domain.comX, domain.comXX
Ryan McCain
Ryan.McCain at dss.state.la.us
Tue Aug 21 18:01:12 UTC 2007
Sorry for the late response.
I will respond to everyones questions in this email to save congestion in the list.
-We are using BIND 9.3.2-17.4 on SLES 10 (kernel 2.6.16.21-0.8-bigsmp)
- I am the only one who is touching DNS on secondary server in question. There are Windows admins who could be adding DNS records on the primary server. I can't imagine them creating duplicate zones though.
- Here is a directory listing of the zones on the secondary server. Notice the X and XX zone files..
-rw-r--r-- 1 named named 319 2007-08-21 12:56 0.in-addr.arpa
-rw-r--r-- 1 named named 1535 2007-08-17 11:40 114.10.in-addr.arpa
-rw-r--r-- 1 named named 1535 2007-08-21 12:46 114.10.in-addr.arpaX
-rw-r--r-- 1 named named 2049 2007-08-21 12:48 115.10.in-addr.arpa
-rw-r--r-- 1 named named 941 2007-08-21 12:55 116.10.in-addr.arpa
-rw-r--r-- 1 named named 323 2007-08-21 12:55 117.10.in-addr.arpa
-rw-r--r-- 1 named named 1263 2007-08-21 12:53 118.10.in-addr.arpa
-rw-r--r-- 1 named named 3655 2007-08-21 12:57 119.10.in-addr.arpa
-rw-r--r-- 1 named named 17566 2007-08-21 12:45 120.10.in-addr.arpa
-rw-r--r-- 1 named named 1581 2007-08-21 12:50 121.10.in-addr.arpa
-rw-r--r-- 1 named named 2275 2007-08-21 12:49 122.10.in-addr.arpa
-rw-r--r-- 1 named named 827 2007-08-21 12:57 123.10.in-addr.arpa
-rw-r--r-- 1 named named 3589 2007-08-21 12:48 124.10.in-addr.arpa
-rw-r--r-- 1 named named 1388 2007-08-21 12:54 125.10.in-addr.arpa
-rw-r--r-- 1 named named 2749 2007-08-21 12:56 126.10.in-addr.arpa
-rw-r--r-- 1 named named 369 2007-08-21 12:57 127.in-addr.arpa
-rw-r--r-- 1 named named 431 2007-08-17 11:16 citigroup.net
-rw-r--r-- 1 named named 431 2007-08-17 11:18 citigroup.netX
-rw-r--r-- 1 named named 431 2007-08-21 12:47 citigroup.netXX
-rw-r--r-- 1 named named 42065 2007-08-21 12:22 dss.state.la.us
-rw-r--r-- 1 named named 3568 2007-08-21 12:22 dss.state.la.us.jnl
-rw-r--r-- 1 named named 411 2007-08-17 11:18 ebtadmin.jpmorganchase.com
-rw-r--r-- 1 named named 411 2007-08-21 12:55 ebtadmin.jpmorganchase.comX
-rw-r--r-- 1 named named 418 2007-08-21 12:54 familiesla.com
-rw-r--r-- 1 named named 808 2007-08-21 12:54 familiesla.com.jnl
-rw-r--r-- 1 named named 425 2007-08-17 11:23 fostercare.la.gov
-rw-r--r-- 1 named named 425 2007-08-17 11:37 fostercare.la.govX
-rw-r--r-- 1 named named 425 2007-08-17 11:40 fostercare.la.govXX
-rw-r--r-- 1 named named 425 2007-08-21 12:56 fostercare.la.govXXX
-rw-r--r-- 1 named named 439 2007-08-17 11:28 fostercare.louisiana.gov
-rw-r--r-- 1 named named 439 2007-08-17 11:40 fostercare.louisiana.govX
-rw-r--r-- 1 named named 439 2007-08-21 12:53 fostercare.louisiana.govXX
- Finally, below is my named.conf file....
# Copyright (c) 2001-2004 SuSE Linux AG, Nuernberg, Germany.
# All rights reserved.
#
# Author: Frank Bodammer, Lars Mueller <lmuelle at suse.de>
#
# /etc/named.conf
#
# This is a sample configuration file for the name server BIND 9. It works as
# a caching only name server without modification.
#
# A sample configuration for setting up your own domain can be found in
# /usr/share/doc/packages/bind/sample-config.
#
# A description of all available options can be found in
# /usr/share/doc/packages/bind/misc/options.
options {
# The directory statement defines the name server's working directory
directory "/var/lib/named";
# Write dump and statistics file to the log subdirectory. The
# pathenames are relative to the chroot jail.
dump-file "/var/log/named_dump.db";
statistics-file "/var/log/named.stats";
# The forwarders record contains a list of servers to which queries
# should be forwarded. Enable this line and modify the IP address to
# your provider's name server. Up to three servers may be listed.
#forwarders { 192.0.2.1; 192.0.2.2; };
# Enable the next entry to prefer usage of the name server declared in
# the forwarders section.
#forward first;
# The listen-on record contains a list of local network interfaces to
# listen on. Optionally the port can be specified. Default is to
# listen on all interfaces found on your system. The default port is
# 53.
#listen-on port 53 { 127.0.0.1; };
# The listen-on-v6 record enables or disables listening on IPv6
# interfaces. Allowed values are 'any' and 'none' or a list of
# addresses.
listen-on-v6 { any; };
# The next three statements may be needed if a firewall stands between
# the local server and the internet.
#query-source address * port 53;
#transfer-source * port 53;
#notify-source * port 53;
# The allow-query record contains a list of networks or IP addresses
# to accept and deny queries from. The default is to allow queries
# from all hosts.
#allow-query { 127.0.0.1; };
# If notify is set to yes (default), notify messages are sent to other
# name servers when the the zone data is changed. Instead of setting
# a global 'notify' statement in the 'options' section, a separate
# 'notify' can be added to each zone definition.
notify no;
include "/etc/named.d/forwarders.conf";
};
# To configure named's logging remove the leading '#' characters of the
# following examples.
#logging {
# # Log queries to a file limited to a size of 100 MB.
# channel query_logging {
# file "/var/log/named_querylog"
# versions 3 size 100M;
# print-time yes; // timestamp log entries
# };
# category queries {
# query_logging;
# };
#
# # Or log this kind alternatively to syslog.
# channel syslog_queries {
# syslog user;
# severity info;
# };
# category queries { syslog_queries; };
#
# # Log general name server errors to syslog.
# channel syslog_errors {
# syslog user;
# severity error;
# };
# category default { syslog_errors; };
#
# # Don't log lame server messages.
# category lame-servers { null; };
#};
# The following zone definitions don't need any modification. The first one
# is the definition of the root name servers. The second one defines
# localhost while the third defines the reverse lookup for localhost.
zone "." in {
type hint;
file "root.hint";
};
zone "localhost" in {
type master;
file "localhost.zone";
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "127.0.0.zone";
};
# Include the meta include file generated by createNamedConfInclude. This
# includes all files as configured in NAMED_CONF_INCLUDE_FILES from
# /etc/sysconfig/named
include "/etc/named.conf.include";
###Forward Records
zone "familiesla.com" in {
masters { 172.20.11.237; };
file "slave/familiesla.com";
type slave;
};
logging {
category default { log_syslog; };
channel log_syslog { syslog; };
};
zone "dss.state.la.us" in {
masters { 172.20.11.237; };
file "slave/dss.state.la.us";
type slave;
};
zone "citigroup.net" in {
masters { 172.20.11.237; };
file "slave/citigroup.netXX";
type slave;
};
zone "ebtadmin.jpmorganchase.com" in {
masters { 172.20.11.237; };
file "slave/ebtadmin.jpmorganchase.comX";
type slave;
};
zone "fostercare.la.gov" in {
masters { 172.20.11.237; };
file "slave/fostercare.la.govXXX";
type slave;
};
zone "fostercare.louisiana.gov" in {
masters { 172.20.11.237; };
file "slave/fostercare.louisiana.govXX";
type slave;
};
###Reverse Records
zone "114.10.in-addr.arpa" in {
masters { 172.20.11.237; };
file "slave/114.10.in-addr.arpaX";
type slave;
};
zone "115.10.in-addr.arpa" in {
masters { 172.20.11.237; };
file "slave/115.10.in-addr.arpa";
type slave;
};
zone "116.10.in-addr.arpa" in {
masters { 172.20.11.237; };
file "slave/116.10.in-addr.arpa";
type slave;
};
zone "117.10.in-addr.arpa" in {
masters { 172.20.11.237; };
file "slave/117.10.in-addr.arpa";
type slave;
};
zone "118.10.in-addr.arpa" in {
masters { 172.20.11.237; };
file "slave/118.10.in-addr.arpa";
type slave;
};
zone "119.10.in-addr.arpa" in {
masters { 172.20.11.237; };
file "slave/119.10.in-addr.arpa";
type slave;
};
zone "120.10.in-addr.arpa" in {
masters { 172.20.11.237; };
file "slave/120.10.in-addr.arpa";
type slave;
};
zone "121.10.in-addr.arpa" in {
masters { 172.20.11.237; };
file "slave/121.10.in-addr.arpa";
type slave;
};
zone "122.10.in-addr.arpa" in {
masters { 172.20.11.237; };
file "slave/122.10.in-addr.arpa";
type slave;
};
zone "123.10.in-addr.arpa" in {
masters { 172.20.11.237; };
file "slave/123.10.in-addr.arpa";
type slave;
};
zone "124.10.in-addr.arpa" in {
masters { 172.20.11.237; };
file "slave/124.10.in-addr.arpa";
type slave;
};
zone "125.10.in-addr.arpa" in {
masters { 172.20.11.237; };
file "slave/125.10.in-addr.arpa";
type slave;
};
zone "126.10.in-addr.arpa" in {
masters { 172.20.11.237; };
file "slave/126.10.in-addr.arpa";
type slave;
};
zone "127.in-addr.arpa" in {
masters { 172.20.11.237; };
file "slave/127.in-addr.arpa";
type slave;
};
zone "0.in-addr.arpa" in {
masters { 172.20.11.237; };
file "slave/0.in-addr.arpa";
type slave;
};
zone "1.168.in-addr.arpa" in {
masters { 172.20.11.237; };
file "slave/1.168.in-addr.arpa";
type slave;
};
>>> On Fri, Aug 17, 2007 at 6:30 PM, in message
<DE3D6118-4D2E-49A4-9124-0614390C57FB at swcp.com>, Bill Larson <wllarso at swcp.com>
wrote:
> On Aug 17, 2007, at 5:02 PM, Kevin Darcy wrote:
>
>> Ryan McCain wrote:
>>> I noticed a few of the zones I pull down have the main zone file,
>>> domain.com, then a few others, domain.comX, domain.comXX, etc.
>>> Can someone explain what is going on here or forward me to the
>>> appropriate link to read about this.
>>>
>>> I googled for "bind comXX" and nothing came up.
>
> I'd take a guess that someone created some additional zones, possibly
> for internal use or maybe testing.
>
> Ryan, why not post your named.conf file? This isn't anything
> standard, so you are making us do some heavy duty crystal ball gazing
> while trying to help you out.
>
> Bill Larson
>
>> Hmmm... What version of BIND is this? My initial thought was that
>> these
>> were temporary zone files of some sort, but BIND 9 uses the
>> "tmp-XXXXXXXXXX" template for its temp files (see the #define TEMPLATE
>> in lib/isc/unix/file.c), and I've verified this with truss on a
>> Solaris box:
>>
>> /2: open("tmp-QJkiFMUAqe", O_RDWR|O_CREAT|O_EXCL, 0666) = 9
>>
>> I suppose an older version of BIND (8 or 4) might have formed temp
>> names
>> by just appending Xs to the the zone name, but I don't specifically
>> remember that convention.
>>
>> Are you sure the "XX" filenames aren't defined anywhere in your
>> named.conf?
>>
>> - Kevin
>>
>>
>>
More information about the bind-users
mailing list