Stuck at conf redefined options

Here you can discuss every aspect of Debian. Note: not for support requests!

Stuck at conf redefined options

Postby corsairetc » 2017-01-19 10:21

Hello, I cant figure out what wrong with bind named.conf file.
If I start named-checkconf named conf I get this error.
Code: Select all
named.conf:22: 'options' redefined near 'options'

I cant figure out where ś could be the problem with systax.
Here I attach named.conf file
Code: Select all
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local

acl internals { 127.0.0.0/8; 192.168.0.0/24; 172.100.200.0/29; 192.168.44.0/24; 192.168.3.0/26; };

include "/etc/bind/named.conf.options";

acl "trusted" {
     192.168.0.0/24;
     172.100.200.0/29;
     192.168.44.0/24;
     192.168.3.0/26
     ;localhost;
     localnets;
 };

options {
     allow-query { any; };
     allow-recursion { trusted; };
     allow-query-cache { trusted; };
 };

include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";

Thank you for any help.
corsairetc
 
Posts: 69
Joined: 2014-11-14 05:30

Re: Stuck at conf redefined options

Postby cfb » 2017-01-19 10:25

My guess is that you have options defined in:
Code: Select all
include "/etc/bind/named.conf.options";
cfb
 
Posts: 20
Joined: 2017-01-08 16:39

Re: Stuck at conf redefined options

Postby corsairetc » 2017-01-19 12:11

Found it, wrong configuration at named.conf should be this:
Code: Select all
include "/etc/bind/named.conf.options";

acl "trusted" {
     192.168.0.0/24;
     172.100.200.0/29;
     192.168.44.0/24;
     192.168.3.0/26
     ;localhost;
     localnets;
 };


and at named.conf.options should be this:
Code: Select all
options {
   directory "/var/cache/bind";

   // If there is a firewall between you and nameservers you want
   // to talk to, you may need to fix the firewall to allow multiple
   // ports to talk.  See http://www.kb.cert.org/vuls/id/800113

   // If your ISP provided one or more IP addresses for stable
   // nameservers, you probably want to use them as forwarders. 
   // Uncomment the following block, and insert the addresses replacing
   // the all-0's placeholder.
   
    forwarders {
       217.31.204.130;
      193.138.152.1;
      8.8.8.8;
    };

   //========================================================================
   // If BIND logs error messages about the root key being expired,
   // you will need to update your keys.  See https://www.isc.org/bind-keys
   //========================================================================

   dnssec-validation auto;

   auth-nxdomain no;    # conform to RFC1035
   listen-on-v6 { any; };
   
   // Accept requests for internal network only
        allow-query { any; };
   allow-recursion { trusted; };
   allow-query-cache { trusted; };   
   version none;

Now is it withou errors.
Hope this is right configuration.
corsairetc
 
Posts: 69
Joined: 2014-11-14 05:30


Return to General Discussion

Who is online

Users browsing this forum: No registered users and 3 guests

fashionable