primary lame server

SilentRage bind-users at dollardns.net
Wed Oct 27 13:28:19 UTC 2004 

testy is acting as a resolver.  It returns IP address information found at your other 2 servers.  But the responses are non-authoritative, which makes it lame when used as a host for your domain.  You need to add a master zone block for the domain in named.conf and a zone file to point it to.  Then reload the dns server.

Dave

--- Reply to: rioguia at speakeasy.net ---
> 
> I have a lame primary name server testy.substantis.com.  
> My files appear to be formatted correctly (my /etc/host and
> resolve.conf =
> are shown below) because named-checkconf returns a zero status.  I
> also a=
> ttempted to use DNSWalk but can't find any documentation on how to use
> it=
>  (sample command lines would be appreciated.
> 
> I do see in the the following errors in the logs
> rndc: connect failed: connection refused
> 
> Oct 27 00:55:48 testy kernel: process `nslookup' is using obsolete
> setsoc=
> kopt SO_BSDCOMPAT
> Oct 27 04:55:48 testy named[3907]: lame server resolving
> 'substantis.com'=
>  (in 'substantis.com'?): 69.17.65.22#53
> Oct 27 01:00:20 testy kernel: process `dig' is using obsolete
> setsockopt =
> SO_BSDCOMPAT 
> 
> Distribution: Fedora Core 2
> Bind Version: 9.2.4 (installed bind-src.tar.gz)
> Special Circumstances:  
> I am using the instructions for a chrooted dns
> from trinity-os found at
> http://www.ecst.csuchico.edu/~dranch/LINUX/Trini=
> tyOS/cHTML/TrinityOS-c-24.html
> 
> issue: 1 
> primary server testy.substantis.com answers nonauthoritatively (lame
> serv=
> er) when it has a known good secondary at ns1.speakeasy.net
> 
> tests applied /results obtained:
> [root at testy named]#
> ; <<>> DiG 2.1 <<>> @testy.substantis.com substantis.com A
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10
> ;; flags: qr rd ra; Ques: 1, Ans: 1, Auth: 3, Addit: 3
> ;; QUESTIONS:
> ;; substantis.com, type =3D A, class =3D IN
> ;; ANSWERS:
> substantis.com. =099880 =09A =0969.17.65.22
> 
> 
> issue: 2
> primary server testy.substantis.com fails completely when it has no
> secon=
> dary (secondary taken down for testing purposes)
> 
> tests applied /results obtained:
> [root at testy named]# dig familynetpix.com
>  
> ; <<>> DiG 2.1 <<>> @testy.substantis.com familynetpix.com A
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 10
> ;; flags: qr rd ra; Ques: 1, Ans: 0, Auth: 0, Addit: 0
> ;; QUESTIONS:
> ;; familynetpix.com, type =3D A, class =3D IN
> ;; Total query time: 30115 msec
> 
> issue: 3
> primary server testy.substantis.com provides nonauthoritative answer
> for =
> its own host name.
> 
> tests applied / results obtained
> [root at testy named]# nslookup testy.substantis.com
> Server:         127.0.0.1
> Address:        127.0.0.1#53
>  
> Non-authoritative answer:
> Name:   testy.substantis.com
> Address: 69.17.65.22
> 
> /ETC/RESOLV.CONF
> [root at testy named]# cat /etc/resolv.conf
> search substantis.com
> nameserver 127.0.0.1
>  
> # nameserver 66.92.159.2
> # nameserver 216.231.41.2
> [root at testy named]#
> 
> /ETC/HOSTS
> [root at testy named]# cat /etc/hosts
> # Do not remove the following line, or various programs
> # that require network functionality will fail.
> 127.0.0.1     testy.substantis.com     testy     localhost
> [root at testy named]#

More information about the bind-users mailing list