Adding a new zone
Jacob Laack
JLaack at alegent.org
Fri Sep 16 19:51:38 UTC 2005
I thought maybe it was because the requests were forwarded so I added a =
"forwarders {};" to the named.conf file but it still doesn't work. Here =
is me asking my master dns server where these hostnames (www.myalegent.org =
& myalegent.org) point to followed by www.myalegent.com:
dns1{root}/usr/local/named# dig @dns1 www.myalegent.org=20
; <<>> DiG 9.2.3 <<>> @dns1 www.myalegent.org=20
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 23320
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.myalegent.org. IN A
;; Query time: 5 msec
;; SERVER: 160.xx.xx.xx#53(dns1)
;; WHEN: Fri Sep 16 14:48:04 2005
;; MSG SIZE rcvd: 35
dns1{root}/usr/local/named# dig @dns1 myalegent.org
; <<>> DiG 9.2.3 <<>> @dns1 myalegent.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 44593
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;myalegent.org. IN A
;; Query time: 5 msec
;; SERVER: 160.xx.xx.xx#53(dns1)
;; WHEN: Fri Sep 16 14:48:09 2005
;; MSG SIZE rcvd: 31
dns1{root}/usr/local/named# dig @dns1 www.myalegent.com=20
; <<>> DiG 9.2.3 <<>> @dns1 www.myalegent.com=20
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25768
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3
;; QUESTION SECTION:
;www.myalegent.com. IN A
;; ANSWER SECTION:
www.myalegent.com. 86400 IN A 160.xx.xx.xx
;; AUTHORITY SECTION:
myalegent.com. 86400 IN NS dns2.myalegent.com.
myalegent.com. 86400 IN NS littlewill.teamalegent.com.=
myalegent.com. 86400 IN NS dns1.myalegent.com.
;; ADDITIONAL SECTION:
dns1.myalegent.com. 86400 IN A 160.xx.xx.xx
dns2.myalegent.com. 86400 IN A 160.xx.xx.xx
littlewill.teamalegent.com. 86400 IN A 160.xx.xx.xx
;; Query time: 6 msec
;; SERVER: 160.xx.xx.xx#53(dns1)
;; WHEN: Fri Sep 16 14:49:59 2005
;; MSG SIZE rcvd: 174
-Jake
Jake Laack
Alegent Health, OSE
402-717-1146
>>> Kevin Darcy <kcd at daimlerchrysler.com> 9/16/2005 2:37:41 PM >>>
Offhand that looks fine. Were there any errors in your log when named=20
tried to load the zone? What is the exact error you're getting when you=20
query myalegent.org (it might help if you use a real lookup tool like=20
dig instead of nslookup)? Is it NXDOMAIN or SERVFAIL or something else?=20
Are you sure you're querying one of the nameservers defined as master=20
for the zone?
- Kevin
Jacob Laack wrote:
>My company's users found out that the .org version of our intranet site =
=3D
>has been bought and is pointing to some nasty website. We already own =
and =3D
>use the .com domain for our intranet portal. I would like to create a =
new =3D
>zone for the .org domain on our internal dns servers to point to the .com =
=3D
>domain. This way we can prevent them from going to the nasty site.
>
>I've inherited this DNS system (currently running BIND 9.2.3 on two aix =
=3D
>servers) and haven't had to add a new zone before. I duplicated the zone =
=3D
>entry in named.conf, copied the db.myalegent.com file to db.myalegent.org,=
=3D
>deleted all the entries, edited all the .com's to .org's, and ran "rdnc =
=3D
>reload". Unfortunately, nslookup myalegent.org doesn't work. What am I =
=3D
>doing incorrectly? The new db.myalegent.org is here:
>
>$ORIGIN .
>$TTL 86400 ; 1 day
>myalegent.org IN SOA DNS1.myalegent.org. jlaack.alegent.org. (
> 651 ; serial
> 10800 ; refresh (3 hours)
> 3600 ; retry (1 hour)
> 604800 ; expire (1 week)
> 86400 ; minimum (1 day)
> )
> NS dns1.myalegent.org.
> NS dns2.myalegent.org.
> NS littlewill.teamalegent.com.
> A 160.xx.xx.xx
>$ORIGIN myalegent.org.
>dns1 A 160.xx.xx.xx
>dns2 A 160.xx.xx.xx
>www A 160.xx.xx.xx
>
>The relevant section of named.conf is here:
>
>zone "myalegent.org" {
> type master;
> file "db.myalegent.org";
>
> allow-update {
> key dns1-dns1 ;
> key dns1-dns2 ;
> key dnsuser-key ;
> };
>
> allow-transfer {
> 160.xx.xx.xx;
> 160.xx.xx.xx;
> };
>};
>
>
>Thanks.
>
>
>
>
>
>
> =20
>
More information about the bind-users
mailing list