SWEET – I got port knocking working, check it out.
I recently updated one of my servers to Fedora Core 2, and one of its jobs is to provide DNS slave service. I could not for the life of me figure out why I was getting the following message when sending zone notifies:
Oct 11 17:11:44 saturn named: received notify for zone 'guyton.net': not authoritative
The main problem was that I didn’t follow convention with ns records, so I fixed them up. Still nothing fixed, but I got things in better shape, theoretically.
It turns out that Fedora’s named runs chrooted to
/var/named, even though there is an
/etc/named.conf file. That’s misleading – you really need to edit the
/var/named/chroot/etc/named.conf file. That in itself didn’t fix things, however:
Oct 11 21:45:47 saturn named: transfer of 'guyton.net/IN' from 10.1.1.14#53: failed while receiving responses: permission denied Oct 11 21:45:47 saturn named: transfer of 'guyton.net/IN' from 10.1.1.14#53: end of transfer
I had to
chgrp named /var/named/chroot/var/named; chmod g+w ... so that the replicated zones could be written as the
Problem solved, but it took some tinkering. I found a couple of other items that were improved upon in the process, so it was not a bad thing. I also softlinked
/var/named/chroot/etc/named.conf so that it would remain obvious.
Wow, Linux installations have come a long way in the past few years. I won’t dredge up the past, but the present certainly needs mentioning:
- I downloaded Fedora Core 2 ISO images
- I mounted them as loopback devices and dumped the contents all to one directory
- I set up that directory for NFS export
- I burned disc one for initial boot
- I booted the new server with the CD with this command:
linux vnc askmethod
This did nothing at first, but eventually asked me the type of install I wanted – NFS to the server I had already set up.
- Then the cool part – it started a VNC server on port 5901 for the gui choices.
- I went downstairs to my laptop in front of the TV, grabbed an alcoholic beverege, and proceded to choose packages on my remote (wireless) network display.
- Currently as I type, my remote display is telling me that the new server is pulling install files off the older server and installing Linux.
That’s so cool! I view my display over the network to the new server, which is pulling packages over the network from the NFS server.
For what it’s worth, it’s not a big box – just a 450 MHz P-II with 256 MB RAM. But it’s got two new 80 GB drives mirrored – nice again – the Linux install was able to do software RAID and LVM on everything.
I love being a geek.