Contact US

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

named-checkzone error

named-checkzone error

named-checkzone error

So I ran through this tutorial on digital ocean and I got to a part where you run checkconf and checkzone, and I got the following error in the checkzone portion.

ran this command rahutch@ns1 $ sudo named-checkzone 1.168.192.in-addr.arpa /etc/bind/zones/db.192.168.1

This is the error I got back:
zone 1.168.192.in-addr.arpa/IN: NS 'ns1.domain.com.1.168.192.in-addr.arpa' has no address records (A or AAAA)
zone 1.168.192.in-addr.arpa/IN: not loaded due to errors.

I have tried several things, added an entry into the /etc/bind/named.conf.local showing ns1.domain.com as an A entry, but that didn't help. Not sure where I went wrong.

this is my db.192.168.1 file:

; BIND reverse data file for local loopback interface
$TTL 604800
@ IN SOA ns1.domain.com. admin.domain.com. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL

; name servers - NS records
IN NS ns1.domain.com

; PTR Records
205.1 IN PTR ns1.domain.com. ;
204.1 IN PTR dc1.domain.com. ;
203.1 IN PTR web1.domain.com. ;
202.1 IN PTR fp1.domain.com. ;

(domain name has been substitued)

Any suggestions of where to start looking?

Thanks in advance.

Rod Hutchinson

RE: named-checkzone error

This should work:

CODE -->

$TTL 3D       ; default ttl for records without a specified lifetime
$ORIGIN 1.168.192.in-addr.arpa.
@                      IN       SOA     ns1.domain.com. . (
                                        1587664287   ;  serial number
                                        604800       ;  ns refresh
                                        86400        ;  ns retry
                                        2419200      ;  authority expiry
                                        604800      );  min (RFC2308 §4)
                       IN       NS      ns1.domain.com.
205                    IN       PTR     ns1.domain.com.
204                    IN       PTR     dc1.domain.com.
203                    IN       PTR     web1.domain.com.
202                    IN       PTR     fp1.domain.com. 

RE: named-checkzone error


Golden: All loaded and OK. But help me out here, was it the serial #, or the ORIGIN or the IN NS ns1.domain.com?????

I wouldn't consider myself a newb, but I am inexperienced at getting server software working other than SAMBA.

Thanks for your help, now I should be able to load vCenter and get my environment really cooking.



RE: named-checkzone error

Serial # is not important for the validity of the zone file. I added the ORIGIN where it was missing. Also corrected PTR records which were wrong.

RE: named-checkzone error

More config issues I believe:

When I ping (or generally use any function that uses name resolution) I can ping the IP address, but I only get my domain controller and my File Print servers to respond. Even the DNS ns1 does not reply. I think the issue might be in the forward zone file but I am not sure. What does the ORIGIN statement you put in my reverse file do? Here is my /etc/bind/zones/db.domain.local file:

; BIND data file for local loopback interface
$TTL 604800
@ IN SOA ns1.domain.com. admin.domain.com. (
3 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL

; name servers - NS records
IN NS ns1.domain.com.

; name servers - A records
ns1.domain.com. IN A

; - A records
fp1.domain.com. IN A
web1.domain.com. IN A
dc1.domain.com. IN A
ubuntu.domain.com. IN A
ns1.domain.com. IN A
vc1.domain.com. IN A

So I can ping, fp1, dc1 and ubuntu, none of the rest of these reply to their name. I have not opened my network to the outside world yet so when I use the FQDN, it just goes to the company I purchased my domain name from.

If you need more info let me know. I have been pounding through BIND documentation, but I am at a loss. Any help would be appreciated.



RE: named-checkzone error

Missed the $ORIGIN. Copy the below. I added the MX record for demonstration purposes. Replace/remove it. If you keep it, add the A record.

CODE -->

$TTL 86400

@       IN      SOA     ns1.domain.com.  admin.domain.com. (
                        2020042601	; serial number YYMMDDNN
                        604800          ; Refresh
                        86400           ; Retry
                        2419200         ; Expire
                        604800          ; Min TTL

                NS      ns1.domain.com. 

                MX      10 mail.domain.com.

$ORIGIN domain.com.

fp1	IN	A 
web1	IN	A 
dc1	IN	A 
ubuntu	IN	A 
ns1	IN	A 
vc1	IN	A 

RE: named-checkzone error


No joy. Made the changes; restarted the service and still no reply from web1 or ns1. I have used ping to check connectivity with dc1, fp1 & ubuntu and all are good. But when I try either ns1 or web1 I get "Ping request could not find host web1 (ns1). Please check the name and try again."

So all things being equal would this indicate it is an issue on the hosts themselves???

Been a long weekend. Back to work in the morning (same desk, just have work to do :)

thanks for your help. If you have any other thoughts I would be happy to try them.



RE: named-checkzone error

Can you ping them by IP addresses? If you can then DNS is not to blame. The hosts could be running local firewalls that prohibit ICMP pings.

RE: named-checkzone error

I guess that could be, but they are all fresh installs, I will look into it and if that is the case, I will let you know, while I am putting ketchup on my humble pie :)


RE: named-checkzone error

No need for that kind of pie. Get a nice (insert your choice) pie!
Speaking of the installs. Out of the box "new installs" of Windows machines will have ICMP blocked. So go to the Windows Firewall and allow ICMP echo from the subnet that you are originating your "pings".

RE: named-checkzone error

Will do.

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close