postfix/pickup[1458]: A0479C152F1: uid=0 fr Apr 10 00:20:03 server.odhosting.org postfix/cleanup[7961]: A0479C152F1: message Apr 10 00:20:03 server.odhosting.org opendkim[1022]: A0479C152F1: no signing tab Apr 10 00:20:03 server.odhosting.org opendkim[1022]: A0479C152F1: no signature d Apr 10 00:20:03 server.odhosting.org postfix/qmgr[1459]: A0479C152F1: from=<root Apr 10 00:20:03 server.odhosting.org postfix/local[7968]: A0479C152F1: to=<root@ Apr 10 00:20:03 server.odhosting.org postfix/qmgr[1459]: A0479C152F1: removed [root@server ~]# journalctl -xe -- Documentation: http://www.freedesktop.org/wiki/Software/systemd/multiseat -- -- A new session with the ID 7 has been created for the user root. -- -- The leading process of the session is 7887. Apr 10 00:19:41 server.odhosting.org systemd[1]: Started Session 7 of user root. -- Subject: Unit session-7.scope has finished start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit session-7.scope has finished starting up. -- -- The start-up result is done. Apr 10 00:19:41 server.odhosting.org sshd[7887]: pam_unix(sshd:session): session opened for user root by (uid=0) Apr 10 00:19:41 server.odhosting.org systemd[1]: Starting Session 7 of user root. -- Subject: Unit session-7.scope has begun start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit session-7.scope has begun starting up. Apr 10 00:19:43 server.odhosting.org postfix/pickup[1458]: AF56BC152F2: uid=0 from=<root> Apr 10 00:19:43 server.odhosting.org postfix/cleanup[7961]: AF56BC152F2: message-id=<20180410001943.AF56BC152F2@server.odhosting.org> Apr 10 00:19:43 server.odhosting.org opendkim[1022]: AF56BC152F2: no signing table match for 'root@server.odhosting.org' Apr 10 00:19:43 server.odhosting.org opendkim[1022]: AF56BC152F2: no signature data Apr 10 00:19:43 server.odhosting.org postfix/qmgr[1459]: AF56BC152F2: from=<root@server.odhosting.org>, size=639, nrcpt=1 (queue active) Apr 10 00:19:43 server.odhosting.org postfix/local[7968]: AF56BC152F2: to=<root@server.odhosting.org>, orig_to=<root>, relay=local, delay=0.05, delays=0.04/0.01/0/0, dsn=2.0.0, status=sent Apr 10 00:19:43 server.odhosting.org postfix/qmgr[1459]: AF56BC152F2: removed Apr 10 00:20:01 server.odhosting.org systemd[1]: Started Session 8 of user root. -- Subject: Unit session-8.scope has finished start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit session-8.scope has finished starting up. -- -- The start-up result is done. Apr 10 00:20:01 server.odhosting.org systemd[1]: Starting Session 8 of user root. -- Subject: Unit session-8.scope has begun start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit session-8.scope has begun starting up. Apr 10 00:20:01 server.odhosting.org CROND[8019]: (root) CMD (/usr/lib64/sa/sa1 1 1) Apr 10 00:20:03 server.odhosting.org postfix/pickup[1458]: A0479C152F1: uid=0 from=<root> Apr 10 00:20:03 server.odhosting.org postfix/cleanup[7961]: A0479C152F1: message-id=<20180410002003.A0479C152F1@server.odhosting.org> Apr 10 00:20:03 server.odhosting.org opendkim[1022]: A0479C152F1: no signing table match for 'root@server.odhosting.org' Apr 10 00:20:03 server.odhosting.org opendkim[1022]: A0479C152F1: no signature data Apr 10 00:20:03 server.odhosting.org postfix/qmgr[1459]: A0479C152F1: from=<root@server.odhosting.org>, size=3811, nrcpt=1 (queue active) Apr 10 00:20:03 server.odhosting.org postfix/local[7968]: A0479C152F1: to=<root@server.odhosting.org>, orig_to=<root>, relay=local, delay=0.06, delays=0.04/0/0/0.01, dsn=2.0.0, status=sent Apr 10 00:20:03 server.odhosting.org postfix/qmgr[1459]: A0479C152F1: removedTo be clear BIND DNS was working and configured properly, something has been changed, however I do not know what it was. (The error happened after restarting the DNS)
Things I have already tried:
- Rebuild DNS
- Remove all DKIM & SPF settings
- Double Check IP Address for NS
- Ensure that all domains use the listed NS
- Reboot Sever
- Remove & Add Zone Files
- Double Check Glue Records & Verified
I managed to find more information / errors:
● named.service - Berkeley Internet Name Domain (DNS) Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since Tue 2018-04-10 01:04:08 UTC; 10s ago Process: 15631 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=1/FAILURE) Process: 15622 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS) Apr 10 01:04:08 server.odhosting.org named[15633]: sizing zone task pool based on 17 zones Apr 10 01:04:08 server.odhosting.org named[15633]: dns_master_load: named.ca:10: isc_lex_gettoken() failed: unbalanced parentheses Apr 10 01:04:08 server.odhosting.org named[15633]: dns_master_load: named.ca:10: unbalanced parentheses Apr 10 01:04:08 server.odhosting.org named[15633]: could not configure root hints from 'named.ca': unbalanced parentheses Apr 10 01:04:08 server.odhosting.org named[15633]: loading configuration: unbalanced parentheses Apr 10 01:04:08 server.odhosting.org named[15633]: exiting (due to fatal error) Apr 10 01:04:08 server.odhosting.org systemd[1]: named.service: control process exited, code=exited status=1 Apr 10 01:04:08 server.odhosting.org systemd[1]: Failed to start Berkeley Internet Name Domain (DNS). Apr 10 01:04:08 server.odhosting.org systemd[1]: Unit named.service entered failed state. Apr 10 01:04:08 server.odhosting.org systemd[1]: named.service failed.Especially this line of code if anyone know how to fix:
could not configure root hints from 'named.ca': unbalanced parentheses
Answer
The original code was the following within the named.ca file:
; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3.2 <<>> +bufsize=1200 +norec @a.root-servers.net
; (2 servers found)
;; global options: +cmd
;; Got answer:
;
;
;
;EDNS: version: 0, flags:
)
;. 0 IN NS
;; ANSWER SECTION:
. 518400 IN NS a.root-servers.net.
. 518400 IN NS b.root-servers.net.
. 518400 IN NS c.root-servers.net.
. 518400 IN NS d.root-servers.net.
. 518400 IN NS e.root-servers.net.
. 518400 IN NS f.root-servers.net.
. 518400 IN NS g.root-servers.net.
. 518400 IN NS h.root-servers.net.
. 518400 IN NS i.root-servers.net.
. 518400 IN NS j.root-servers.net.
. 518400 IN NS k.root-servers.net.
. 518400 IN NS l.root-servers.net.
. 518400 IN NS m.root-servers.net.
;; ADDITIONAL SECTION:
a.root-servers.net. 3600000 IN A 198.41.0.4
a.root-servers.net. 3600000 IN AAAA 2001:503:ba3e::2:30
b.root-servers.net. 3600000 IN A 192.228.79.201
b.root-servers.net. 3600000 IN AAAA 2001:500:84::b
c.root-servers.net. 3600000 IN A 192.33.4.12
c.root-servers.net. 3600000 IN AAAA 2001:500:2::c
d.root-servers.net. 3600000 IN A 199.7.91.13
d.root-servers.net. 3600000 IN AAAA 2001:500:2d::d
e.root-servers.net. 3600000 IN A 192.203.230.10
e.root-servers.net. 3600000 IN AAAA 2001:500:a8::e
f.root-servers.net. 3600000 IN A 192.5.5.241
f.root-servers.net. 3600000 IN AAAA 2001:500:2f::f
g.root-servers.net. 3600000 IN A 192.112.36.4
g.root-servers.net. 3600000 IN AAAA 2001:500:12::d0d
h.root-servers.net. 3600000 IN A 198.97.190.53
h.root-servers.net. 3600000 IN AAAA 2001:500:1::53
i.root-servers.net. 3600000 IN A 192.36.148.17
i.root-servers.net. 3600000 IN AAAA 2001:7fe::53
j.root-servers.net. 3600000 IN A 192.58.128.30
j.root-servers.net. 3600000 IN AAAA 2001:503:c27::2:30
k.root-servers.net. 3600000 IN A 193.0.14.129
k.root-servers.net. 3600000 IN AAAA 2001:7fd::1
l.root-servers.net. 3600000 IN A 199.7.83.42
l.root-servers.net. 3600000 IN AAAA 2001:500:9f::42
m.root-servers.net. 3600000 IN A 202.12.27.33
m.root-servers.net. 3600000 IN AAAA 2001:dc3::35
;; Query time: msec
;; SERVER: 198.41.0.4#53(198.41.0.4)
;; WHEN: Po 22 10:14:44 CEST2017
;; MSG SIZE 811
Where as the correct or proper ‘named.ca’ file should be the following, minus a stray “)”
; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3.2 <<>> +bufsize=1200 +norec @a.root-servers.net
; (2 servers found)
;; global options: +cmd
;; Got answer:
;
;
;
;EDNS: version: 0, flags:
;. 0 IN NS
;; ANSWER SECTION:
. 518400 IN NS a.root-servers.net.
. 518400 IN NS b.root-servers.net.
. 518400 IN NS c.root-servers.net.
. 518400 IN NS d.root-servers.net.
. 518400 IN NS e.root-servers.net.
. 518400 IN NS f.root-servers.net.
. 518400 IN NS g.root-servers.net.
. 518400 IN NS h.root-servers.net.
. 518400 IN NS i.root-servers.net.
. 518400 IN NS j.root-servers.net.
. 518400 IN NS k.root-servers.net.
. 518400 IN NS l.root-servers.net.
. 518400 IN NS m.root-servers.net.
;; ADDITIONAL SECTION:
a.root-servers.net. 3600000 IN A 198.41.0.4
a.root-servers.net. 3600000 IN AAAA 2001:503:ba3e::2:30
b.root-servers.net. 3600000 IN A 192.228.79.201
b.root-servers.net. 3600000 IN AAAA 2001:500:84::b
c.root-servers.net. 3600000 IN A 192.33.4.12
c.root-servers.net. 3600000 IN AAAA 2001:500:2::c
d.root-servers.net. 3600000 IN A 199.7.91.13
d.root-servers.net. 3600000 IN AAAA 2001:500:2d::d
e.root-servers.net. 3600000 IN A 192.203.230.10
e.root-servers.net. 3600000 IN AAAA 2001:500:a8::e
f.root-servers.net. 3600000 IN A 192.5.5.241
f.root-servers.net. 3600000 IN AAAA 2001:500:2f::f
g.root-servers.net. 3600000 IN A 192.112.36.4
g.root-servers.net. 3600000 IN AAAA 2001:500:12::d0d
h.root-servers.net. 3600000 IN A 198.97.190.53
h.root-servers.net. 3600000 IN AAAA 2001:500:1::53
i.root-servers.net. 3600000 IN A 192.36.148.17
i.root-servers.net. 3600000 IN AAAA 2001:7fe::53
j.root-servers.net. 3600000 IN A 192.58.128.30
j.root-servers.net. 3600000 IN AAAA 2001:503:c27::2:30
k.root-servers.net. 3600000 IN A 193.0.14.129
k.root-servers.net. 3600000 IN AAAA 2001:7fd::1
l.root-servers.net. 3600000 IN A 199.7.83.42
l.root-servers.net. 3600000 IN AAAA 2001:500:9f::42
m.root-servers.net. 3600000 IN A 202.12.27.33
m.root-servers.net. 3600000 IN AAAA 2001:dc3::35
;; Query time: msec
;; SERVER: 198.41.0.4#53(198.41.0.4)
;; WHEN: Po 22 10:14:44 CEST2017
;; MSG SIZE 811
I find it slightly funny how one nearly always finds answers right after asking a community for help. Nevertheless, I hope this can solve someone elses problem in the near future or even help me figure this out again if needed. Cheers everyone, it appeared to be 100% the servers fault =P
Attribution
Source : Link , Question Author : OD Applications , Answer Author : OD Applications
