The Linux Page
Home

Reading a binary zone file from Bind

Submitted by on Thu, 09/05/2019 - 14:20

Binary code to Zones

Today I needed to check a zone file to see why the IP address was wrong on one of my servers.

Sure enough, the IP was the old one (We switch servers about 9 months ago). Although once in a while I would get the right IP, the second name server still had the old IP. I thought the cache would be renewed more often than that, but I guess this is well optimized!

The error I made is not change the time info which means that the second name server never saw the change. This is just a domain name I redirect so I never noticed the problem before.

To check the cached file, though, I needed a way to look at that binary .zone file and that's where I had to use the zone compiler (which also decompiles).

The command goes like this:

named-compilezone \
    -f raw \
    -F text \
    -o snap.website.txt \
    snap.website \
    /var/cache/bind/snap.website.zone

So the command is "named-compilezone"

The -f and -F defines the input and output formats. Here we see "raw" (the binary file format) and "text" so we can read the info as normal humans.

The -o specifies the output filename. Note that this is a mandatory command line option. You can't just send the output to stdout, although you can use the dash to output the text data to stdout as in: "-o -".

The "snap.website" is the name of the concerned domain. This parameter is also mandatory. Since you're expected to name you zone files after your domain name, it should be fine, right?

Then the /var/cache/bind/snap.website.zone is the filename of the cached zone. You define the location in your named.conf files. It will depend on how you define those configurations, so I can't tell you for sure where it will end up, although it should always be under /var/cache/bind/* when running Ubuntu.

As a result, I could see that I did not update the serial number.

The text file will include a line like this, no parenthesis like in the usual zone, but the same information. Here we see the number 1409181942 which is the serial number.

snap.website. 86400 IN SOA ns1.m2osw.com. webmaster.m2osw.com. 1409181942 10800 180 1209600 300

That serial number was the exact same in the master zone which means I did forget to update (increase) that serial number in the master. Went back to the other server, edited that file, reloaded bind9 with:

sudo systemctl reload bind9

and now the two servers return the correct IP address.

If you have any problem with Bind9, feel free to post a comment below and ask a question about it.