Fw: nsupdate problem
Rakesh-Home
rshah at rupalifinechem.com
Tue Apr 9 22:12:02 UTC 2002
Kevin,
Yes it gives the correct info when I lookup for SOA record and also zone
loaded without any errors, I checked the logs to verify that too.
All other resolution also works fine .
One more input this server is behind the Pix firewall can we have open
53/tcp/udp both in and out.
Any thing else need's to be done
Thank you.
----- Original Message -----
From: "Kevin Darcy" <kcd at daimlerchrysler.com>
To: <bind-users at isc.org>
Sent: Tuesday, April 09, 2002 2:02 PM
Subject: Re: Fw: nsupdate problem
>
> What happens if you do an SOA query of rupalifinechem.com against the
> 10.20.10.10 nameserver? Does it give reasonable information? If not, then
> apparently the rupalifinechem.com zone is not loading properly. Look in
your
> logs to determine what the problem is.
>
>
> - Kevin
>
> Rakesh-Shah wrote:
>
> > Sorry to post this question again, but if any one can help me would be
> > great, since this seems to be a urgent issue.
> >
> > Thank you
> > Rakesh Shah
> > ----- Original Message -----
> > From: "Rakesh-Shah" <rshah at rupalifinechem.com>
> > To: <bind-users at isc.org>; <bind9-users at isc.org>
> > Sent: Monday, April 08, 2002 9:12 PM
> > Subject: nsupdate problem
> >
> > > Hello
> > >
> > > I am having some problem with the nsupdate, for some reason nsupdate
does
> > not do the proper updates to the zones
> > >
> > > My named.conf looks like this :
> > > logging {
> > > channel my_syslog {
> > > syslog local0;
> > > severity info;
> > > };
> > > channel stat_file {
> > > file "/var/log/stats.log" versions 3 size 1k;
> > > };
> > > channel my_file {
> > > file "/var/log/named.log" versions 3 size 10m;
> > > severity dynamic;
> > > print-category yes;
> > > print-severity yes;
> > > print-time yes;
> > > };
> > >
> > > category default { my_syslog; };
> > > category load { my_syslog; };
> > > category update { my_syslog; };
> > > category xfer-in { my_syslog; };
> > > category xfer-out { my_syslog; };
> > > category panic { my_syslog; };
> > > category statistics { my_file; stat_file; };
> > > category packet { my_file; };
> > > category eventlib { my_file; };
> > > category queries { my_file; };
> > > };
> > > options {
> > > directory "/var/named";
> > > transfer-format one-answer;
> > > max-transfer-time-in 60; // one hour for zone
transfering
> > > coresize 0;
> > > pid-file "/var/named/named.pid";
> > > statistics-file "/var/log/named.stats";
> > > interface-interval 10;
> > > statistics-interval 1;
> > > cleaning-interval 60;
> > > allow-transfer { allow-list; };
> > >
> > >
> > >
> > > zone "." {
> > > type hint;
> > > file "master/db.cache";
> > > };
> > >
> > > zone "0.0.127.in-addr.arpa" {
> > > type master;
> > > file "master/db.127.0.0";
> > > };
> > >
> > >
> > >
> > > zone "rupalifinechem.com" {
> > > type master;
> > > file "master/db.rupalifinechem.com";
> > > allow-query { any; };
> > > allow-update { 10.20.10.10; };
> > > };
> > >
> > > Here 10.20.10.10 is the internal ip of this server,
> > >
> > > Every thing works fine if I manually update the
db.rupalifinechem.com
> > and reload the named.
> > >
> > > Also I do not see any thing in the logs that relates to nsupdate.
> > >
> > > I checked my syslog.named which i a seperate syslog file for named,
> > checked named.log and stats.log according to my conf file above
> > >
> > > when I give nsupdate
> > >
> > > >update add www.rupalifinechem.com. 1800 in a a 10.10.10.X
> > > >
> > > $
> > >
> > > It returns back to the prompt without any errors and nothing in the
logs,
> > I also tried giving allow-update ( any; }; for test but no luck with
> > logging or dynamic updates, I have turned the debug on as well
> > >
> > >
> > > Can you tell what am I missing here .....
> > >
> > > I tried using nsupdate -d and it looks like it is trying to go to
the
> > root servers to get the Ip address of the zone rupalifinechem.com and it
> > times out. any help is appreciated.
> > >
> > > ; res_findzonecut: START dname='www.rupalifinechem.com.' class=IN,
zsize=1025,
> > naddr
> > > s=3
> > > ;; res_findzonecut: get the soa, and see if it has enough glue
> > > ;; res_nmkquery(QUERY, www.foobar.com., IN, SOA)
> > > ;; res_send()
> > > ;; ->>HEADER<<- epode: QUERY, status: NOERROR, id: 45822
> > > ;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> > > ;; QUERY SECTION:
> > > ;; www.rupalinechem.com, type = SOA, class = IN
> > >
> > > ;; Querying server (# 1) address = 10.20.10.10
> > > ;; got answer:
> > > ;; ->>HEADER<<- epode: QUERY, status: NXDOMAIN, id: 45822
> > > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL:
0
> > > ;; QUERY SECTION:
> > > ;; www.rupalifinechem.com, type = SOA, class = IN
> > >
> > > ;; AUTHORITY SECTION:
> > > com. 1D IN SOA A.GTLD-SERVERS.NET.
> > NSTLD.VERISIGN-GRS.c
> > > om. (
> > > 2002040800 ; serial
> > > 30M ; refresh
> > > 15M ; retry
> > > 1W ; expiry
> > > 1D ) ; minimum
> > >
> > >
> > > ;; res_findzonecut: get the ns rrset and see if it has enough glue
> > > ;; res_nmkquery(QUERY, com, IN, NS)
> > > ;; res_send()
> > > ;; ->>HEADER<<- epode: QUERY, status: NOERROR, id: 45823
> > > ;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> > > ;; QUERY SECTION:
> > > ;; com, type = NS, class = IN
> > >
> > > ;; Querying server (# 1) address = 10.20.10.10
> > > ;; got answer:
> > > ;; ->>HEADER<<- epode: QUERY, status: NOERROR, id: 45823
> > > ;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13
> > > ;; QUERY SECTION:
> > > ;; com, type = NS, class = IN
> > >
> > > ;; ANSWER SECTION:
> > > com. 21h19m52s IN NS K.GTLD-SERVERS.NET.
> > > com. 21h19m52s IN NS E.GTLD-SERVERS.NET.
> > > com. 21h19m52s IN NS M.GTLD-SERVERS.NET.
> > > com. 21h19m52s IN NS A.GTLD-SERVERS.NET.
> > > com. 21h19m52s IN NS G.GTLD-SERVERS.NET.
> > > com. 21h19m52s IN NS H.GTLD-SERVERS.NET.
> > > com. 21h19m52s IN NS C.GTLD-SERVERS.NET.
> > > com. 21h19m52s IN NS I.GTLD-SERVERS.NET.
> > > com. 21h19m52s IN NS B.GTLD-SERVERS.NET.
> > > com. 21h19m52s IN NS D.GTLD-SERVERS.NET.
> > > com. 21h19m52s IN NS L.GTLD-SERVERS.NET.
> > > com. 21h19m52s IN NS F.GTLD-SERVERS.NET.
> > > com. 21h19m52s IN NS J.GTLD-SERVERS.NET.
> > >
> > > ;; ADDITIONAL SECTION:
> > > K.GTLD-SERVERS.NET. 1d20h17m4s IN A 213.177.194.5
> > > E.GTLD-SERVERS.NET. 1d19h6m18s IN A 192.12.94.30
> > > M.GTLD-SERVERS.NET. 1d20h17m4s IN A 192.55.83.30
> > > A.GTLD-SERVERS.NET. 3d16h41m18s IN A 192.5.6.30
> > > G.GTLD-SERVERS.NET. 1d20h17m4s IN A 192.42.93.30
> > > H.GTLD-SERVERS.NET. 5d17h52m10s IN A 192.54.112.30
> > > C.GTLD-SERVERS.NET. 1d20h17m4s IN A 192.26.92.30
> > > I.GTLD-SERVERS.NET. 1d20h17m4s IN A 192.43.172.30
> > > B.GTLD-SERVERS.NET. 1d20h17m4s IN A 192.33.14.30
> > > D.GTLD-SERVERS.NET. 1d20h17m4s IN A 192.31.80.30
> > > L.GTLD-SERVERS.NET. 1d20h17m4s IN A 192.41.162.30
> > > F.GTLD-SERVERS.NET. 1d20h17m4s IN A 192.35.51.30
> > > J.GTLD-SERVERS.NET. 1d20h17m4s IN A 210.132.100.101
> > >
> > > ;; res_findzonecut: get the missing glue and see if it's finally
enough
> > > ;; res_findzonecut: add_addrs: 1
> > > ;; res_findzonecut: add_addrs: 1
> > > ;; res_findzonecut: add_addrs: 1
> > > ;; res_findzonecut: satisfy(A.GTLD-SERVERS.NET): 3
> > > ;; res_findzonecut: FINISH n=3 (OK)
> > > ;; res_nupdate: res_mkupdate -> 51
> > > ;; res_send()
> > > ;; ->>HEADER<<- epode: UPDATE, status: NOERROR, id: 45824
> > > ;; flags:; ZONE: 1, PREREQUISITE: 0, UPDATE: 1, ADDITIONAL: 0
> > > ;; com, type = SOA, class = IN
> > > www.rupalifinechem.com. 30M IN A 10.20.10.10
> > > ;; Querying server (# 1) address = 192.5.6.30
> > > ;; timeout
> > > ;; Querying server (# 2) address = 213.177.194.5
> > > ;; new DG socket
> > > ;; timeout
> > > ;; Querying server (# 3) address = 192.12.94.30
> > > ;; timeout
> > > ;; Querying server (# 1) address = 192.5.6.30
> > > ;; new DG socket
> > > ;; timeout
> > > ;; Querying server (# 2) address = 213.177.194.5
> > > ;; timeout
> > > ;; Querying server (# 3) address = 192.12.94.30
> > > ;; timeout
> > > ;; Querying server (# 1) address = 192.5.6.30
> > > ;; timeout
> > > ;; Querying server (# 2) address = 213.177.194.5
> > > ^C
> > >
> > > All the resolution works fine.
> > >
> > >
> > >
> > >
> > > I have Bind 8.2.3 on Solaris 8, I know that I need to upgrade soon to
bind
> > 9 but first I need to resolve this.
> > >
> > >
> > >
> > > Rakesh Shah
> > >
> > >
> > >
>
More information about the bind-users
mailing list