bind bad owner name (check-names)

bind bad owner name (check-names)

도메인 이름(a_b.sangchul.kr)에 언더바가 들어가면 zone 파일 문법 체크하면 에러가 발생하고 named 데몬(서비스)도 시작이 안 되는 경우가 있습니다.

DNS 레코드 등록 작업

zone 파일 백업

cp /var/named/mocha.sangchul.kr.zone /var/backup/mocha.sangchul.kr.zone_$(date +"%Y%m%d-%H%M%S")

zone 파일 편집

• 시리얼 번호 증가
• A 레코드(a_b IN A 1.1.1.1) 추가

vim /var/named/mocha.sangchul.kr.zone

$TTL 60
@			IN	SOA	mocha.sangchul.kr. root (
					2023011602	; serial
						1D	; refresh
						1H	; retry
						1W	; expire
						3H )	; minimum
;
			IN	NS	ns.mocha.sangchul.kr.
			IN	NS	ns2.mocha.sangchul.kr.
ns                      IN      A       192.168.0.62
ns2                     IN      A       192.168.0.63
;
;
@			IN	A	192.168.0.61
www			IN	CNAME	@
a_b			IN	A	1.1.1.1

named.conf 및 zone file 구문 확인

named-checkconf -z

$ named-checkconf -z
zone localhost/IN: loaded serial 0
zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
mocha.sangchul.kr.zone:17: a_b.mocha.sangchul.kr: bad owner name (check-names)
zone mocha.sangchul.kr/IN: loading from master file mocha.sangchul.kr.zone failed: bad owner name (check-names)
zone mocha.sangchul.kr/IN: not loaded due to errors.
_default/mocha.sangchul.kr/IN: bad owner name (check-names)
zone 0.168.192.in-addr.arpa/IN: loaded serial 2023011602

zone 파일 구문 확인

named-checkzone mocha.sangchul.kr mocha.sangchul.kr.zone

$ named-checkzone mocha.sangchul.kr mocha.sangchul.kr.zone
mocha.sangchul.kr.zone:17: a_b.mocha.sangchul.kr: bad owner name (check-names)
zone mocha.sangchul.kr/IN: loaded serial 2023011602
OK

named 데몬 재기동

systemctl restart named

$ systemctl restart named
Job for named.service failed because the control process exited with error code. See "systemctl status named.service" and "journalctl -xe" for details.

named 프로세스 확인

ps -ef | grep -v grep | grep named

728x90

호스트 이름 체크(Host Name Checking)

** named 데몬(서비스)가 안 나옵니다.

이를 해결하기 위해 named.conf에 옵션을 추가합니다.

• check-names master ignore;
• check-names slave ignore;
• check-names response ignore;

vim /etc/named.conf

// named.conf
options {
        listen-on port 53 { any; };
        directory "/var/named";
...
        check-names master ignore;
        check-names slave ignore;
        check-names response ignore;
...
};

named.conf 및 zone file 구문 확인

named-checkconf -z

$ named-checkconf -z
zone localhost/IN: loaded serial 0
zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
zone mocha.sangchul.kr/IN: loaded serial 2023011602
zone 0.168.192.in-addr.arpa/IN: loaded serial 2023011602

zone 파일 구분 확인

named-checkzone mocha.sangchul.kr mocha.sangchul.kr.zone

$ named-checkzone mocha.sangchul.kr mocha.sangchul.kr.zone
mocha.sangchul.kr.zone:17: a_b.mocha.sangchul.kr: bad owner name (check-names)
zone mocha.sangchul.kr/IN: loaded serial 2023011602
OK

named 데몬 재기동

systemctl restart named

named 프로세스 확인

ps -ef | grep -v grep | grep named

$ ps -ef | grep -v grep | grep named
named     9643     1  0 00:22 ?        00:00:00 /usr/sbin/named -u named -c /etc/named.conf

a_b.mocha.sangchul.kr 쿼리 테스트

dig @127.0.0.1 a_b.mocha.sangchul.kr

$ dig @127.0.0.1 a_b.mocha.sangchul.kr

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.10 <<>> @127.0.0.1 a_b.mocha.sangchul.kr
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31348
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;a_b.mocha.sangchul.kr.		IN	A

;; ANSWER SECTION:
a_b.mocha.sangchul.kr.	60	IN	A	1.1.1.1

;; AUTHORITY SECTION:
mocha.sangchul.kr.	60	IN	NS	ns.mocha.sangchul.kr.
mocha.sangchul.kr.	60	IN	NS	ns2.mocha.sangchul.kr.

;; ADDITIONAL SECTION:
ns.mocha.sangchul.kr.	60	IN	A	192.168.0.62
ns2.mocha.sangchul.kr.	60	IN	A	192.168.0.63

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Jan 17 00:23:41 KST 2023
;; MSG SIZE  rcvd: 133

 

참고URL

- 4.5. Host Name Checking (BIND 4.9.4 and Later Versions) : https://docstore.mik.ua/orelly/networking_2ndEd/dns/ch04_05.htm