Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Whats wrong with my zone files?

2,073 views
Skip to first unread message

Jon Harris

unread,
Jul 18, 2008, 10:13:56 AM7/18/08
to
Hi List

I am just putting in a new BIND server (latest download) and its all
installed fine. The old server is BIND 8.x

(thanks to http://www.unixwiz.net/techtips/bind9-chroot.html for the
walk-through)

However, I seem to be having some problems with the layout of my zone
files:

This is how my zone files normally work, I call my zone file
"db.thedomain.com" which look something like this (names and IP
changed):

----------------------
@ IN SOA ns0.mydomain.net. root.ns0.mydomain.net. (2008071801 10800 3600
604800 86400 )
IN NS ns0.mydomain.net.
IN NS ns.enta.net.
IN MX 5 mail
IN MX 10 mail.myfallbackserver.net.

localhost IN A 127.0.0.1
www IN A 10.10.10.1
mail IN A 10.10.10.2

---------------------

However, this generates "no TTL specified; using SOA MINTTL instead"

If I put the TTL in the front:

@ 86400 IN SOA ns0.mydomain.net. root.ns0.mydomain.net. (2008071801
10800 3600 604800 86400 )

- no warning.

Q1. Aren't I specifying the TTL twice?

Q2. I hate seeing processes start with a screen full of errors (assuming
it will start) , so if I have to do this, is their a way I can script
the change/bulk convert? - I have over 400 zone files to move.

Thanks

Jon Harris

Karl Auer

unread,
Jul 18, 2008, 10:43:38 AM7/18/08
to
On Fri, 2008-07-18 at 15:13 +0100, Jon Harris wrote:
> "no TTL specified; using SOA MINTTL instead"
>
> If I put the TTL in the front:
>
> @ 86400 IN SOA ns0.mydomain.net. root.ns0.mydomain.net. (2008071801
> 10800 3600 604800 86400 )
>
> - no warning.
>
> Q1. Aren't I specifying the TTL twice?
The "TTLs" in the SOA relate to the zone as a whole; the TTL that is
"missing" is the one for each separate entry in the zone. They all have
separate TTLs anyway, even if you don't specify them. BIND9 is just
telling you the value it is using for those TTLS in the absence of
information in the zone files.

> Q2. I hate seeing processes start with a screen full of errors (assuming
> it will start) , so if I have to do this, is their a way I can script
> the change/bulk convert? - I have over 400 zone files to move.

It's not an error, it's just a warning, so it should not of itself
prevent startup. In fact, BIND9 is taking this step precisely so as to
avoid having to not load the (actually invalid) zone file. If 86400 is
an acceptable TTL value to you, you can ignore the warnings.

But I agree it would be nicer without them. It might be simplest to
script the addition of "$TTL 86400" to the top of each zone file:

for each here/filename
echo "$TTL 86400" > there/filename
cat here/filename >> there/filename
mv there/filename here/filename

... or suchlike.

86400 seems a longish TTL if you ask me. Not that you did :-)

Regards, K.

--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (ka...@biplane.com.au) +61-2-64957160 (h)
http://www.biplane.com.au/~kauer/ +61-428-957160 (mob)

GPG fingerprint: DD23 0DF3 2260 3060 7FEC 5CA8 1AF6 D9E3 CFEE 6B28
Public key at : random.sks.keyserver.penguin.de

Alan Clegg

unread,
Jul 18, 2008, 11:43:16 AM7/18/08
to
Jon Harris wrote:
> @ IN SOA ns0.mydomain.net. root.ns0.mydomain.net. (2008071801 10800 3600
> 604800 86400 )

> However, this generates "no TTL specified; using SOA MINTTL instead"

BIND9 uses the former default TTL (last entry in the SOA) as the amount
of time to cache negative entries for your zone. You probably want to
change that last 86400 to something like 900.

Once you do that, just put a $TTL at the top of the file specifying the
defualt TTL for any label that does not have a TTL.

> Q2. I hate seeing processes start with a screen full of errors (assuming
> it will start) , so if I have to do this, is their a way I can script
> the change/bulk convert? - I have over 400 zone files to move.

This all depends on your implementation and your ability to script, but
yes, it is possible.

AlanC

G.W. Haywood

unread,
Jul 18, 2008, 11:33:02 AM7/18/08
to
Hi there,

On Fri, 18 Jul 2008, Jon Harris wrote:

> I am just putting in a new BIND server (latest download) and its all
> installed fine. The old server is BIND 8.x

> ...


> This is how my zone files normally work, I call my zone file
> "db.thedomain.com" which look something like this (names and IP
> changed):
>
> ----------------------

> @ IN SOA ns0.mydomain.net. root.ns0.mydomain.net. (2008071801 10800 3600
> 604800 86400 )

> ...
> ---------------------


>
> However, this generates "no TTL specified; using SOA MINTTL instead"

This is mentioned in the O'Reilly book "DNS and BIND".

It's section 14.5.8 in my copy, which isn't as up to date as this one:

http://oreilly.com/catalog/9780596100575/

Basically add

$TTL xxx

before your SOA record, where xxx is the TTL of your choice.

--

73,
Ged.

0 new messages