Finding a Syntax Error in a named.conf File

.2.1 Problem

You need to find a syntax error in a name servers named.conf file.

.2.2 Solution

If you suspect you have a syntax error in named.conf, check the name servers syslog output to see if named logged any error messages the last time you started or reloaded it. Look for a message like this, indicating the last time you started the name server:

Jun 25 15:42:43 ns1 named[53702]: starting BIND 9.2.1 Jun 25 15:42:43 ns1 named[53702]: using 1 CPU Jun 25 15:42:43 ns1 named[53702]: loading configuration from /etc/named.conf

If you reloaded the name server, the message will look like this:

Jun 25 15:44:25 ns1 named[53702]: loading configuration from /etc/named.conf

If you can find the last time the name server was started or reloaded, you can always reload it again with rndc reload (BIND 9) or ndc reload (BIND 8), then check nameds syslog output immediately. Or you can start a BIND 9 name server with the -g option, which tells named to run in the foreground and send all error messages to standard error. For example:

$ named -g Jun 25 15:53:37.745 starting BIND 9.2.1 -g Jun 25 15:53:37.745 using 1 CPU Jun 25 15:53:37.750 loading configuration from /etc/named.conf Jun 25 15:53:37.750 /etc/named.conf:7: missing ; before acl Jun 25 15:53:37.754 loading configuration: failure Jun 25 15:53:37.754 exiting (due to fatal error)

This makes the error fairly obvious: theres a missing semicolon on line 7 of named.conf, before the keyword acl.

You can also check a named.conf file without running named, by using the BIND 9 named-checkconf program, as described in Section 5.3. named-checkconf uses the same routines that named would to check the named.conf file. For example, running named-checkconf on the named.conf file that produced the output above produces very similar output:

$ named-checkconf /etc/named.conf:7: missing ; before acl

.2.3 Discussion

While named-checkconf is not included in BIND 8 distributions -- it was introduced in BIND 9.1.0 -- you can still build a BIND 9 named-checkconf and use it with a named.conf file meant for a BIND 8 name server. Just ignore any errors that tell you that the BIND 8-only configuration substatements you e using are obsolete:

$ named-checkconf /etc/named.conf:29: option multiple-cnames is obsolete

.2.4 See Also

Section 5.3, for using named-checkconf to check a named.conf file.

Категории