Hosting own domain - newb questions.
Frank Hamersley
terabite at bigpond.com
Thu Aug 24 02:12:35 UTC 2006
> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On
> Behalf Of Kevin Darcy
> Sent: Thursday, 24 August 2006 9:58 AM
> Subject: Re: Hosting own domain - newb questions.
>
> >> -----Original Message-----
> >> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On
> >> Behalf Of Chris Buxton
> >> Sent: Tuesday, 22 August 2006 3:01 AM
> >> Subject: Re: Hosting own domain - newb questions.
[..]
> >>> Can someone in a broad brush explain how a NS can become
> >>> authorative for
> >>> itself? I presume this is down to the "glue" but am left wondering
> >>> just how
> >>> the discovery process goes from the root servers to the delegation
> >>> point
> >>> (which I presume is my SIP).
> >>>
> >>> If needed I can post /etc/bind/* here.
> >>>
> >>> Regards, Frank.
> >>>
> I can query the name ns.gvmp.com.au successfully over the Internet.
Thanks for the hints Kevin,
The "glue" was oh so slight _wrong_!!! Doh! - fixed now tks to Chris' eagle
eyes!
> The
> fact that you have the gvmp.com.au apex NS records and associated glue
> set to a 5-minute TTL,
Yup - will be stretching it out when changes have settled down.
> and that the only other delegated nameserver for
> the domain (ns1.westnet.com.au) is lame for it, means that there is
> going to be a lot of glue-fetching, retries, etc.
Zone tfr not happening. What stimulates that? Is it a push from my NS or a
pull from the secondary? What should I see in the logs and does it use the
regulation tcp/udp ports?
> and folks with
> marginal DNS connectivity, may not be able to resolve the domain at all.
Not _yet_ of interest to the public fortunately.
> This is a good illustration of why the Internet Standards dictate that
> DNS domains be delegated to at least 2 nameservers, of course with the
> assumption that both nameservers actually _work_. Why don't you try
> fixing whatever is wrong with your master/slave replication (firewall
> rules, allow-transfer ACLs or whatever)?
That is the next work ticket. Have some reading to do first on how to cure.
Startup log follows...
Aug 24 00:53:36 gvmp named[9071]: /etc/bind/db.gvmp.com.au:39: ignoring
out-of-zone data (5.129.173.202.in-addr.arpa)
Aug 24 00:53:36 gvmp named[9071]: /etc/bind/db.gvmp.com.au:43: ignoring
out-of-zone data (1.0.0.127.in-addr.arpa)
Aug 24 00:53:36 gvmp named[9071]: zone gvmp.com.au/IN: loaded serial
2006082405
Aug 24 00:53:36 gvmp named[9071]: zone gvmp.com.au/IN: sending notifies
(serial 2006082405)
How do I get more info on the send?
> Then see if your resolution
> problems still persist even after you have 2 authoritative nameservers
> fully functional for the zone.
The other question is the PTR record. The ISP insists of maintaining it as
we are only a small customer. I presume they have got it right (not sure
where to check) but wanted to know if I also have to re-express it in the
authorative zone. As logged above named is arcing up about these at the
moment!
; Reverse lookups
$ORIGIN 129.173.202.in-addr.arpa.
5 IN PTR gvmp.com.au.
; pointer record for internet requests
;
$ORIGIN 0.0.127.in-addr.arpa.
1 IN PTR gvmp.com.au.
; ; pointer record to the localhost
For the last one I wasn't sure if it should be the zone or localhost!?!
Cheers Frank.
More information about the bind-users
mailing list