DNSサーバを作りたかったらしい

[ritsuxis]

概要

あなたは同僚から助けを求められた。彼は社内のDNSサーバの構築ログに基づいて環境構築を試みたが、テストとして実行したコマンドでは期待していた出力が行われなかったらしい。原因を調査して、エラーを解決してあげよう。

前提条件

ns01はmaster、ns02はslaveサーバとして機能させたい
トラブルに関係しない要素については変更しない

初期状態

ns02でdig @localhost red.prob.final.ictsc.netが解決できない

終了状態

ns02で dig @localhost red.prob.final.ictsc.net が解決できる
原因が特定されて報告、修正されている(根拠となるコマンドや出力を回答に含めること)
トラブル解決前に期待されていた動作をしている

[ritsuxis]

死んでた

user@ns02:/etc/bind$ sudo service bind9 status
● bind9.service - BIND Domain Name Server
   Loaded: loaded (/lib/systemd/system/bind9.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Sun 2021-03-07 02:22:15 UTC; 28s ago
     Docs: man:named(8)
  Process: 1690 ExecStart=/usr/sbin/named -f $OPTIONS (code=exited, status=1/FAILURE)
 Main PID: 1690 (code=exited, status=1/FAILURE)

Mar 07 02:22:15 ns02 named[1690]: loading configuration from '/etc/bind/named.conf'
Mar 07 02:22:15 ns02 named[1690]: /etc/bind/named.conf.prob:81: writeable file '/var/lib/bind/alice.prob.final.ictsc.net': already in use: /etc/bind/named.conf.prob:43
Mar 07 02:22:15 ns02 named[1690]: /etc/bind/named.conf.prob:87: writeable file '/var/lib/bind/text.prob.final.ictsc.net': already in use: /etc/bind/named.conf.prob:48
Mar 07 02:22:15 ns02 named[1690]: /etc/bind/named.conf.prob:93: writeable file '/var/lib/bind/tower.prob.final.ictsc.net': already in use: /etc/bind/named.conf.prob:53
Mar 07 02:22:15 ns02 named[1690]: /etc/bind/named.conf.prob:99: writeable file '/var/lib/bind/home.prob.final.ictsc.net': already in use: /etc/bind/named.conf.prob:58
Mar 07 02:22:15 ns02 named[1690]: /etc/bind/named.conf.prob:105: writeable file '/var/lib/bind/study.prob.final.ictsc.net': already in use: /etc/bind/named.conf.prob:63
Mar 07 02:22:15 ns02 named[1690]: loading configuration: failure
Mar 07 02:22:15 ns02 named[1690]: exiting (due to fatal error)
Mar 07 02:22:15 ns02 systemd[1]: bind9.service: Main process exited, code=exited, status=1/FAILURE
Mar 07 02:22:15 ns02 systemd[1]: bind9.service: Failed with result 'exit-code'.

[ritsuxis]

Mar 07 02:22:15 ns02 named[1690]: /etc/bind/named.conf.prob:81: writeable file '/var/lib/bind/alice.prob.final.ictsc.net': already in use: /etc/bind/named.conf.prob:43 この辺が原因ぽいので、named.conf.probのzone以下のfileの"/var/lib/bind/prob.final.ictsc.net"を"/var/lib/bind/slaves/prob.final.ictsc.net"に変更後再起動

[ritsuxis]

user@ns02:/etc/bind$ sudo service bind9 status
● bind9.service - BIND Domain Name Server
   Loaded: loaded (/lib/systemd/system/bind9.service; enabled; vendor preset: enabled)
   Active: active (running) since Sun 2021-03-07 02:24:00 UTC; 4s ago
     Docs: man:named(8)
 Main PID: 1731 (named)
    Tasks: 4 (limit: 2361)
   CGroup: /system.slice/bind9.service
           └─1731 /usr/sbin/named -f -u bind

Mar 07 02:24:01 ns02 named[1731]: zone prob.final.ictsc.net/IN/external: transferred serial 2021022000: TSIG 'prob.final.ictsc.net'
Mar 07 02:24:01 ns02 named[1731]: transfer of 'prob.final.ictsc.net/IN/external' from 192.168.18.1#53: Transfer status: success
Mar 07 02:24:01 ns02 named[1731]: transfer of 'prob.final.ictsc.net/IN/external' from 192.168.18.1#53: Transfer completed: 1 messages, 7 records, 318 bytes, 0.001 secs (318000 bytes/sec)
Mar 07 02:24:01 ns02 named[1731]: zone prob.final.ictsc.net/IN/external: sending notifies (serial 2021022000)
Mar 07 02:24:01 ns02 named[1731]: zone tower.prob.final.ictsc.net/IN/external: transferred serial 2021022000: TSIG 'prob.final.ictsc.net'
Mar 07 02:24:01 ns02 named[1731]: transfer of 'tower.prob.final.ictsc.net/IN/external' from 192.168.18.1#53: Transfer status: success
Mar 07 02:24:01 ns02 named[1731]: transfer of 'tower.prob.final.ictsc.net/IN/external' from 192.168.18.1#53: Transfer completed: 1 messages, 6 records, 314 bytes, 0.023 secs (13652 bytes/sec)
Mar 07 02:24:01 ns02 named[1731]: zone tower.prob.final.ictsc.net/IN/external: sending notifies (serial 2021022000)
Mar 07 02:24:02 ns02 named[1731]: client @0x7fd1280c72c0 192.168.18.2#58906/key prob.final.ictsc.net: view internal: received notify for zone 'tower.prob.final.ictsc.net': TSIG 'prob.final.ictsc.net'
Mar 07 02:24:02 ns02 named[1731]: zone tower.prob.final.ictsc.net/IN/internal: refused notify from non-master: 192.168.18.2#58906

[ritsuxis]

お世話になっております。 kstmの宮嵜です。

この問題につきまして、原因はns2においてbind9起動時に同一zoneファイルを読み込んでいることによりサービスが終了していることだと考えられます。 これは、sudo service bind9 statusにて

(省略)
Mar 07 02:22:15 ns02 named[1690]: /etc/bind/named.conf.prob:105: writeable file '/var/lib/bind/study.prob.final.ictsc.net': already in use: /etc/bind/named.conf.prob:63
Mar 07 02:22:15 ns02 named[1690]: loading configuration: failure
Mar 07 02:22:15 ns02 named[1690]: exiting (due to fatal error)
Mar 07 02:22:15 ns02 systemd[1]: bind9.service: Main process exited, code=exited, status=1/FAILURE
Mar 07 02:22:15 ns02 systemd[1]: bind9.service: Failed with result 'exit-code'.

が表示されたことでわかります。

よって、ns2のnamed.conf.probのinternalのfileにて保存先を/var/lib/bind/slaves/以下にするように変更後 再起動しました。すると、sudo service bind9 statusにてサービスが稼働していることを確認でき、

user@ns02:/etc/bind$ dig @localhost text.prob.final.ictsc.net.prob

; <<>> DiG 9.11.3-1ubuntu1.14-Ubuntu <<>> @localhost text.prob.final.ictsc.net
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56893
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: e89e8e6e12150c4fa471bb9c60443cf65befc64c6ee62402 (good)
;; QUESTION SECTION:
;text.prob.final.ictsc.net.     IN      A

;; ANSWER SECTION:
text.prob.final.ictsc.net. 86400 IN     A       192.168.16.111

;; AUTHORITY SECTION:
text.prob.final.ictsc.net. 86400 IN     NS      red.prob.final.ictsc.net.
text.prob.final.ictsc.net. 86400 IN     NS      blue.prob.final.ictsc.net.

;; ADDITIONAL SECTION:
red.prob.final.ictsc.net. 300   IN      A       192.168.18.1
blue.prob.final.ictsc.net. 300  IN      A       192.168.18.2

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Mar 07 02:39:50 UTC 2021
;; MSG SIZE  rcvd: 167

となって期待した動作ができているものと思われます。

以上となります。よろしくお願いします。

[ritsuxis]

user@ns02:/etc/bind$ sudo systemctl status bind9
● bind9.service - BIND Domain Name Server
   Loaded: loaded (/lib/systemd/system/bind9.service; enabled; vendor preset: enabled)
   Active: active (running) (Result: exit-code) since Sun 2021-03-07 03:00:50 UTC; 1h 13min ago
     Docs: man:named(8)
  Process: 1778 ExecReload=/usr/sbin/rndc reload (code=exited, status=1/FAILURE)
 Main PID: 922 (named)
    Tasks: 4 (limit: 2361)
   CGroup: /system.slice/bind9.service
           └─922 /usr/sbin/named -f -u bind

Mar 07 04:13:41 ns02 named[922]: /etc/bind/named.conf.prob:72: writeable file '/var/lib/bind/prob.final.ictsc.net': already in use: /etc/bind/named.conf.prob:36
Mar 07 04:13:41 ns02 named[922]: /etc/bind/named.conf.prob:81: writeable file '/var/lib/bind/alice.prob.final.ictsc.net': already in use: /etc/bind/named.conf.prob:43
Mar 07 04:13:41 ns02 named[922]: /etc/bind/named.conf.prob:87: writeable file '/var/lib/bind/text.prob.final.ictsc.net': already in use: /etc/bind/named.conf.prob:48
Mar 07 04:13:41 ns02 named[922]: /etc/bind/named.conf.prob:93: writeable file '/var/lib/bind/tower.prob.final.ictsc.net': already in use: /etc/bind/named.conf.prob:53
Mar 07 04:13:41 ns02 named[922]: /etc/bind/named.conf.prob:99: writeable file '/var/lib/bind/home.prob.final.ictsc.net': already in use: /etc/bind/named.conf.prob:58
Mar 07 04:13:41 ns02 named[922]: /etc/bind/named.conf.prob:105: writeable file '/var/lib/bind/study.prob.final.ictsc.net': already in use: /etc/bind/named.conf.prob:63
Mar 07 04:13:41 ns02 named[922]: reloading configuration failed: failure
Mar 07 04:13:41 ns02 rndc[1778]: rndc: 'reload' failed: failure
Mar 07 04:13:41 ns02 systemd[1]: bind9.service: Control process exited, code=exited status=1
Mar 07 04:13:41 ns02 systemd[1]: Reload failed for BIND Domain Name Server.

[ritsuxis]

zone 18.168.192.in-addr.arpaについては変更せずに提出しました。