named.conf and recursion
For a few moths now my /etc/named.conf was looking like this (and it was working with no visible errors):
Two days ago I have updated my cPanel/WHM from 11.46 to 11.48, and it seems that the update went well. But, then, a bit later I got a warning about something not being right in named.conf (for example, I couldnt start the Perform a DNS Cleanup). Trying to sort this, I got to this:
According to this warning I commented out the line "recursion no;" under "external", like this:
That seems to solve the problem, but now I'm not sure if that's OK - wherewer I look it seems that there has to be a "recursion no;" under "external". On the other hand, when I checked the domain at intodns.com it seems that everything is OK: "Your nameservers (the ones reported by the parent server) do not report that they allow recursive queries for anyone." In process of finding the error with my named.conf I've also checked my /etc/resolv.conf file, and found out that there was just one IP listed, instead of originally entered two IPs (those are the resolver IPs from my VPS hosting provider). I solved this in WHM, adding the primary and secondary resolver IP again, and now both are listed, and it seems OK. I almost forgot, I use Apache 2.4 with PHP 5.5.21, and also have the nginxcp (Nginx Admin) plugin installed. Can somebody that has a better understanding of named.conf than me tell me if I'm OK with this new code? Thank you in advance
include "/etc/rndc.key";
controls {
inet 127.0.0.1 allow { localhost; } keys { "rndc-key"; };
};
acl "trusted" {
127.0.0.1;
};
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
allow-recursion { trusted; };
allow-notify { trusted; };
allow-transfer {
trusted;
1.1.1.1;
2.2.2.2;
3.3.3.3;
4.4.4.4;
5.5.5.5; //Those IPs are from BuddyNS, since I've done my configuration manually, and don't use their cPanel Plugin)
};
forwarders { 127.0.0.1; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view "localhost_resolver" {
match-clients { 127.0.0.0/24; };
match-destinations { localhost; };
recursion yes;
zone "." IN {
type hint;
file "/var/named/named.ca";
};
include "/var/named/named.rfc1912.zones";
};
view "internal" {
match-clients { localnets; };
match-destinations { localnets; };
recursion yes;
zone "." IN {
type hint;
file "/var/named/named.ca";
};
zone "host.mydomain.com" {
type master;
file "/var/named/host.mydomain.com.db";
};
// I HAVE A FEW OTHER DOMAINS LISTED HERE, WITH SIMILAR NOTATION
zone "anotherdomain.com" {
type master;
file "/var/named/anotherdomain.com.db";
};
};
view "external" {
recursion no;
additional-from-cache no;
zone "." IN {
type hint;
file "/var/named/named.ca";
};
zone "host.mydomain.com" {
type master;
file "/var/named/host.mydomain.com.db";
};
// I HAVE A FEW OTHER DOMAINS LISTED HERE, WITH SIMILAR NOTATION
zone "anotherdomain.com" {
type master;
file "/var/named/anotherdomain.com.db";
};
};Two days ago I have updated my cPanel/WHM from 11.46 to 11.48, and it seems that the update went well. But, then, a bit later I got a warning about something not being right in named.conf (for example, I couldnt start the Perform a DNS Cleanup). Trying to sort this, I got to this:
# /scripts/fixnamedviews
warn [fixnamedviews] Unable to edit view external directive: /etc/named.conf:15: both "recursion no;" and "allow-recursion" active for view external
warn [fixnamedviews] Unable to edit view localhost_resolver directive: /etc/named.conf:15: both "recursion no;" and "allow-recursion" active for view externalAccording to this warning I commented out the line "recursion no;" under "external", like this:
view "external" {
//recursion no;
additional-from-cache no;That seems to solve the problem, but now I'm not sure if that's OK - wherewer I look it seems that there has to be a "recursion no;" under "external". On the other hand, when I checked the domain at intodns.com it seems that everything is OK: "Your nameservers (the ones reported by the parent server) do not report that they allow recursive queries for anyone." In process of finding the error with my named.conf I've also checked my /etc/resolv.conf file, and found out that there was just one IP listed, instead of originally entered two IPs (those are the resolver IPs from my VPS hosting provider). I solved this in WHM, adding the primary and secondary resolver IP again, and now both are listed, and it seems OK. I almost forgot, I use Apache 2.4 with PHP 5.5.21, and also have the nginxcp (Nginx Admin) plugin installed. Can somebody that has a better understanding of named.conf than me tell me if I'm OK with this new code? Thank you in advance
-
Hello :) Could you open a support ticket using the link in my signature so we can take a closer look at your /etc/named.conf file and verify it's setup correctly? You can post the ticket number here so we can update this thread with the outcome. Thank you. 0 -
Thank you very much for your answer. According to your instructions, I've just opened the ticket (Ticket ID "6093123") and granted the support acces. If there is anything else, just let me know. 0 -
To update, it looks like recursion is actually disabled when testing. Note that you can generate a new instance of /etc/named.conf with the following commands: mv /etc/named.conf /etc/named.conf.backup1 /scripts/rebuilddnsconfig
Thank you.0
Please sign in to leave a comment.
Comments
3 comments