Weird DNS Problems
Stephen Carville
stephen at totalflood.com
Wed Dec 15 14:04:12 UTC 2004
yOn Wed, 15 Dec 2004, D McDonald wrote:
- Sorry if this is a repeat, I signed up with renski at freeshell.org, and then tried to send it out as renski at sdf
-
- Hi All,
-
- About a week ago we switched the DNS server of our domain saturncorp.com to ns.saturncorp.com. It's a redhat
- machine running bind 9.2.3. However it now seems that on some DNS servers are unable to resolve some addresses.
- For example on one isp www.saturncorp.com works fine (non-auth), but ftp.saturncorp.com doesnt work. It appears
- that some of these servers are running on cache alone, im not sure. This is only the second BIND server ive set
- up, and the first was a internal server. Below is my config file..
A couple of obvious problem
whois lists:
NS.SATURNCORP.COM 12.23.213.25
CMTU.MT.NS.ELS-GMS.ATT.NET 12.127.16.69
CBRU.BR.NS.ELS-GMS.ATT.NET 199.191.128.105
as your nameservers but your datafile only lists
12.23.213.25.saturncorp.com for which dig return NXDOMAIN
ns.saturncorp.com doesn't resolve at all.
Serial numbers don't match across nameservers
12.23.213.25 => 15
12.127.16.69 => 30
199.191.128.105 => 30
- // generated by named-bootconf.pl
- // edited by Darren on Sept 9th, 2004
- // added logging
- // changed security slightly
- // edited by Lee on 9/14/04
- // added fordwarding
- // editedby Darren on 1st of Dec, '04
- // added SOA tweaks
- // added localhost domain (Apprently this is 'required')
- // added PID file path
-
- // To begin with, define groups of IPs for reference later
- // perhaps as zone transfer peers or something
- // Trusted (for updates later on)
- acl trusted_ips {
- none;
- };
-
- acl users {
- any;
- };
-
-
- // Now define specific options for the DNS system
- options {
-
- /* forwarding */
- /* this is where you put the ISP's DNS systems ... best to use root servers */
- forwarders { 12.127.16.68; 12.127.17.72; };
-
- /*security*/
- /* this means anybody can query us */
- allow-query { users; };
-
- /* Don't reply to version queries, none of anybody's business */
- version "Not Currently Available";
-
- /*SOA*/
- /*Limits Caching, apprently required for a SOA server*/
- recursion no;
-
- /*PID file (Process ID file*/
- pid-file "/var/named/named.pid";
- };
-
- logging {
- channel default_syslog {
- /* this means create 20 log files that are 1MB in size before rolling over and updating */
- /* most current would then be /var/named/log/log, oldest would be /var/named/log/log.020 */
- file "/var/named/log/log" versions 20 size 1M;
- severity info;
- print-time yes;
- print-severity yes;
- print-category yes;
- };
- channel query_log {
- file "/var/named/log/qlog" versions 5 size 1M;
- severity info;
- print-time yes;
- print-severity yes;
- print-category yes;
- };
-
- category lame-servers {null;}; //might want to turn this on later
- category config {default_syslog;};
- category update {default_syslog;};
- category xfer-in {default_syslog;};
- category xfer-out {default_syslog;};
- category security {default_syslog;};
- category queries {query_log;};
- };
-
- // Zone Records
-
- zone "saturncorp.com" IN {
- type master;
- file "/var/named/saturncorp.com.zone";
- };
-
- // required localhost
- zone "localhost" IN {
- type master;
- file "/var/named/localhost.zone";
- allow-update{none;};
- };
-
- Here is saturncorp.com.zone..
-
- $TTL 43200
- @ IN SOA 12.23.213.25 sysop at saturncorp.com. (
- 14 ; serial
- 600 ; refresh, 2 minutes (TEMP VALUE FOR TESTING)
- 60 ; retry (TEMP)
- 3600000 ; expire
- 43200 ; ttl, 12 hours MAX for caching (TEMP)
- )
- @ IN A 12.23.213.10
- IN NS 12.23.213.25
- IN MX 1 saturn3.saturncorp.com.
- saturn3 IN A 12.23.213.3
- saturn4 IN A 12.23.213.3 ; this is not a typo
- ; saturn1 12.23.213.5 ; internal use only
- ; WVC WWW 12.23.213.7
- www IN A 12.23.213.10
- smartsystem IN A 12.23.213.15
- ns IN A 12.23.213.25
- ns2 IN A 12.23.213.26
- webplus2 IN A 12.23.213.42
- webplus3 IN A 12.23.213.43
- ; lpar3 also 12.23.213.61
- lpar3 IN A 12.23.213.63
- lpar4 IN A 12.23.213.64
- lpar1ftp IN A 12.23.213.71
- lpar3ftp IN A 12.23.213.73
- lpar4ftp IN A 12.23.213.74
- ftp3 IN A 12.23.213.98
- ftp2 IN A 12.23.213.99
- lpar1 IN A 12.23.213.100
- ftp IN A 12.23.213.101
- vr IN A 12.23.213.9
-
- If you set the server as your dns server it works fine, and ive checked the domain under whois,
- and the first listed server is ns.saturncorp.com. I just dont get it. If anyone can see
- something im doing wrong, id be most grateful.
-
- Thanks,
-
- Renski
-
More information about the bind-users
mailing list