Need some help with a BIND/network setup
Kevin Darcy
kcd at daimlerchrysler.com
Wed Mar 10 21:37:48 UTC 2004
Jason wrote:
>Hello everyone.
>
>I'm having a little trouble with a sendmail and DNS setup. I was hoping
>to get some help here.
>
>Currently, I setup a sendmail server on our company network that is
>strictly going to act as our outgoing mail server for our users. The box
>is FreeBSD 4.9, running Sendmail 8.12.9 (patched). In addition to this
>box running sendmail, I also setup BIND 9, with the intentions of
>setting up private name server for our company, so users can access our
>web servers via hostname, instead of IP address. I also wanted to setup
>the BIND server to act as a caching name server for our LAN as well.
>
>With that in mind, let me also add the following:
>
>Currently, our ISP has control of our domain name. We have the option of
>using our ISP's DNS servers as well as their SMTP server. We are
>gradually going away from this.
>
>I setup BIND9, and added a private zone for our company:
>internal.mydomain.com. (mydomain is not our real domain)
>
>Here is what it contains:
>
>$TTL 86400
>@ IN SOA mail.internal.mydomain.com.
>root.mail.internal.mydomain.com. (
> 2004030300 ; serial
> 8H ; refresh
> 2H ; retry
> 1W ; expire
> 1D ) ; minimum
>
>@ IN NS mail.internal.mydomain.com.
>
>localhost IN A 127.0.0.1
>mail IN A 192.168.1.165
>loanblade IN A 192.168.1.207
>
>;
>;aliases
>;
>rack2 IN A 192.168.1.207
>
>mail.internal.mydomain.com is the server acting as the BIND server as
>well as the SMTP server for our users.
>
>However, the problem im having is that I think I setup this up
>incorrectly, as I think the server is trying to act as the authoratitive
>for mydomain, which is not what I wanted. I wanted to setup a private
>DNS server, internal.mydomain.com and also use the server as caching
>server for my clients.
>
>Here is what happens when I do a dig mx mydomain.com
>
>mail# dig mx mydomain.com
>
>; <<>> DiG 9.2.3 <<>> mx mydomain.com
>;; global options: printcmd
>;; Got answer:
>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60909
>;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 4
>
>;; QUESTION SECTION:
>;mydomain.com. IN MX
>
>;; ANSWER SECTION:
>mydomain.com. 31669 IN MX 10 www.mydomain.com.
>
>;; AUTHORITY SECTION:
>mydomain.com. 13138 IN NS ns3.aspadmin.com.
>mydomain.com. 13138 IN NS ns1.aspadmin.com.
>mydomain.com. 13138 IN NS ns2.aspadmin.com.
>
>;; ADDITIONAL SECTION:
>www.mydomain.com. 31523 IN A 209.126.xxx.xxx
>ns1.aspadmin.com. 25270 IN A 216.98.xxx.xxx
>ns2.aspadmin.com. 25270 IN A 216.98.xxx.xxx
>ns3.aspadmin.com. 25270 IN A 216.98.xxx.xxx
>
>;; Query time: 1 msec
>;; SERVER: 192.168.1.165#53(192.168.1.165)
>;; WHEN: Tue Mar 9 13:39:54 2004
>;; MSG SIZE rcvd: 185
>
>So you can see, my ISP is authoratative for mydomain.com.
>
>However, the way it appears to be acting, my BIND server is trying to
>act as the authoratative one.
>
No, I don't see that at all. You asked for the mydomain.com MX record,
that's what you got, and the AA bit is not set, so it's not an
authoritative response.
But what does any of this have to do with the internal.mydomain.com
zone? Why aren't you querying that?
>Also, one thing I noticed is that if I type 'hostname' on the machine,
>it is missing the internal part. :( Instead, it just has,
>mail.mydomain.com and im sure that has to be a problem.
>
The "hostname" command on most if not all systems, has no relationship
whatsoever to DNS.
>I'm a little confused and not sure how to correct this problem. I'm
>hoping someone can help me out here and tell me what I did wrong.
>
Try to concentrate on the internal.mydomain.com zone, which is the one
you claim you're having the problem with. Have you even tried to query
the MX for internal.mydomain.com? Seems like you're getting your domain
levels mixed up between mydomain.com and internal.mydomain.com.
- Kevin
More information about the bind-users
mailing list