Failed to start service : Failed to start BIND

38 posts / 0 new
Last post
#1 Tue, 07/16/2013 - 20:09
eiger3970

Failed to start service : Failed to start BIND

Hi, I've had to rebuild Virtualmin and had my websites running, but now they're not running. Virtualmin > System Information won't start the BIND DNS Server.

I select the green arrow to start the BIND DNS Server and receive the error: Failed to start service : Failed to start BIND : Starting named: Error in named configuration: zone localhost.localdomain/IN: loaded serial 0 zone localhost/IN: loaded serial 0 zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0 zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0 zone 0.in-addr.arpa/IN: loaded serial 0 zone domainname.com/IN: NS 'ns1.domainname.com' has no address records (A or AAAA) zone domainname.com/IN: NS 'ns2.domainname.com' has no address records (A or AAAA) zone domainname.com/IN: not loaded due to errors. _default/domainname.com/IN: bad zone zone domainname2.com/IN: loaded serial 1373699158 zone ott.org.au/IN: loaded serial 1373699353 [FAILED]

I have research the Internet, however I'm hoping this forum might have some helpful suggestions.

Here are the details from Virtualmin > Webmin > Servers > BIND DNS Server > Existing DNS Zones > Zone: mydomain.com > Edit Records File

$ttl 38400 @ IN SOA localhost.localdomain. root.localhost.localdomain. ( 1373698126 10800 3600 604800 38400 ) mydomain.com. IN A 192.168.1.104 www.mydomain.com. IN A 192.168.1.104 ftp.mydomain.com. IN A 192.168.1.104 m.mydomain.com. IN A 192.168.1.104 localhost.mydomain.com. IN A 127.0.0.1 webmail.mydomain.com. IN A 192.168.1.104 admin.mydomain.com. IN A 192.168.1.104 mail.mydomain.com. IN A 192.168.1.104 mydomain.com. IN MX 5 mail.mydomain.com. mydomain.com. IN TXT "v=spf1 a mx a:mydomain.com ip4:192.168.1.163 ip4:192.168.1.104 ?all" mydomain.com. IN NS ns1.mydomain.com. mydomain.com. IN NS ns2.mydomain.com.

Sat, 07/20/2013 - 18:23
Locutus

Well, like the error message states, your zone does not have address records for your nameserver records. You can try recreating the zone by turning the BIND feature in Virtualmin off and on again for the domain in question. If that doesn't help, i can offer you to take a look at your system myself, since the problem can have too many reasons to guess here. :)

Sun, 07/21/2013 - 02:10
eiger3970

Thanks, unable to shutdown the BIND DNS domain feature in Virtualmin > mydomain.com > System Settings > Features and Plugins.

I'm aware I need to remove the feature from each Virtual Server, however I have not found how to do this yet.

Happy to have you take a look if you like.

Problem is the server died and no restore's worked, so it's a fresh build and did work, but this BIND DNS error came up?

Sun, 07/21/2013 - 03:03
Locutus

Do you have this issue with all your domains? Well, you can use the command line API to turn off and on the BIND feature on all your domains like so:

virtualmin disable-feature --dns --all-domains virtualmin enable-feature --dns --all-domains

This should recreate all zones for your domains. If you still have missing A records then, let me know. I'd need to take a look at your templates and config then myself, for which I'd need root access to your Virtualmin and SSH shell.

Wed, 11/27/2013 - 03:14 (Reply to #4)
JohnWolgamot

This Worked! Thanks! Man oh man what a relief. That was a scary issue to wake up to.

After migrating to a new server, I was tinkering with DNS to try to get all the errors out using http://www.intodns.com/chyprioustech.com http://www.intodns.com/theraggedfence.com http://www.intodns.com/ginnymyrtprimitives.com

chyprioustech.com being the main server

Somewhere along the line I must have done somthing wrong

I used webmin to backup the Bind and Apache configs and ran your suggested commands and PRESTO it was Fixed.

Thank you Mr. Deity.

Stopping named: [ OK ] Starting named: Error in named configuration: zone localhost.localdomain/IN: loaded serial 0 zone localhost/IN: loaded serial 0 zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0 zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0 zone 0.in-addr.arpa/IN: loaded serial 0 zone *******.com/IN: loaded serial 1385210172 zone *******.com/IN: loaded serial 1385210283 zone *******.com/IN: loaded serial 1385210433 zone *******.com/IN: loaded serial 1385210490

And so on.....

[FAILED]

Sun, 07/21/2013 - 06:37
eiger3970

Thanks, that worked. Websites still not showing so tried Virtualmin > System Settings > Re-Check Configuration and needed to add 127.0.0.1. This let Re-Check complete the check with no errors. However, still no websites. Not sure if this is a problem, but the Webmin > Others > File Manager > home > mydomain > public_html > index.html > Preview shows error: index.html is not in a supported format. If I double click on index.html it shows the webpage. Still no WAN access.

Sun, 07/21/2013 - 08:23
Locutus

Sorry, I can't follow you there... "no websites" how? What's the problem exactly? And what do you mean with "no WAN access"?

Sun, 07/21/2013 - 17:53
eiger3970

Hmm, I'm having trouble finding what the error is, so the typical troubleshooting I do shows the following:

dig www.mydomain.com

; <<>> DiG 9.9.2-P1 <<>> www.mydomain.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26233 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1280 ;; QUESTION SECTION: ;www.mydomain.com. IN A

;; Query time: 29 msec ;; SERVER: 127.0.1.1#53(127.0.1.1) ;; WHEN: Mon Jul 22 08:20:44 2013 ;; MSG SIZE rcvd: 48

isup.me says www.mydomain.com is down.

Sun, 07/21/2013 - 20:29
andreychek

Where did you run that "dig" command?

Was that run on your Virtualmin server? Another server on the LAN? Or a server somewhere out on the Internet?

-Eric

Sun, 07/21/2013 - 22:17 (Reply to #9)
eiger3970

Thanks for the reply. I ran the dig command on a local computer. I have now SSHed into the Virtualmin server and the results are below. Note the SERVER result's IP address is the router (router is port forwarded to Virtualmin server for ports 53, 80 and 10000).

dig www.mydomain.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.4 <<>> www.mydomain.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46923 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION: ;www.mydomain.com. IN A

;; Query time: 30 msec ;; SERVER: 192.168.1.180#53(192.168.1.180) ;; WHEN: Mon Jul 22 13:07:35 2013 ;; MSG SIZE rcvd: 37

Mon, 07/22/2013 - 00:59
Locutus

This almost looks like your recreated zones are empty or you're digging the wrong domain... I guess it's time to take a look at the system myself, everything else is too much guessing. :) If you'd like that, let me know your contact details on an instant messenger of yyour choice.

Mon, 07/22/2013 - 06:53
eiger3970

Thanks for the reply. My pseudonym on Skype is: Virtualmin Fix.

Tue, 07/23/2013 - 16:41
eiger3970

I think maybe the IP addresses are causing the website not to show, but not sure? Webmin > Network Configuration > Network Interfaces > eth0:1 > IPv4 address > Static configuration > IPv4 address: 192.168.1.064 > Netmask: 255.255.255.0 > Broadcast: 192.168.1.255.

Wed, 07/24/2013 - 00:34
Locutus

I sent you a Skype message and am waiting for confirmation.

Wed, 07/24/2013 - 04:49
eiger3970

Thanks for the reply. I just opened up Skype and no message unfortunately? My Skype username says Virtualmin Fix, on the top left of Skype.

Wed, 07/24/2013 - 08:43
Locutus

Hm, Skype seems to have some trouble at the moment. It ignored my user add and right now I can't even sign in.

Are you using any other instant messenger?

Thu, 07/25/2013 - 00:50 (Reply to #16)
eiger3970

Hi, how about Yahoo messenger? My handle there is fixing_things.

Thu, 07/25/2013 - 03:14
Locutus

Sorry, I'm not using Yahoo anymore, since only one or two people during my 10+ years of instant messenging used it, and all of those are using other services too. :)

I can offer Trillian Astra, ICQ, AIM, Skype (doesn't seem to work with you), and Jabber (preferred).

Thu, 07/25/2013 - 08:34
eiger3970

Hi, okay, I set up Pidgin (I think it's Jabber based). My nickname is fixingstuff.

Thu, 07/25/2013 - 08:39
Locutus

For Jabber, I need a full JID in the form username@domain.tld.

Thu, 07/25/2013 - 19:57
eiger3970

Okay, I've set up fixingbrokenstuff@jabber.co.nz. Hope this works?

Fri, 07/26/2013 - 03:15
Locutus

Okay, that's good! I sent you an auth request and message.

Fri, 07/26/2013 - 08:29
eiger3970

I'm on but don't see your auth request and message? I'm in Pidgin/Buddy List/&bitlbee and see fixingbrokenstuff and root in the right column. In the chat field, I type: help command register /OPER but the output says Unknown command.

Fri, 07/26/2013 - 10:34
Locutus

Uuhm... Root? Chat field? "/OPER"? This sounds more like IRC commands to me. Jabber does not have such commands. Anyway, I don't see you online. Are you sure you know what you're doing there? ;)

Sat, 07/27/2013 - 01:39
eiger3970

Okay, I've check Pidgin and there's no option for jabber, only AIM, Bonjour, Facebook, Facebook (XMPP), Gadu-Gadu, Google Talk, GroupWise, ICQ, IRC, MSN, MXit, MySpaceIM, SIMPLE, Sampletime, XMPP, Yahoo, Yahoo JAPAN and Zephyr.

I have found some Jabber downloads, however most are .exe files for Windows. I would have thought I could set up Jabber via Pidgin, however the settings or set up aren't clear.

https://register.jabber.org/ Jabber registration is temporarily disabled.

I have tried setting up an ICQ account under the username fixingbrokenstuff@gmail.com.

Sat, 07/27/2013 - 03:09
Locutus

Jabber = XMPP.

XMPP is the low-level protocol, Jabber is the chat service that's based on XMPP. You can use any public XMPP service out there. If you manage to set one up, feel free to contact me under "frank@tianet.de".

ICQ does NOT use usernames in the "user@domain.tld" form. You get NUMBERS as IDs there. Mine is 15325926. If you manage to get ICQ running, feel free to contact me there.

Sat, 07/27/2013 - 06:36
eiger3970

Hi, I think I have Pidgin's jabber and ICQ working now. Just send message but says your jabber not online. I guess you'll see a message from me in ICQ?

Sat, 07/27/2013 - 10:43
Locutus

No, I'm not receiving anything from you. Sorry... can't help you like this. (My XMPP is nearly always online. But you can't see me unless you send me an authorization request.)

Fri, 08/02/2013 - 23:21
eiger3970

Hi, I have tried with ICQ and jabber, which seems to register via Pidgin, however I think our time differences miss each other. Did you receive any instant message at all?

Fri, 08/02/2013 - 23:39
eiger3970

Here's some of the latest results whilst trying to access my website. I ran the dig command from the virtualmin server: [root@centos ~]# dig www.mydomain.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.5 <<>> www.mydomain.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62525 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION: ;www.mydomain.com. IN A

;; Query time: 51 msec ;; SERVER: 192.168.1.180#53(192.168.1.180) ;; WHEN: Sat Aug 3 14:27:27 2013 ;; MSG SIZE rcvd: 38

Sat, 08/03/2013 - 00:06
eiger3970

Okay, changed the Webmin > Networking > Network Interfaces > Name: eth02 > IPv4 address, from 192.168.1.043 to 192.168.1.163. Terminal > ssh virtualmin@192.168.1.163 > dig www.mydomain.com, gives the following results now: [root@centos ~]# dig www.mydomain.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.5 <<>> www.mydomain.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55415 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; QUESTION SECTION: ;www.mydomain.com. IN A

;; ANSWER SECTION: www.mydomain.com. 38400 IN A 192.168.1.35

;; AUTHORITY SECTION: mydomain.com. 38400 IN NS localhost.localdomain.

;; ADDITIONAL SECTION: localhost.localdomain. 86400 IN A 127.0.0.1 localhost.localdomain. 86400 IN AAAA ::1

;; Query time: 1 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Sat Aug 3 14:57:59 2013 ;; MSG SIZE rcvd: 133

Sat, 08/03/2013 - 00:25
Locutus

I certainly can't follow those tests you did there with all the different IP addresses in you LAN or say what might be wrong.

You can't "miss each other" with jabber or icq. For one, my tablet is always online here, and if it wasn't, the jabber server would store and forward offline messages. Still I'm not receiving anything from you. You need to send an xmpp auth request to frank@tianet.de.

Sat, 08/03/2013 - 21:15
eiger3970

Okay, I think I've set up a new Pidgin account fixingbrokenstuff@jabber.ch. Hopefully you received an instant message? The fixingbrokenstuff@jabber.co.nz gives an error message: SSL Certificate Error Unable to validate certificate The certificate for jabber.co.nz could not be validated. The certificate chain presented is invalid.

Funny, as the fixingbrokenstuff@jabber.ch set up smoothly via Pidgin?

Sun, 08/04/2013 - 01:08
Locutus

Yes, i got your auth requests now. I'll ping you later after breakfast and stuff.

Mon, 08/12/2013 - 11:02
Locutus

Okay, I think I fixed most of your DNS issues. At least IntoDNS isn't complaining anymore, and tracing your hostnames from the outside works.

The main issue was that you're operating your server behind a NAT with private IP addresses, and are trying to have Virtualmin host and manage the zone in which the main nameserver hostnames for your domains are going to be. That's a slightly "icky" constellation and required some specific setup of the template and main configuration.

It's best practice to have an administrative domain for your hosts that's outside the scope of domains managed by Virtualmin.

Sat, 09/07/2013 - 05:37 (Reply to #35)
eiger3970

Okay, the DNS actually runs now. However www.intodns.com shows the errors: Missing nameservers reported by parent
FAIL: The following nameservers are listed at your nameservers as nameservers for your domain, but are not listed at the parent nameservers (see RFC2181 5.4.1). You need to make sure that these nameservers are working.If they are not working ok, you may have problems! localhost.localdomain

Missing nameservers reported by your nameservers ERROR: One or more of the nameservers listed at the parent servers are not listed as NS records at your nameservers. The problem NS records are: ns2.domain.org.au ns1.domain.org.au This is listed as an ERROR because there are some cases where nasty problems can occur (if the TTLs vary from the NS records at the root servers and the NS records point to your own domain, for example).

I have set the nameservers with WAN IPs after much help from the IRC, so not sure how these errors still occur?

I checked the glue records are already set up with the domain registrar. Nameservers and A records are set up from the previous chat to point to the WAN IP. host domain.com ns1.domain.com couldn't get address, but everything else works, so trying to figure this possible last error out.

Sun, 09/08/2013 - 07:21 (Reply to #36)
Locutus

Well, from my end, the offer I made on IRC and this forum multiple times is still valid, that's all I can do for you at this point.

Sat, 09/14/2013 - 23:03 (Reply to #37)
eiger3970

So this issue if fixed. The default IP address Virtualmin sets for the A records was the LAN, which needed to be the WAN IP.