Error in named-checkzone: DNS zone error: has no address records (A or AAAA)

dns domain hostname bind domain-name

24,974

In a bind9 zone file, any fully qualified domain name (FQDN) needs to have the ending . character added to it.

Your references around line 11-12ish

; name servers - NS records
    IN  NS  dns1.xyz1.com
    IN  NS  dns2.xyz1.com

Don't have them.

Should be:

; name servers - NS records
    IN  NS  dns1.xyz1.com.
    IN  NS  dns2.xyz1.com.

Don't forget to increase your serial.

Also, don't forget that if you are doign this for real you need to have glue records set up otherwise one of your name servers must be outside of your domain (zone).

24,974

None

Updated on September 18, 2022

Comments

None over 1 year

I am configuring my private DNS server. I am following this tutorial. But when I reached the Check BIND Configuration Syntax step, I got some errors.

Here is the command output:

x@e-dns1:/etc/bind$ sudo named-checkzone xyz1.com forward.xyz1.com
zone xyz1.com/IN: NS 'dns1.xyz1.com.xyz1.com' has no address records (A or AAAA)
zone xyz1.com/IN: NS 'dns2.xyz1.com.xyz1.com' has no address records (A or AAAA)
zone xyz1.com/IN: not loaded due to errors.

The file: forward.xyz1.com contains the following:

$TTL    604800

@       IN      SOA     dns1.xyz1.com. admin.xyz1.com. (
                              3         ; Serial
                         604820         ; Refresh
                          86600         ; Retry
                        2419600         ; Expire
                         604600 )       ; Negative Cache TTL

; name servers - NS records
    IN  NS  dns1.xyz1.com
    IN  NS  dns2.xyz1.com

; name servers - A records
dns1.xyz1.com.          IN      A       192.168.56.3
dns2.xyz1.com.          IN      A       192.168.56.5

; 192.168.56.0/24 - A records
host1.xyz1.com.         IN      A       192.168.56.6
host2.xyz1.com.         IN      A       192.168.56.8

Can you please point the me what is wrong? I want to dns servers to be:

dns1.xyz1.com
dns2.xyz1.com

and the hosts:

host1.xyz1.com
host2.xyz1.com

Tyson about 6 years

DNS records are cached for the value of TTL. After a change is made local servers will use the cached record until TTL expires. (TTL, literally "Time To Live")

davidgo about 6 years

This answer is spot on - although I think the answer is way more generic and apply to most/all nameservers.
ivanivan about 6 years

@davidgo - if you mean the . at the end of a FQDN, possibly. Just I've never used any other DNS software other than bind9 so I didn't want to make a wrong statement...
davidgo about 6 years

Yup. Same is true for powerdns and puredns at least. The give-away part - as I'm sure you know - is that leaving the "." out means it should be interpreted relative to the zone - thus many domains could share 1 generic zone file.
None about 6 years

@ivanivan thanks. Based on the first comment to my post by Tyson, if I updated the file and its serial, do I need to do anything else to remove the old cache?
None about 6 years

@ivanivan This is for experimental set up but it should represent real setting as much as possible. I could not get what you mean by glue records set up can you elaborate more please. Sorry but this is my first DNS set up.
ivanivan about 6 years

@None - nope, as long as clients are querying that box you'll be fine. If they queried a box that then sent the query on to you, that other machine will store the cache until one of your TTLs is hit. When I teach my students about DNS we use a real (sub)domain and I explain about testing, and having wrong stuff cached until TTLs and suggest turning TTLs down to near minimal until the config works, then re-upping the TTLs.
ivanivan about 6 years

@None if this is for a fake domain on a LAN, you don't need glue records.
Thayne about 3 years

I have a "." at the end of my NS records and have glue records, but still get this error.